How to debug rules created with Rules Engine

Debug Rules allows you to check whether rules or rule sets created using the Rules Engine module for Edge Application and Edge Firewall have been successfully executed in your application.

Learn more about Rules Engine

You can debug rules using the GraphQL API, Azion Data Streaming, and Azion Real-Time Events.

Enabling Debug Rules

Section titled Enabling Debug Rules

To debug your rules or rule sets, you must first activate the Debug Rules feature on Azion Real-Time Manager (RTM). To enable Debug Rules for Edge Application:

  1. Access RTM.
  2. Go to Products menu > Edge Application.
  3. Select an existing edge application to activate debug.
  4. On the Main Settings tab, enable the Debug Rules option.
  5. Click the Save button.

To enable Debug Rules for Edge Firewall:

  1. Access RTM.
  2. Go to Products menu > Edge Firewall.
  3. Select the rule set you want to configure.
  4. On the Main Settings tab, enable the Debug Rules option.
  5. Click the Save button.

Debugging rules with the GraphQL API

Section titled Debugging rules with the GraphQL API

See the GraphQL API documentation for more information.

To query the available rules data in the GraphQL API, follow the steps described on How to query GraphQL requests on Postman using the https://api.azionapi.net/events/graphql URL.

Then, on Postman’s GraphQL request code box, add the following HTTP Query, modifying the tsRange to fit the time interval you want:

query HttpQuery {
  httpEvents(
    limit: 10,
    filter: {
      tsRange: {begin:"2023-02-14T10:10:10", end:"2023-02-15T10:10:10"}
    }
    orderBy: [ts_ASC]
  )
  {
    ts
    remoteAddress
    requestUri
    stacktrace
  }
}

The example above shows a query for rule data using the HTTP Events dataset. The limit field filters the last 10 entries within the tsRange field. The presented data is ordered through the ts (timestamp) field.

The query above should return:

  • ts: the time range for when each request was initiated.
  • remoteAddress: the IP of the client that made the request to the application.
  • requestUri: the type of HTTP request and URI.
  • stacktrace: executed rules and rule sets.

Send your request. You’ll receive a response similar to this:

{
  "data": {
    "httpEvents": [
      {
        "ts": "2023-02-15T17:52:16Z",
        "remoteAddress": "00.00.000.00",
        "requestUri": "/get",
        "stacktrace": "{\\\"edge_application_response\\\":[\\\"Add Azion Cookie\\\"],\\\"edge_firewall\\\":[\\\"Set WAF\\\",\\\"Rate-Limit Root\\\"],\\\"edge_application_request\\\":[\\\"Default Rule\\\",\\\"Test Send Cert to Origin 1\\\",\\\"Test Send Cert to Origin 2\\\"]}"
      }
    ]
  }
}

In this example, the GraphQL API has returned all active request and response phase rules created for Edge Application, as well as an active Edge Firewall rule set.

For more information on the GraphQL API, visit the datasets documentation page.

Debugging rules using Data Streaming

Section titled Debugging rules using Data Streaming

See the Data Streaming documentation for more information on how to set it up.

To debug rules via Data Streaming, follow these steps:

  1. Access RTM.

  2. Select Products menu > Data Streaming.

  3. Click Add Streaming.

  4. Choose a name for your data streaming.

  5. On the Data Source dropdown menu, select Edge Applications.

  6. On the Template dropdown menu, select Custom Template.

  7. On the Data Set code box, add the following variables:

    {
        "time": "$time",
        "traceback": "$traceback"
    }

  8. On Options, select between Filter Domains or All Domains. See more about each option on How to associate domains on Data Streaming.

  9. On the Destination section, select an Endpoint Type on the dropdown menu.

    You’ll see different fields depending on the endpoint type you choose. Find more information on each of them on the Setting an endpoint page.

  10. Make sure the Active switch is turned on.

  11. Click the Save button.

To make sure your logs are being sent to your endpoint through the configured data streaming, you can use Real-Time Events to query detailed analysis.

To see all your created data streamings, go to the Data Streaming page on RTM and select one from the list. Feel free to create multiple ones.

Variables definition

Section titled Variables definition
VariableDefinition
$timeRequest date and time. Example: Oct. 31st, 2022 - 19:30:41
$tracebackProvides the names of the rules created using Rules Engine for Edge Application and Edge Firewall that are run by the request.

Debugging rules using Real-Time Events

Section titled Debugging rules using Real-Time Events

See the Real-Time Events documentation for more information on how to configure a data streaming endpoint.

To access Real-Time Events, follow these steps:

  1. Access RTM.
  2. On the upper-left corner, select Products menu > Real-Time Events.
  3. On Data Source, select Edge Applications.
  4. Modify the desired time range and add filters if needed.
  5. Click the Search button.
  6. Select the log body you want to inspect.
  7. Look for the traceback field.

The traceback field should contain the type of rule executed and the behavior triggered within the selected time range. For instance:

{\"edge_application_response\":[\"Add Azion Cookie\"],\"edge_firewall\":[\"Set WAF\",\"Rate-Limit Root\"],\"edge_application_request\":[\"Default Rule\",\"Test Send Cert to Origin 1\",\"Test Send Cert to Origin 2\"]}

In this example, the traceback field contains all active request and response phase rules created for Edge Application, as well as an active Edge Firewall rule set.

Contributors