Runtime Scanning (Java-Linux)
There are two parts to the Java Runtime agent solution: a CodeLogic agent and a Java instrumentation agent that attaches to your application. The instrumentation agent collects data from the application that you attach it to and sends it to the CodeLogic agent, which then reports to your CodeLogic Server. You must first configure and authorize the CodeLogic agent. Then you run the instrumentation agent with your application. The results of the scan are viewed in your CodeLogic Server.
Important
You must run a binary scan of your JARs before performing a runtime scan.
To perform a runtime scan, you must have an environment in which you can start your application with additional JVM options.
High-Level Overview
Configure and Run the Agent
-
Edit the configuration file located in
/opt/codelogic/java/agentConfig.json
to include "packageLinkingFilters".Note
Before you edit the configuration file, you may want to save a copy of the default configurations.
- Example
"packageLinkingFilters" : ["com.codelogic", "com.example"],
Note
A copy of the configuration file with comments that explain the configuration options, is located in
/opt/codelogic/java/agentConfig_documentation.json
. - Example
-
Open the Command Line as an Administrator.
- Enter the
/opt/codelogic/java
directory. - Enter the command to tell the agent to start listening.
You may also run the command with these options:
/opt/codelogic/java# ./run_dynamic.sh
--rmi-registry-port
- The port at which the agent will try to create or locate the RMI registry on which to host the runtime agent server.--server-rmi-port
- The port at which the agent will export the RMI interface for communication from the instrumentation agent.--server-name
- The name of the server object registered with RMI.
Authorize the Agent
For security, agents must be authorized before they will send metadata to the CodeLogic Server.
- Click Admin and then select the Agents tab.
-
Locate the agent in the list.
Note
The Request Status will be listed as OPEN.
-
Click the more menu icon in the Actions column and select Approve/Reject.
- The Approve window opens.
- Optionally, enter a name for the agent in the Agent Name field.
- Click Approve to complete the authorization process.
Scanning
After the runtime agent reports that it is Waiting for connection from instrumentation JAR, you can start the application with the instrumentation JAR attached.
/opt/codelogic/java>run_with_instrumentation.sh [application to analyze]
Settings to the instrumentation agent are passed in with the -javaagent option after the path to the jar as a sequence of key value pairs:
rmiRegistryHost
- the host at which the agent will try to contact an RMI registry.rmiRegistryPort
- the port at which the agent will try to contact an RMI registry.serverName
- the name of the server object bound by the runtime agent to which we are trying to connect.
Stop the Scan
Stop your application to stop the scan.
View Scan Results
- Log in to the CodeLogic Server.
- Select the Explorer tab.
- Expand the application to view items and their dependencies.