Managing the Trace Rules

The trace_ids.sh script fetches the real-time and historical traces. This script resides in /usr/local/bin/ of the Tracing Pod that you have configured.

See Configuring the Trace Microservice Pod for procedure to set up a Pod.

The Execute the trace_ids.sh script with -h arguments produces a help text describing the capabilities of the script.

The trace_ids.sh script starts a selective trace and outputs it to a standard out.

  1. To specify the audit ID tracing, use the following configuration:

    kubectl -n pcf exec -it traceid-pcf-pcf-engine-app-pcf-75b6dc6c4-hc7qc 
    -- trace_ids.sh -i specific id 
  2. To remove trace for specific audit ID, use the following configuration:

    kubectl -n pcf exec -it traceid-pcf-pcf-engine-app-pcf-75b6dc6c4-hc7qc  
    -- trace_ids.sh -r specific id  
  3. To remove trace for all IDs, use the following configuration:

    kubectl -n pcf exec -it traceid-pcf-pcf-engine-app-pcf-75b6dc6c4-hc7qc -- trace_ids.sh -x 
  4. To list all the IDs under trace, use the following configuration:

    kubectl -n pcf exec -it traceid-pcf-pcf-engine-app-pcf-75b6dc6c4-hc7qc -- trace_ids.sh -l 

    Adding a specific audit ID for tracing requires running the command with the -i argument and passing in a specific ID. The Policy Server matches the incoming session with the ID provided and compares this against the following network session attributes:

    • Credential ID

    • Framed IPv6 Prefix

    • IMSI

    • MAC Address

    • MSISDN

    • User ID

    If an exact match is found, then the transactions are traced.

    Note
    Spaces and special characters are not supported in the audit IDs.
    • Removing a specific audit ID from active tracing requires specifying the -r argument with ID to remove.

    • Removing all IDs requires sending in the -x argument. This step purges all the IDs from the database.

    • Listing all IDs requires sending in the -l argument.

    Example output:
    kubectl -n pcf exec -it traceid-pcf-pcf-engine-app-pcf-75b6dc6c4-hc7qc -- trace_ids.sh  
    -s mongo-admin-0 -p 27017 -t admin -d policy_trace -i 2001 
    Run the trace_ids.sh with -h arguments produces a help text describing the capabilities of the script as follows:
    kubectl -n pcf exec -it traceid-pcf-pcf-engine-app-pcf-75b6dc6c4-hc7qc -- trace_ids.sh -h
    /usr/local/bin/trace_ids.sh: option requires an argument -- h 
    usage: 
    /usr/local/bin/trace_ids.sh -i specific id 
        /usr/local/bin/trace_ids.sh -r specific id 
        /usr/local/bin/trace_ids.sh -x 
        /usr/local/bin/trace_ids.sh -l 
        /usr/local/bin/trace_ids.sh -s mongo service name 
        /usr/local/bin/trace_ids.sh -p mongo service port 
        /usr/local/bin/trace_ids.sh -t mongo replica set 
        /usr/local/bin/trace_ids.sh -d mongo database name 
    
    This script starts a selectve trace and outputs it to standard out. 
    1. Add Specific Audit Id Tracing  /usr/local/bin/trace_ids.sh -i specific id 
    2. Remove Trace for Specific Audit Id  /usr/local/bin/trace_ids.sh -r specific id 
    3. Remove Trace for All Ids /usr/local/bin/trace_ids.sh -x 
    4. List All Ids under Trace /usr/local/bin/trace_ids.sh -l 
    5. K8 mongo service name -s (default: mongo-admin-0) 
    6. Mongo port -p (default: 27017) 
    7. Replica set name -t (default: admin )
    8. Trace database name -d (default: policy_trace) 
    9. /usr/local/bin/trace_ids.sh -h displays this help