Appendix B: Testing and Troubleshooting

If you are experiencing problems with your policy files or would like to monitor evaluation for brief periods of time, consider using the policy tracing capabilities of the policy language.

Tracing allows you to examine how the ProxySG policy is applied to a particular request. To configure tracing in a policy file, you use several policy language properties to enable tracing, set the verbosity level, and specify the path for output. Using appropriate conditions to guard the tracing rules, you can be specific about the requests for which you gather tracing information.

Note: Use policy tracing for troubleshooting only. Tracing is best used temporarily for troubleshooting, while the log_message( ) action is best for on-going monitoring. For more information about the log_message( ) action, see "log_message( )" on page 232. If tracing is enabled in a production setting, ProxySG performance degrades. After you complete troubleshooting, be sure to remove policy tracing.

CPL provides the following trace-related properties:

trace.rules( )—Controls the tracing of rule evaluation. Trace can show which rules missed, which matched, and which were not applicable (N/A), meaning the rule cannot be evaluated for this transaction and is being skipped. N/A occurs, for example, when you try to apply a streaming trigger to an FTP transaction.

trace.request( )—Enables tracing and includes a description of the transaction being processed in the trace. No trace output is generated if this is set to no.

trace.destination( )—Directs the trace output to a user-named trace log.

Enabling Rule Tracing

Use the trace.rules( ) property to enable or disable rule tracing. Rule tracing shows you which rules are executed during policy evaluation. This property uses the following syntax:

trace.rules(yesnoall)

where

yes enables rule tracing but shows matching rules only.

no disables rule tracing.

all enables tracing, with added detail about conditions that failed to match.

Example

The following enables tracing:

<proxy>

trace.rules(yes) tracewhere:request(yes)

Page 274 Page 276
Page 275
Image 275
Blue Coat Systems Proxy SG manual Appendix B Testing and Troubleshooting, Enabling Rule Tracing
Page 274 Page 276
Top Page Image Contents