Managing the Trace Rules
The trace_ids.sh script fetches the real-time and historical traces. This script resides in /usr/local/bin/ of the Tracing Pod that you have configured.
See Configuring the Trace Microservice Pod for procedure to set up a Pod.
The Execute the trace_ids.sh script with -h arguments produces a help text describing the capabilities of the script.
The trace_ids.sh script starts a selective trace and outputs it to a standard out.
-
To specify the audit ID tracing, use the following configuration:
kubectl -n pcf exec -it traceid-pcf-pcf-engine-app-pcf-75b6dc6c4-hc7qc
-- trace_ids.sh -i specific id
-
To remove trace for specific audit ID, use the following configuration:
kubectl -n pcf exec -it traceid-pcf-pcf-engine-app-pcf-75b6dc6c4-hc7qc
-- trace_ids.sh -r specific id
-
To remove trace for all IDs, use the following configuration:
kubectl -n pcf exec -it traceid-pcf-pcf-engine-app-pcf-75b6dc6c4-hc7qc -- trace_ids.sh -x
-
To list all the IDs under trace, use the following configuration:
kubectl -n pcf exec -it traceid-pcf-pcf-engine-app-pcf-75b6dc6c4-hc7qc -- trace_ids.sh -l
Adding a specific audit ID for tracing requires running the command with the -i argument and passing in a specific ID. The Policy Server matches the incoming session with the ID provided and compares this against the following network session attributes:
-
Credential ID
-
Framed IPv6 Prefix
-
IMSI
-
MAC Address
-
MSISDN
-
User ID
If an exact match is found, then the transactions are traced.
NoteSpaces and special characters are not supported in the audit IDs.-
Removing a specific audit ID from active tracing requires specifying the -r argument with ID to remove.
-
Removing all IDs requires sending in the -x argument. This step purges all the IDs from the database.
-
Listing all IDs requires sending in the -l argument.
Example output:kubectl -n pcf exec -it traceid-pcf-pcf-engine-app-pcf-75b6dc6c4-hc7qc -- trace_ids.sh
-s mongo-admin-0 -p 27017 -t admin -d policy_trace -i 2001
Run the trace_ids.sh with -h arguments produces a help text describing the capabilities of the script as follows:kubectl -n pcf exec -it traceid-pcf-pcf-engine-app-pcf-75b6dc6c4-hc7qc -- trace_ids.sh -h /usr/local/bin/trace_ids.sh: option requires an argument -- h usage: /usr/local/bin/trace_ids.sh -i specific id /usr/local/bin/trace_ids.sh -r specific id /usr/local/bin/trace_ids.sh -x /usr/local/bin/trace_ids.sh -l /usr/local/bin/trace_ids.sh -s mongo service name /usr/local/bin/trace_ids.sh -p mongo service port /usr/local/bin/trace_ids.sh -t mongo replica set /usr/local/bin/trace_ids.sh -d mongo database name This script starts a selectve trace and outputs it to standard out. 1. Add Specific Audit Id Tracing /usr/local/bin/trace_ids.sh -i specific id 2. Remove Trace for Specific Audit Id /usr/local/bin/trace_ids.sh -r specific id 3. Remove Trace for All Ids /usr/local/bin/trace_ids.sh -x 4. List All Ids under Trace /usr/local/bin/trace_ids.sh -l 5. K8 mongo service name -s (default: mongo-admin-0) 6. Mongo port -p (default: 27017) 7. Replica set name -t (default: admin ) 8. Trace database name -d (default: policy_trace) 9. /usr/local/bin/trace_ids.sh -h displays this help
-