Traces
  • 24 Jan 2022
  • 5 Minutes to read

Traces


This topic explains Traces. Using Traces you can do a system-wide search on Endpoint traces and spans. Traces provides various filter options for forensic analysis of traces and spans.


Traces is a faster and efficient way to carry out forensic analysis through traces and spans. In a normal scenario without Traces, you would have to search through every trace from the Traces tab on the API Endpoints page or the Services page.

Traces provides an easier way to search through the Endpoint traces and Spans. When a user sends a request, it creates a trace in the system. The trace may traverse through multiple services to serve the request. Each service may be served by a different endpoint. In the journey of trace inside your infrastructure, it hops between many services served by different Endpoints. The part of the trace or a sub-segment of a trace that is related to a specific endpoint is called an Endpoint trace in the Traceable platform.

View traces from the Services or API Endpoint page

Click on one of the listed services on the Services page. On the Services details page that is displayed, click on the Traces tab to view a list of Traces as shown in the screenshot below:

 Traces view from the Services page 

Click on an Endpoint, for example, GET/product/{product-id} to view the traces associated with it. The following screenshot shows the Endpoint trace for the above example.

Trace for an Endpoint

To see the full trace click on the See Full Trace button. The following screenshot shows the full trace for the request.
Complete trace view

You can view the traces in a similar way from the Traces tab of the API Endpoint details page.


View traces and spans

You can view the same trace as from the Endpoint or Services page (as explained above) from the Traces page. The Traces page provides you with the option of visualizing the trace data based on various metrics. The Traceable platform receives raw span data from its agent. Traceable's business logic creates the trace and the Endpoint trace (the sub-segment of the trace) from these spans.

The Traces page also gives you the capability to view raw span data. Spans are the building blocks for a trace. Traceable captures all the request and response data, for example, request headers, body, cookies, and so on are captured as individual span attributes. These spans are put together by Traceable to build a trace. The Traces provides both, the Endpoint Traces and Spans tab to search through.

The following screenshot shows all the Endpoint traces for the last 1-hour (selected from the top menu). You can filter or apply conditions to narrow down the search. Traceable provides many inbuilt filters. If a filter has an associated operation, it is displayed when you enter a space in the search bar.

 You can also auto-fill the filter by clicking on the filter icon next to any value in the columns. For example, from the above screenshot, if you want to see all the Endpoint traces for the HTTP protocol, click on the filter icon next to HTTP.

Auto-fill filter

GET/userreview. The filter conditions produce the result based only on the AND condition.

Auto-fill Endpoint Trace search result

You can carry out similar searches based on your investigative need.

Visualization

You can also create custom visuals to compare against various metrics. One or more metrics can be added for the x and y-axis. The following screenshot gives an example of how you can use Trace visualization.

 Traceable Visualization

In the above example, you are viewing the Average Duration metric that is grouped (in a group of 5) by Endpoint Name over a time interval of 1-min. When you hover the mouse over the columns, a pop-up window shows the call duration for all five Endpoints. The visualization shows us that at 7:46 PM, the average call duration forPOST/app/learnt/QKPmJNWoGI endpoint is 3ms. In a similar way, you can create a number of visualizations to compare various parameters.

Filter attributes

The following tables explains a few of the filter attributes for Endpoint traces and Spans.

Endpoint Traces

AttributeDefinition
API exit callNumber of outbound calls made by the API Endpoint
CallsNumber of calls to the API Endpoint
DurationTime spent within the boundary of a service that contains the API Endpoint, that is the time between the entry span into service and the exit span out from the service.
End timeEnd time of the segment of the trace
Endpoint IDThe ID of the API Endpoint this trace segment belongs to
Endpoint NameName of the API Endpoint this trace segment belongs to
Endpoint Trace IDThe span ID corresponding to the entry span that is the starting span of the Endpoint trace segment.
EnvironmentAll the data visible is scoped under the selected environment. But if you select AllEnvironments then this shows the environment corresponding to the trace segment.
Error countCount of error in the given API trace
HTTP MethodHTTP Methods, for example, GET/POST/PUT/DELETE and so on.
IP AddressClient's IP address
Is Endpoint PIITrue if the Endpoint corresponding to the trace segment has any sensitive information/params.
ProtocolHTTP or GRPC
Request BodyContains the API request for the given API
Request Content-TypeContent-type request header
Service IDID of the Service that owns the API Endpoint trace this segment belongs to
Service NameName of the Service that owns the API Endpoint this trace segment belongs to
Session IDUser session ID in which the current operation (that resulted in the trace) was performed
Start timeStart time of the segment of the trace
Trace IDThe trace ID of the trace that this segment is part of
User IDUsername or client_id extracted from the access token or Authorization header in the inbound request from outside the system.
User RoleThe actual or assumed role the client is making the request under extracted from token or application security context.
User ScopeScopes or granted authorities the client currently possesses extracted from token or application security context. The value would come from the scope associated with an OAuth 2.0 Access Token or an attribute value in a SAML 2.0 Assertion.

 SPANS

AttributeDefinition
DurationThe time duration for the span
EndtimeThe finish time for the span
Error CountCount of number of error occurrences in the given span
Parent Span IDSpan ID for the parent span
ProtocolOne of HTTP, HTTPS, GRPC, REDIS, MONGO, JDBC, RABBIT_MQ protocol
Request BodyContains the API request for the given API
Request Content TypeContent-type request header
Request ParamsThe request parameters
Request sizeThe size of the request
Request HeadersThe request headers
Response Content TypeContent-type response header
Response HeadersThe response headers
Response SizeThe size of the response
Service IDThe ID of the service corresponding to the given span
Service NameName of the service corresponding to the given span
Span IDThe identifier for the span
Span NameThe name for the span
Start TimeThe time when the span event started
TagsThe key-value attributes for the span. It captures various events or metadata about the span
Trace ID

An Identifier for the trace that this span belongs to


Was this article helpful?