You set up traceoptions for the specific service you are interested in:
So for example - "screen"
root@ITG_SRX_254# edit security screen
[edit security screen]
root@ITG_SRX_254# set traceoptions file <filename>
root@ITG_SRX_254# set traceoptions flag <flag values>
[edit security screen]
root@ITG_SRX_254# show traceoptions
file trace-screen;
flag configuration;
For IDP simply move to the IDP stanza
[edit security idp]
root@ITG_SRX_254# edit security idp
same commands will work there