How to debug rules created with Rules Engine

Debug Rules allows you to check whether rules or rule sets created using the Rules Engine module for Edge Application and Edge Firewall have been successfully executed in your application.

You can debug rules using the GraphQL API, Azion Data Stream, and Azion Real-Time Events.

Learn more about Rules Engine

Enabling Debug Rules

To debug your rules or rule sets, you must first activate the Debug Rules feature on Azion’s interface.

To enable Debug Rules for Edge Application:

  1. Access Console.
  2. Go to Products menu > Edge Application.
  3. Select an existing edge application to activate debug.
  4. On the Main Settings tab, enable the Debug Rules option.
  5. Click the Save button.

To enable Debug Rules for Edge Firewall:

  1. Access Console.
  2. Go to Products menu > Edge Firewall.
  3. Select the edge firewall you want to configure.
  4. On the Main Settings tab, enable the Debug Rules option.
  5. Click the Save button.

Debugging rules with the GraphQL API

To query the available rules data in the GraphQL API, follow the steps described on How to query GraphQL requests on Postman using the https://api.azionapi.net/events/graphql URL.

Then, on Postman’s GraphQL request code box, add the following HTTP Query, modifying the tsRange to fit the time interval you want:

query HttpQuery {
httpEvents(
limit: 10,
filter: {
tsRange: {begin:"2023-02-14T10:10:10", end:"2023-02-15T10:10:10"}
}
orderBy: [ts_ASC]
)
{
ts
remoteAddress
requestUri
stacktrace
}
}

The example above shows a query for rule data using the HTTP Events dataset. The limit field filters the last 10 entries within the tsRange field. The presented data is ordered through the ts (timestamp) field.

The query above should return:

  • ts: the time range for when each request was initiated.
  • remoteAddress: the IP of the client that made the request to the application.
  • requestUri: the type of HTTP request and URI.
  • stacktrace: executed rules and rule sets.

Send your request. You’ll receive a response similar to this:

{
"data": {
"httpEvents": [
{
"ts": "2023-02-15T17:52:16Z",
"remoteAddress": "00.00.000.00",
"requestUri": "/get",
"stacktrace": "{\\\"edge_application_response\\\":[\\\"Add Azion Cookie\\\"],\\\"edge_firewall\\\":[\\\"Set WAF\\\",\\\"Rate-Limit Root\\\"],\\\"edge_application_request\\\":[\\\"Default Rule\\\",\\\"Test Send Cert to Origin 1\\\",\\\"Test Send Cert to Origin 2\\\"]}"
}
]
}
}

In this example, the GraphQL API has returned all active request and response phase rules created for Edge Application, as well as an active Edge Firewall rule set.

For more information on the GraphQL API, visit the datasets documentation page.


Debugging rules using Data Stream

To debug rules via Data Stream, follow these steps:

  1. Access Console.

  2. Select Products menu > Data Stream.

  3. Click + Stream.

  4. Choose a name for your stream.

  5. On the Source dropdown menu, select Edge Applications.

  6. On the Template dropdown menu, select Custom Template.

  7. On the Data Set code box, add the following variables:

    { "time": "$time", "traceback": "$traceback"
    }
    
  8. On Domains, select between Filter Domains or All Current and Future Domains. See more about each option on How to associate domains on Data Stream.

  9. On the Destination section, select an Connector on the dropdown menu.

  • You’ll see different fields depending on the endpoint type you choose. Find more information on each of them on the Setting an endpoint page.
  1. Make sure the Status switch is active.
  2. Click the Save button.

To make sure your logs are being sent to your endpoint through the configured stream, you can use Real-Time Events to query detailed analysis.

To see all your created stream, go to the Data Stream page on Azion Console and select one from the list. Feel free to create multiple ones.

Variables definition

VariableDefinition
$timeRequest date and time. Example: Oct. 31st, 2022 - 19:30:41
$tracebackProvides the names of the rules created using Rules Engine for Edge Application and Edge Firewall that are run by the request.

Debugging rules using Real-Time Events

To access Real-Time Events, follow these steps:

  1. Access Console.
  2. On the upper-left corner, select Products menu > Real-Time Events.
  3. Select the HTTP Requests tab.
  4. Modify the desired time range and add filters if needed.
  5. Click the Search button.
  6. Select the log body you want to inspect.
  7. Look for the traceback field.

The traceback field should contain the type of rule executed and the behavior triggered within the selected time range. For instance:

{\"edge_application_response\":[\"Add Azion Cookie\"],\"edge_firewall\":[\"Set WAF\",\"Rate-Limit Root\"],\"edge_application_request\":[\"Default Rule\",\"Test Send Cert to Origin 1\",\"Test Send Cert to Origin 2\"]}

In this example, the traceback field contains all active request and response phase rules created for Edge Application, as well as an active Edge Firewall rule set.


Contributors