Java Tracer getting started guide↑
This guide explains how to use the SandboxAQ Java Tracer to obtain a cryptography trace from an application.
Prerequisites↑
Before using the Java Tracer, make sure you’ve followed the installation instructions.
You’ll also need a Java application that you can run in a terminal with the java
command. For other Java applications, refer to the Java Tracer reference.
Tracing the application↑
Navigate to a directory where you have write permissions and execute your app with the java
command as you typically would, but this time, include the -javaagent:/path/to/cs-java-tracer.jar
command-line parameter.
For instance, you can run the following command if your application doesn’t require any other command-line parameters:
When your application has finished executing, the cs-tracer
directory will contain the generated trace file(s):
Note
If the traced application is terminated abruptly, the resulting gzip
file may be missing a trailer and appear to be corrupted. However, AQtive Guard should still be able to analyze the contents of the trace.
Tip
Additional configuration is required for Java applications launched from within application servers. See Using the tracer in application frameworks for details.
Uploading the trace↑
Upload the trace to AQtive Guard to run an analysis and generate a report. Refer to these instructions:
- Web Interface - Uploading a new trace
- API - Upload a trace using the API Client
You can change the trace output location of the Java Tracer by using the -Dcryptosense.agent.out
parameter. Refer to Configuration in the Java Tracer reference for a list of available parameters and how to use them.
Note
If two instances have the same four stack traces at the top of the stack and share the same type and algorithm, they’ll be merged in the analysis. Refer to Issue and instance fundamentals for details on analysis and reporting.