Java Agent Troubleshooting Tools

  • Updated

Question

What troubleshooting tools are built into the agent?

Answer

The Contrast Java agent includes built in utility programs to help with configuring and troubleshooting the agent. Run these utilities by executing the agent jar using java:

java -jar ~/Downloads/contrast-agent-3.6.10.12341.jar
*** Contrast Agent (version 3.6.10.12341)
Usage: java -jar contrast-agent-3.6.10.12341.jar <command action> [arguments]
The commands are as follows:
    info - get basic info about this Contrast engine
    diagnostic - diagnoses communication problems with the Contrast site
    verify - verifies legality of bytecode weaved by Contrast (advanced)
    properties - Displays Configuration Properties
 
            Usage: java -jar contrast.jar properties [Options]
            Options: --filter=<searchString>    Filters configurations by searching paths, variables and properties

The utilities printed in the help screen are those which we are comfortable with exposing to users. In addition to these utilities, the agent includes hidden utilities for internal use only including

Check TeamServer Connection Info

Use the agent's info utility to see the TeamServer connection configuration

java -jar ~/Downloads/contrast-agent-3.6.10.12341.jar info
*** Contrast Agent (version 3.6.10.12341)
Agent Configuration
===================
Reporting to: https://apptwo.contrastsecurity.com/Contrast
User ID: contrast.user@contrastsecurity.com
User Service Key: REDACTED
API-Key: wInpj9FQP43qcHg8zo5Z3df4aDu40S77

The output of info must include connection configuration. null values indicate a misconfiguration.

Use Diagnostic Utility to Check Network Connectivity

Use the agent's diagnostic utility to verify that the agent is able to route network requests to TeamServer. This is useful for checking if your TLS and proxy settings are correct. This diagnostics does not verify that the agent's authentication configuration is correct nor does it verify that the agent's TeamServer URL is actually pointing to a TeamServer service.

java -jar contrast.jar diagnostic
*** Contrast Agent (version 3.6.3.7840)
[!] Attempting to connect to the Contrast TeamServer at https://apptwo.contrastsecurity.com/Contrast (No proxy).
[!] Attempting to resolve domain: apptwo.contrastsecurity.com
    Resolved domain apptwo.contrastsecurity.com to IP Address 52.200.215.12
[+] Client successfully resolved the DNS of the Contrast TeamServer. No proxy needed.
[!] Issuing HTTP request to Contrast...
    Executing request...
    Reading response [200]
    Response size = 4209
    Snippet: <!doctype html> <!--[if gt IE 8]><!--> <html class="no-js" i
[+] Client can connect directly to the Contrast TeamServer. No proxy needed.

View Configuration Properties

Use the agent's properties utility to list out all of the Configuration properties supported by this version of the agent.

java -jar ~/Downloads/contrast-agent-3.6.10.12341.jar properties

Debug Logs Analyzer

Use the agent's analyze-log utility to help make sense of all the information in a Contrast debug log. This utility works in tandem with other tools to visualize the data in the agent's debug logs. First, the analyze-log utility generates an Agent Metrics File from the debug log.

java -jar ~/Downloads/contrast-agent-3.6.10.12341.jar analyze-log ~/investigations/sup-878/multipart-spring-4-fn.log amf
*** Contrast Agent (version 3.6.10.12341)
Creating AMF, using temp dir: /var/folders/__/h22x914n5f3242pvhyg4h8880000gp/T//amfdata1578080090
Serialized 0 traces to /var/folders/__/h22x914n5f3242pvhyg4h8880000gp/T//amfdata1578080090
Top 25 Propagators
==========================
Count   API
15  org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
-- REDACTED FOR BREVITY --
 
Top 25 Propagator Stacks
==========================
Count   API
1   org.apache.catalina.connector.RequestFacade.getRequestURI(RequestFacade.java:856)
    org.apache.catalina.connector.RequestFacade.getRequestURI(RequestFacade.java:856)
    javax.servlet.http.HttpServlet.service(HttpServlet.java)
    org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)
-- REDACTED FOR BREVITY --
 
Zipping all files from /var/folders/__/h22x914n5f3242pvhyg4h8880000gp/T//amfdata1578080090(34)
Agent metrics written to javaagent-0092476.amf

The Agent Metrics File is a zip file which contains a set of structured data in JSON format and partitioned log files. See Agent Metrics File (.amf) - Java/.NET for more details on how to use and visualize the data in this file.

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request