Tracing examples

The following examples illustrate the functioning of some trace groups. Each trace line is built in the following way with the default configuration:

<date> <nevisproxy_version> <trace_group> <process_id>.<thread_id>.<transaction_id> <trace_level>: <trace_msg>

Example of NavajoOp tracing

In the following example, the constructed filter chain and the invoked servlet are traced by the trace group NavajoOp with trace level INFO. This is realized with the following trace line:

2024 11 19 16:32:23.849 8.2505.0.0 NavajoOp   22037.139733629540096.2006d991bc853619bdd6b1cad7a82dc8.198f0ba83ebe5cf0 6-INFO :    <<<<< 'GET /test/session/?session-type=default' invS='/(DelegationFilter) / (ErrorFilter) /test/ (RewriteFilter), /test/ (TestRewriteFilter) / (RootRewriteFilter) / (HeaderDelegationFilter)>TestServlet' sC='200' bS='836' dTF='15' dTFrs='1' rmIP='192.168.5.175' Event='SC01' clID='S5cde8370c5d1dIrJr+ZyXwK6JSukZosY1Syz61YqY3bIO0i8y+f20wI=' trID='2006d991bc853619bdd6b1cad7a82dc8.198f0ba83ebe5cf0' (cR=1)

The next table explains the abbreviations used in the previous NavajoOP tracing example:

Abbreviation	Description	Example
<<<< '<HTTP_method> <URI>'	Request line from the frontend	<<<<< 'GET /test/session/?session-type=default'
invS	The filter chain with the invoked servlet.	invS='/ DelegationFilter) / (ErrorFilter) /test/ (RewriteFilter) >TestServlet'
sC	Returned status code.	sC='200'
bS	Number of the bytes sent.	bS='836'
dTF	Total time needed to process the frontend call.	dTF='15'
dTFrs	The time needed to read and write the data from/to the frontend.	dTFrs='1'
rmIP	IP address of the client.	rmIP='192.168.5.175'
Event	List of events	Event='SC01'
clID	HttpSession ID (if it was accessed).	clID='S5cde8370c5d1dIrJr+ZyXwK6JSukZosY1Syz61YqY3bIO0i8y+f20wI='
trID	Transaction ID	trID='2006d991bc853619bdd6b1cad7a82dc8.198f0ba83ebe5cf0'
cR	Number of concurrent requests within nevisProxy	(cR=1)
parsedRequestUri	Value of the parsed request URI without the query. This value is only added if it differs from the unparsed request URI.
dTP	Total time spent in nevisProxy. Calculated by subtracting the time spent on frontend (dTFrs) and backend (dTB) from the total time (dTF).	dTP='12'

You can log more information by further increasing the log level of the NavajoOp trace group. For example, log level "7" will also log the invoked filters and servlets, together with the corresponding processing time. The maximum log level will also log the incoming and outgoing HTTP headers of the request and the response, as you can see in the following tracing sample:

2024 11 19 16:44:58.125 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 7-DBG_LO:  >>>>> 'GET /htt/<NULL>' rmIP='127.0.0.1' trID='d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410'
2024 11 19 16:44:58.125 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 9-DBG_HI:  >>> Upgrade-Insecure-Requests: 1
2024 11 19 16:44:58.125 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 9-DBG_HI:  >>> Sec-Fetch-Site: none
2024 11 19 16:44:58.125 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 9-DBG_HI:  >>> User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0
2024 11 19 16:44:58.125 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 9-DBG_HI:  >>> Accept-Language: en-US,en;q=0.5
2024 11 19 16:44:58.125 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 9-DBG_HI:  >>> Sec-Fetch-Mode: navigate
2024 11 19 16:44:58.125 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 9-DBG_HI:  >>> Sec-Fetch-Dest: document
2024 11 19 16:44:58.125 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 9-DBG_HI:  >>> traceparent: 00-d108a5b87874779b9b9d182b7e3f7627-cc65233656c9e410-00
2024 11 19 16:44:58.125 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 9-DBG_HI:  >>> Accept-Encoding: gzip, deflate, br, zstd
2024 11 19 16:44:58.125 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 9-DBG_HI:  >>> Connection: keep-alive
2024 11 19 16:44:58.125 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 9-DBG_HI:  >>> Host: localhost
2024 11 19 16:44:58.125 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 9-DBG_HI:  >>> Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/png,image/svg+xml,*/*;q=0.8
2024 11 19 16:44:58.125 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 9-DBG_HI:  >>> Priority: u=0, i
2024 11 19 16:44:58.125 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 9-DBG_HI:  >>> Sec-Fetch-User: ?1
2024 11 19 16:44:58.125 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 8-DBG_ME:  >>>>>>>>>>>>>>>>>> (filter 'ErrorFilter')
2024 11 19 16:44:58.125 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 8-DBG_ME:  >>>>>>>>>>>>>>>>>> (filter 'CookieBasedSessionManagementFilter')
2024 11 19 16:44:58.125 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 8-DBG_ME:  >>>>>>>>>>>>>>>>>> (filter 'Forwarded-For')
2024 11 19 16:44:58.126 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 8-DBG_ME:  >>>>>>>>>>>>>>>>>> (servlet 'HTTBackend')
2024 11 19 16:44:58.127 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 7-DBG_LO:  <<<<<<<<<<<<<<<<< (remoteIP '127.0.0.1' servlet 'HTTBackend' dT='1')
2024 11 19 16:44:58.127 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 7-DBG_LO:  <<<<<<<<<<<<<<<<< (remoteIP '127.0.0.1' filter 'Forwarded-For' dT='2')
2024 11 19 16:44:58.127 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 7-DBG_LO:  <<<<<<<<<<<<<<<<< (remoteIP '127.0.0.1' filter 'CookieBasedSessionManagementFilter' dT='2')
2024 11 19 16:44:58.128 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 7-DBG_LO:  <<<<<<<<<<<<<<<<< (remoteIP '127.0.0.1' filter 'ErrorFilter' dT='3')

2024 11 19 16:44:58.128 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 6-INFO  :  <<<<< 'GET /htt/' invS='/* (ErrorFilter) /* (CookieBasedSessionManagementFilter) /* (Forwarded-For) >HTTBackend' sC='200' bS='218' dTF='4' dTFrs='0' rmIP='127.0.0.1' Event='SC01' clID='05faa8c03700AcCDXgJUpWcFHfhH9nIFSgWL4ApaNptDJyJYM6GIeQAB0X' trID='d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410' (cR=1)' dTP='3'
2024 11 19 16:44:58.128 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 9-DBG_HI:  <<< Set-Cookie: NPSession=0608a8c03700pjBlwRGlNj0jlGcB6WDQLYnUyktubMIhzx2jMerWwlAQYg; Path=/; Secure; HttpOnly
2024 11 19 16:44:58.128 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 9-DBG_HI:  <<< Content-Length: 218
2024 11 19 16:44:58.128 8.2505.0.0 NavajoOp   67080.139738663999040.d108a5b87874779b9b9d182b7e3f7627.cc65233656c9e410 9-DBG_HI:  <<< Content-Type: text/html

Example of IsiwebOp tracing

The IsiwebOp trace group is used for troubleshooting content providers. Response line from the content provider:

2024 11 19 16:47:47.744 8.2505.0.0 IsiwebOp   67837.139637645129280.2b9b7099fbdfffb5b0e594b0e9ab64fc.ea816af8da411fb0 6-INFO  :  <==== 'GET /htt/ HTTP/1.1' invS='HTTBackend' inetA='localhost:8080 (127.0.0.1)' trId='2b9b7099fbdfffb5b0e594b0e9ab64fc.ea816af8da411fb0' sC='200' dTB='1' dTcB='0' dTsB='0' dTr1B='1' dTr2B='0' usrID='<NULL>'

The next table explains the abbreviations used in the previous IsiwebOP tracing example:

Abbreviation	Description	Example
<==== '<HTTP method> <URI> <Protocol>'	The request line from the frontend.	<==== 'GET /htt/ HTTP/1.1'
invS	The name of the invoked servlet.	invS='HTTBackend'
inetA	The inet address of the content provider (important in case of load balancing).	inetA='localhost:8080 (127.0.0.1)'
trID	Transaction ID.	trId='2b9b7099fbdfffb5b0e594b0e9ab64fc.ea816af8da411fb0'
sC	Returned status code.	sC='200'
dTB	Total time needed to process the backend call (including establishing the connection, sending the request, and reading the response).	dTB='103'
dTcB	The time needed to establish the connection (incl. TLS handshake).	dTcB='0'
dTsB	The time needed to send the request to the backend (HTTP header and optional body) in milliseconds.	dTsB='1'
dTr1B	The time needed to read the HTTP headers of the response from the backend.	dTr1B='102'
dTr2B	The time needed to read the HTTP body of the response from the backend.	dTr1B='0'
usrID	The ID of the authenticated user.	usrID='<NULL>'

On log level "7", the IsiwebOp also traces the outgoing request to the content provider, including such information as the request line and the inet address of the backend:

2024 11 19 16:55:00.925 8.2505.0.0 IsiwebOp   67837.139637562521152.a15a5bee560d95ecfc01a83959f71d6c.42c93a1e29f8e532 7-DBG_LO:  ====> 'GET /htt/ HTTP/1.1' invS='HTTBackend' inetA='localhost:8080' trId='a15a5bee560d95ecfc01a83959f71d6c.42c93a1e29f8e532'

The maximum log level will also trace the headers between the content provider and the proxy:

2024 11 19 16:59:33.649 8.2505.0.0 IsiwebOp   69497.140410337670720.a830107c479bb7c402f27a8fe3567a3f.0291264c19a02771 7-DBG_LO:  ====> 'GET /htt/ HTTP/1.1' invS='HTTBackend' inetA='localhost:8080' trId='a830107c479bb7c402f27a8fe3567a3f.0291264c19a02771'
2024 11 19 16:59:33.649 8.2505.0.0 IsiwebOp   69497.140410337670720.a830107c479bb7c402f27a8fe3567a3f.0291264c19a02771 8-DBG_ME:  ==> Upgrade-Insecure-Requests: 1
2024 11 19 16:59:33.649 8.2505.0.0 IsiwebOp   69497.140410337670720.a830107c479bb7c402f27a8fe3567a3f.0291264c19a02771 8-DBG_ME:  ==> Sec-Fetch-Site: none
2024 11 19 16:59:33.649 8.2505.0.0 IsiwebOp   69497.140410337670720.a830107c479bb7c402f27a8fe3567a3f.0291264c19a02771 8-DBG_ME:  ==> User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0
2024 11 19 16:59:33.649 8.2505.0.0 IsiwebOp   69497.140410337670720.a830107c479bb7c402f27a8fe3567a3f.0291264c19a02771 8-DBG_ME:  ==> Accept-Language: en-US,en;q=0.5
2024 11 19 16:59:33.649 8.2505.0.0 IsiwebOp   69497.140410337670720.a830107c479bb7c402f27a8fe3567a3f.0291264c19a02771 8-DBG_ME:  ==> Sec-Fetch-Mode: navigate
2024 11 19 16:59:33.649 8.2505.0.0 IsiwebOp   69497.140410337670720.a830107c479bb7c402f27a8fe3567a3f.0291264c19a02771 8-DBG_ME:  ==> Sec-Fetch-Dest: document
2024 11 19 16:59:33.649 8.2505.0.0 IsiwebOp   69497.140410337670720.a830107c479bb7c402f27a8fe3567a3f.0291264c19a02771 8-DBG_ME:  ==> Connection: Keep-Alive
2024 11 19 16:59:33.649 8.2505.0.0 IsiwebOp   69497.140410337670720.a830107c479bb7c402f27a8fe3567a3f.0291264c19a02771 8-DBG_ME:  ==> Accept-Encoding: gzip, deflate, br, zstd
2024 11 19 16:59:33.649 8.2505.0.0 IsiwebOp   69497.140410337670720.a830107c479bb7c402f27a8fe3567a3f.0291264c19a02771 8-DBG_ME:  ==> traceparent: 00-a830107c479bb7c402f27a8fe3567a3f-0291264c19a02771-00
2024 11 19 16:59:33.649 8.2505.0.0 IsiwebOp   69497.140410337670720.a830107c479bb7c402f27a8fe3567a3f.0291264c19a02771 8-DBG_ME:  ==> Host: localhost:8080
2024 11 19 16:59:33.649 8.2505.0.0 IsiwebOp   69497.140410337670720.a830107c479bb7c402f27a8fe3567a3f.0291264c19a02771 8-DBG_ME:  ==> Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/png,image/svg+xml,*/*;q=0.8
2024 11 19 16:59:33.649 8.2505.0.0 IsiwebOp   69497.140410337670720.a830107c479bb7c402f27a8fe3567a3f.0291264c19a02771 8-DBG_ME:  ==> Sec-Fetch-User: ?1
2024 11 19 16:59:33.649 8.2505.0.0 IsiwebOp   69497.140410337670720.a830107c479bb7c402f27a8fe3567a3f.0291264c19a02771 8-DBG_ME:  ==> Priority: u=0, i

2024 11 19 16:59:33.650 8.2505.0.0 IsiwebOp   69497.140410337670720.a830107c479bb7c402f27a8fe3567a3f.0291264c19a02771 6-INFO  :  <==== 'GET /htt/ HTTP/1.1' invS='HTTBackend' inetA='localhost:8080 (127.0.0.1)' trId='a830107c479bb7c402f27a8fe3567a3f.0291264c19a02771' sC='200' dTB='1' dTcB='1' dTsB='0' dTr1B='0' dTr2B='0' usrID='<NULL>'
2024 11 19 16:59:33.650 8.2505.0.0 IsiwebOp   69497.140410337670720.a830107c479bb7c402f27a8fe3567a3f.0291264c19a02771 8-DBG_ME:  <== Content-Type: text/html
2024 11 19 16:59:33.650 8.2505.0.0 IsiwebOp   69497.140410337670720.a830107c479bb7c402f27a8fe3567a3f.0291264c19a02771 8-DBG_ME:  <== Content-Length: 218

Example of NProxyOp tracing

The NProxyOp trace group provides information about frontend and backend calls on one single line:

2024 11 19 17:02:33.620 8.2505.0.0 NProxyOp   69497.140409928934976.2ac23da564ee1064a78780901ce6ff4e.e2a2d5496c39aade 6-INFO  :  reqF="GET /htt/ HTTP/1.1" reqDecF=<NULL> ipF=127.0.0.1 sCF=200 bSF=218 dTF=3 reqB="GET /htt/ HTTP/1.1" adrB=localhost:8080 ipB=127.0.0.1 sCB=200 dTB=0 dTcB=0 dTsB=0 dTr1B=0 dTr2B=0 dTFrs=0 invS=/* (ErrorFilter) /* (CookieBasedSessionManagementFilter) /* (Forwarded-For) >HTTBackend cR=1 usrID=<NULL> Event=<NULL> clID=0f6ba8c03700PF05Mi8arij5OIEM22k6WAlgWjzwRHyvujnZ3ksFeuADML cookie=<NULL> sslID=<NULL> trID=2ac23da564ee1064a78780901ce6ff4e.e2a2d5496c39aade

Abbreviation	Description	Example	Apache environment variable
reqF	Request line from the frontend.	reqF="GET /htt/ HTTP/1.1"	%r
reqDecF	Decrypted request URI. NULL if no URL encryption is used.	reqDecF=<NULL>	%{reqDecF}e
ipF	IP of the frontend.	ipF=127.0.0.1	%a
sCF	Status code of the frontend.	sCF=200	%>s
bSF	Bytes sent to frontend	bSF=199	%B or %b
dTF	Total time needed to process the frontend call: the length of time between the first byte received by the proxy (start), and the last byte sent back to the frontend (stop). dTF = stop - start.	dTF=110	%{dTF}e
reqB	Request line to the backend.	reqB="GET /htt/ HTTP/1.1"	%{reqB}e
adrB	The address and port of the backend.	adrB=localhost:8080	%{adrB}e
ipB	IP of the backend.	ipB=127.0.0.1	%{ipB}e
sCB	Status code of the response from the backend.	sCB=200	%{sCB}e
dTB	Total time needed to process the backend call (includes the time needed for establishing the connection, sending the request, and reading the response from the backend).	dTB=103	%{dTB}e
dTcB	Time needed to establish the connection with the backend (incl. TLS handshake).	dTcB=0	%{dTcB}e
dTsB	The time needed to send the request to the backend (HTTP header and optional body) in milliseconds.	dTsB=1	%{dTsB}e
dTr1B	Time needed to read the HTTP headers of the response from the backend.	dTr1B=102	%{dTr1B}e
dTr2B	Time needed to read the HTTP body of the response from the backend.	dTr2B=0	%{dTr2B}e
dTFrs	The time needed to read and write the data from/to the frontend.	dTFrs=1	%{dTFrs}e
invS	The filter chain with the invoked servlet.	invS=/* (ErrorFilter) /* (CookieBasedSessionManagementFilter) /* (Forwarded-For) >HTTBackend	%{invS}e
cR	Number of concurrent request within nevisProxy	cR=1	%{cR}e
usrID	ID of the authenticated user	usrID=<NULL>	%{usrID}e
Event	List of events triggered by the request	Event=<NULL>	%{Event}e
clID	The Session ID if it was accessed.	clID=<NULL>	%{clID}e
cookie	The base64 encoded SHA256 value of the cookie if a cookie based SessionManagementFilter has been configured	cookie=<NULL>	%{cookie}e
sslID	TLS/SSL session ID	sslID=<NULL>	%{sslID}e
trID	Transaction ID	trId=2ac23da564ee1064a78780901ce6ff4e.e2a2d5496c39aade	%{UNIQUE_ID}e
parsedRequestUri	Value of the parsed request URI without the query. The value is only added if it differs from the unparsed request URI.		%{parsedRequestUri}e

Example of Apache tracing

Apache traces an access log file. For each request, a single line is traced to describe the request. In addition to all common configurable Apache features, additional information from nevisProxy can be configured. For example:

LogFormat=""%h %l %u %t \"%r\" %>s %b \"%\{Referer\}i\" \"%\{User-Agent\}i\" %v %D trID=%\{UNIQUE_ID\}e clID=%\{clID\}e""

Produces the following trace event:

10.30.212.29 - - [19/Nov/2024:17:02:33 +0100] "GET /css/styles.css HTTP/1.1" 200 3547 "https://nevis.net:44300/esauth3/?login" "Mozilla/5.0 (X11; Linux i686; rv:7.0.1) Gecko/20100101 Firefox/7.0.1" nevis.net 34358 trID=2ac23da564ee1064a78780901ce6ff4e.e2a2d5496c39aade clID=43131e0a1dd4Uvp4sHE2BknMd2AIkwHvbXzMOkRkrLfPYugGLbtsLtg

We highly recommend that you include the transaction ID and the client ID in this configuration. This allows an easy correlation of both the Navajo and the Apache log files.

Also propagate the events to the apache-env. The events have the following format:

• <NULL>: if there was no event
• Event=GW01,IW01,GW02: comma separated list of all events