docs/debug: add example policy for debug command (#20232)

2025-11-03 20:17:59 +00:00 · 2023-04-18 14:17:19 -04:00
parent 4d3e220db9
commit 3faba5d905
1 changed files with 28 additions and 0 deletions
--- a/website/content/docs/commands/debug.mdx
+++ b/website/content/docs/commands/debug.mdx
@@ -36,6 +36,34 @@ query the matching endpoint in order to get a proper response. Any errors
 encountered during capture due to permissions or otherwise will be logged in the
 index file.

+The following policy can be used for generating debug packages with all targets:
+
+```hcl
+path "auth/token/lookup-self" {
+  capabilities = ["read"]
+}
+
+path "sys/pprof/*" {
+  capabilities = ["read"]
+}
+
+path "sys/config/state/sanitized" {
+  capabilities = ["read"]
+}
+
+path "sys/monitor" {
+  capabilities = ["read"]
+}
+
+path "sys/host-info" {
+  capabilities = ["read"]
+}
+
+path "sys/in-flight-req" {
+  capabilities = ["read"]
+}
+```
+
 ## Capture Targets

 The `-target` flag can be specified multiple times to capture specific