Runtime Scanning (.NET)

When you run a runtime scan of your .NET application or IIS (web application) with CodeLogic you can view item dependencies you might not see with a binary scan, such as dynamically generated web calls. Due to the performance overhead of the CodeLogic Agent, we recommend running the scan in a non-production environment.

Important

You must run a binary scan of your .NET application or IIS (web application) before performing a runtime scan.

The scan must be performed on the computer where the application resides.

High-Level Overview

• Configure and Run the Agent
• Authorize the Agent
• Scanning
• Stop the Scan
• View Scan Results

Configure and Run the Agent

• Edit the file: C:\Program Files (x86)\CodeLogic\NetCape\NetCape.json. Replace all instances of 127.0.0.1 with the IP address or hostname of the CodeLogic Server.
• Open the Windows Command Line as an Administrator.

• Run the Agent with your configuration options:

  Options:
  -p|--path                     [Required, SingleSpecification]
                                  Path to the application to be analyzed.
                                  [Example: --path=OtherFolder/Example.dll]
  
  -g|--show-compiler-generated  [Optional, SingleSpecification, NoValue]
                                  [Default: false. Will not show compiler generated code in resulting graph.]
                                  Show compiler generated code.
                                  [Example: -g]
  
  -pta|--pass-through-args      [Optional, SingleSpecification]
                                  [Default: null]
                                  Argument string to pass to the application being profiled.
                                  [Example: --pta "--some-flag"]
  
  --profiler                    [Optional, SingleSpecification]
                                  [Default: <automatically detected by Agent>]
                                  Path to profiler. Use this option only when one of the following occurs:
                                  1) The Agent is unable to determine the 'bitness' of the target application (x86/x64)
                                  2) The profiler dll is not in the installation directory.
                                  [Example: --profiler "C:/location/profiler.dll"]
  
  --session                     [Optional, SingleSpecification]
                                  [Default: <random guid>]
                                  SessionId to use. Under normal use, allow the Agent to generate this id.
                                  [Example: --session "babd9f45-9f56-4f2f-bf7f-a43bfca34b91"]
  
  -v|--verbose                  [Optional, SingleSpecification, NoValue]
                                  [Default: false. Will not show verbose output.]
                                  Show verbose output.
                                  [Example: -v]
  
  -i|--iis                      [Windows Only]
                                  [ConditionallyRequired, SingleSpecification, NoValue]
                                  [Required If: '--path' is not given.]
                                  Analyzes IIS websites on this machine.
                                  [Example: -i]
  
  -ap|--application-pool        [Optional, SingleSpecification]
                                  [Default: DefaultAppPool]
                                  When Scanning IIS, the name of the ApplicationPool that will be executing the profiler.
                                  [Example: --application-pool "MyAppPool"]
  
  --force-registration          [Optional, SingleSpecification, NoValue]
                                  [Default: false. Will attempt to use known agent credentials if they exist.]
                                  Deletes previously generated agent credentials and forces the agent to reregister itself.
                                  This option is useful in instances where credentials have been revoked or are invalid, but can otherwise be ignored.
                                  [Example: --force-registration]
  
  -e|--expunge-scan-sessions    [Optional, SingleSpecification, NoValue]
                                  [Default: false - Keeps old data in addition to data found in this scan.]
                                  Marks data from previous scans found with the same ScanConfiguration fingerprint as ready to be pruned or garbage collected from the database.
                                  Useful in continuous integration pipelines where only the scan of the latest build should be kept.
                                  [Example: --expunge-scan-sessions]
  
  -s|--scan-space-name          [Optional, SingleSpecification]
                                  A name of a scan space for this scan. A scan space with this name will be created if none exists.
                                  [Example: --scan-space-name "My Scan Space"]
  
  -?|-h|--help                  Show help information.
  

  Example Code for scanning an application

  > & 'C:\Program Files (x86)\CodeLogic\NetCape\NetCape.Profiler\ProfilerAgent.exe' C:\Program Files\MyApplication\MyApplication.exe
  

  In the example above we are configuring the agent to run a scan on an application named MyApplication.

  Example Code for scanning iis (web application)

  > & 'C:\Program Files (x86)\CodeLogic\NetCape\NetCape.Profiler\ProfilerAgent.exe' -i
  

  In the example above we are configuring the agent to run a scan on IIS for a web application named WebApplication.

  Note

  If you see the following message with an application you are trying to scan you will need to include the path for the CLProfiler.

  Cannot start Profiler. Unable to determine bit-ness (x86/x64) of application being profiled. Please pass the path to the CLProfiler with the appropriate bit-ness via command line.

  For example, if you have a 64-bit application you would include the path for the 64-bit CLProfiler.dll. > & 'C:\Program Files (x86)\CodeLogic\NetCape\NetCape.Profiler\ProfilerAgent.exe' -p C:\Program Files (x86)\CodeLogic\NetCape\NetCape.Profiler\profilers\win-x64\CLProfiler.dll .\MyApplication.exe

Authorize the Agent

For security, agents must be authorized before they will send metadata to the CodeLogic Server.

• From a web browser on your system, log in to the CodeLogic Server.

  

• Click Admin and then select the Agents tab.

• Locate the agent in the list.

  Note

  The Request Status will be listed as OPEN.

• Click the more menu icon in the Actions column and select Approve/Reject.

  • The Approve window opens.
• Optionally, enter a name for the agent in the Agent Name field.
• Click Approve to complete the authorization process.

Scanning

Note

When you run a runtime scan it may take longer to open the application than normal. You may also notice a lag while clicking through your application. The lag is a result of CodeLogic gathering metadata to send to the CodeLogic Server.

Application

• In the Windows Command Line terminal you will see Profiler connected. Sending configuration. and the application you specified will open.
• Click through your application to gather the metadata.

IIS (web application)

• In the Windows Command Line terminal you will see Profiler connected. Sending configuration..
• Open your browser and go to your web application.
• Click through your web application to gather the metadata.

Stop the Scan

Application

• Close your application to stop the runtime scan.

IIS (web application)

• To stop the scan, restart IIS from a new Windows Command Line terminal as an Administrator.

  > iisreset
  

  Note

  You may need to run the command twice to restart IIS.

View Scan Results

• Log in to the CodeLogic Server.
• Select the Explorer tab.
• Expand the application to view items and their dependencies.

Next Steps To scan another application or IIS (web application), repeat these steps. It will not be necessary to repeat the authorization step if you are rescanning the same application.