Tchater maintenant avec le support

Obtenir une aide instantanée
Terminer l’enregistrement

Se connecter

Demander les tarifs

Contacter le service des ventes

VERSIONS D'ESSAI GRATUITES

Foglight APM for Real User Experience 5.9.9 - Administration and Configuration Guide

Parcourir le contenu

Getting started

Understanding how Foglight captures real user data

Software components

Foglight Management Server Archiver Sniffer Browser instrumentation Relayer Archiver databases

Simplest monitoring solution Foglight APM Appliances and real user data

Logging in to Foglight Finding the Foglight APM dashboards Registering Sniffers and Archivers

Creating Capture Groups Registering Sniffers Registering Archivers

Verifying that you are capturing data Resolving gaps in traffic capture

Adding missing ports Capturing complete user sessions

Adding session identifier variables in cookies Adding other types of session identifier variables Prioritizing session identifiers

Monitoring secure web traffic

Step 1: Registering secure ports Step 2: Specifying monitored IP addresses Step 3: Providing private keys Step 4: Associating ports and keys with monitored IP addresses

Verifying configuration changes

Making your data more meaningful Focusing on selected web applications and web sites

Monitoring selected IP addresses only Excluding subnets

Assigning user roles Next steps

Configuring traffic capture

Managing Sniffers

Defining Sniffers Testing Sniffer communications

Managing Archivers

Defining Archivers Testing Archiver communications Setting database shard span and retention periods

Managing capture groups

Planning capture groups Defining capture groups Assigning Sniffers and Archivers to capture groups Testing capture group communications

Managing sessionizing policies

Understanding the default sessionizing policy Deciding when to add more sessionizing policies Understanding how sessionizing policies are applied Defining sessionizing policies Sessionizing policies—Identifying user sessions

Discovering session identifier variables in cookies Identifying session identifiers in URL paths Defining session identifiers Prioritizing session identifiers

Sessionizing policies—Associating user names with user sessions

Discovering user names Capturing user names in a single sign-on environment Identifying user names in XML Understanding missing user names Defining username rules

Sessionizing policies—Targeting sessionizing policies to URL prefixes

Discovering URL prefixes Defining URL prefixes

Sessionizing policies—Defining when a session has ended

Managing monitored ports

Discovering ports Defining monitored ports

Managing monitored IP addresses

Discovering IP addresses Defining monitored IP addresses Displaying host names instead of IP addresses Monitoring secure (HTTPS) web traffic

Managing monitored subnets

Discovering subnets Defining monitored subnets

Managing identifiers for virtual addressing schemes

Defining identifiers Capturing originating client IP addresses Capturing server IP addresses Capturing host names

Managing private keys

Managing local private keys Managing HSM private keys

Managing web services and SOAP operations

Creating web services automatically from WSDL files Defining web services and SOAP operations

Configuring traffic analysis

Managing custom fields

Predefined custom fields Setting and updating the value of custom fields Defining custom fields

Managing custom metrics

Editing custom metrics

Managing security policies for sensitive hit details

Hiding or replacing sensitive hit details Omitting sensitive hit details from the database Defining sensitive hit details

Managing security policies for sensitive content

Hiding or replacing sensitive content Omitting sensitive content from the database Defining sensitive content expressions

Managing pivots

Understanding pivot categories Enabling pivot categories and defining their membership Enabling global pivots for web sites and endpoints

Configuring advanced options Managing domain rules

Discovering aliases Defining domain rules

Storing large hit details

Defining large hit details

Managing special events

Defining global stop criteria for sessions Defining global stop criteria for sequences Defining special events

Troubleshooting improperly classified URLs

Defining URL classifiers

Managing user agent rules

Defining new user agent rules Setting the execution order for rule files

Defining additional parsed response types Defining captured request body types Modifying traffic analysis options Managing scripts

Before you begin Determining requirements

Select an appropriate API Define output variables Decide when to execute the script Decide how many uncaught failures are allowed

Creating scripts Testing scripts Defining scripts

Configuring analyzers

Introducing hit analyzers

Reviewing default hit analyzers Tips for creating effective hit analyzers Configuring hit analyzers

Introducing sequence analyzers

Configuring sequence analyzers

Introducing session analyzers

Tips for creating effective session analyzers Configuring session analyzers

Summary of options by analyzer type Configuring conditions

Defining match conditions Defining error and warning conditions Grouping multiple conditions Defining conditions

Working with metrics

Understanding standard metrics Creating custom metrics Changing the name of metric topology objects Understanding pivots for analyzer metrics Publishing hit metrics for use in the Geographical Perspective dashboard Defining service level agreement thresholds

Updating custom fields

Updating the value of custom fields Creating new custom fields Defining custom field updates

Executing scripts

Executing scripts Creating new scripts

Defining storage policies

Defining hit storage restrictions for hit analyzers Defining storage options for sequence analyzers

Setting searchability options for analyzers

Defining options for hit analyzers Defining options for session analyzers

Defining events for sequence analyzers

Understanding sequence states Defining event conditions

Defining event conditions

Recording the order of triggered events Defining sequence events

Capturing traffic outside the network

Deciding when to add browser instrumentation Introducing the instrumentation components Configuring an instrumented monitoring solution Verifying instrumentation payloads are received Viewing metrics collected by instrumentation

Configuring advanced options

Configuring internal settings

Archiver query settings Replay settings Metadata settings

Substituting static page elements

Defining static page elements

Excluding subnets from data collection

Defining subnet filters

Integrating Foglight APM with other products

Integrating with CA SiteMinder

Adding SiteMinder Server definitions in Foglight Registering Foglight as a SiteMinder agent Adding SiteMinder to a sessionizing policy

Integrating with SafeNet Hardware Security Modules

Planning a Foglight–HSM integration Registering HSM servers in Foglight Generating SafeNet HSM client certificates Associating HSM keys with monitored IP addresses

Maintaining and troubleshooting

Checking the health of Foglight APM Appliances

Investigating issues with appliance health Summary of Appliance Health views

Managing configuration changes

Reviewing change versions Understanding configuration modules and objects Exporting configuration modules and objects Restoring and importing configurations Reviewing warnings

Creating support bundles Updating appliance software Restarting the embedded Agent Manager

Appendix: Building regular expressions in Foglight

What is a regular expression? Where can I find regular expressions? Regular expression basics

Building a simple pattern Building a pattern that matches a specific character Building a pattern that matches multiple characters Using advanced quantifiers Using special characters and regular expression flags Grouping elements in a pattern Additional information

Appendix: Traffic analysis processing

Understanding the traffic analysis workflow Stage 1: Run hit analysis Stage 2: Run sequence analysis Stage 3: Finalize stopped sequences Stage 4: Finalize the session Example of interdependent analyzers Online-Only Topics

Removing items from a table Defining extraction expressions Adding, copying, and editing archivers Testing archivers Configuring archiver database shard settings Adding, copying, and editing sniffers Testing sniffers Adding and editing capture groups Testing capture groups Adding and copying sessionizing policies Editing sessionizing policies Selecting session identifiers from a discovery list Adding and editing session identifier variables Organizing session identifiers Selecting user name variables from a discovery list Adding and editing username rules Selecting URL prefixes from a discovery list Adding or adding URL prefixes Selecting ports from a discovery list Adding or editing monitored ports Selecting IP addresses from a discovery list Adding or editing monitored IP addresses Looking up host names for all monitored IP addresses Associating private keys with IP addresses Selecting subnets from a discovery list Adding and editing monitored subnets Adding identifiers Editing identifiers Finding IP addresses in HTTP headers Configuring a custom HTTP header using Microsoft IIS Manager Adding and editing local private keys Adding and editing HSM private keys Exporting keys using Microsoft Management Console Adding or editing web services Importing WSDL files to define web services Managing custom fields and metrics Adding, copying, and editing custom fields Removing custom fields Editing custom metrics Removing custom metrics Managing sensitive data Adding, copying, and editing sensitive hit detail policies Adding, copying, and editing sensitive content expression policies Modifying members of pivot categories Selecting aliases from a discovery list Adding, copying, and editing domain rules Adding, copying, and editing large hit details Adding, copying, and editing URL classifiers Reviewing rules for browser category, browser, and operating system hit details Adding user-defined user agent rules Adding and editing additional parsed response types Adding and editing captured request body types Adding, copying, and editing scripts Removing scripts Referencing configuration objects in a script Testing regular expressions Syntax for test data Adding simple hit analyzers using the Setup Wizard Adding simple sequence analyzers using the Setup Wizard Adding analyzers Copying analyzers Editing analyzers Adding and editing conditions Creating a simple Boolean expression Creating a complex Boolean expression Disabling standard metrics generated by a hit analyzer Adding custom metrics Editing custom metrics Selecting pivot categories Breaking out metrics into dynamically-named topology objects Publishing metric timeslices for the Geographical Perspectives dashboard Changing SLA thresholds Adding custom field updates Editing custom field updates Adding scripts to an analyzer Editing scripts Creating new scripts on the fly Adding hit storage restrictions Editing hit storage restrictions Adding sequence events Editing sequence events Adding static page elements Editing static page elements Viewing resource files defined by static page elements Adding and editing subnet filters Exporting configurations Exporting encrypted configurations Restoring a previous configuration Importing saved configurations Importing hit analysis configurations from Foglight Experience Viewer Using the Import Configuration Wizard

Additional information

For more information and more advanced examples, see the following topics:

•

“Appendix: Regular expressions” in the Installing the Java EE Technologies Management Capabilities guide

•

“Appendix: Java regular expressions in FxV hit analysis” in the Foglight Experience Viewer User Guide

Appendix: Traffic analysis processing

When developing analyzers that rely on the actions of other analyzers or scripts, you need to ensure values are set before another task requires that value. For example, let’s say you have a hit analyzer that sets the value of a session custom field and another hit analyzer that uses the value of that field in a script to perform a calculation. A script cannot know if the field has been updated for the current hit, but you can—if you understand what happens at each stage of traffic analysis.

For more information, see the following topics:

•

Understanding the traffic analysis workflow

•

Stage 1: Run hit analysis

•

Stage 2: Run sequence analysis

•

Stage 3: Finalize stopped sequences

•

Stage 4: Finalize the session

•

Example of interdependent analyzers

Understanding the traffic analysis workflow

When an Archiver receives a hit from a Sniffer, the Archiver extracts the hit details from the hit (which is sent to the Archiver in a proprietary hit format) and saves those details in memory within a Java™ object. It then uses the hit details as input to the traffic analysis process.

Traffic analysis processing occurs over multiple stages. Hit analysis occurs for every hit and sequence analysis occurs for every sessionized hit. Recall that a sessionized hit is a hit that belongs to a particular user session (indicated by a unique session identifier). During these analysis stages, if an action stops any active sequences or the current session, the sequence or session is flagged as stopped. Then, after the sequence analysis ends, final actions are run on the flagged sequences and session.

At the end of the traffic analysis process, the Archiver reviews the sensitive data storage policies option in all matching hit analyzers. If any policies specify that sensitive data should not be stored, the Archiver applies the policy to the collected hit data before storing the hit details and data in the Archiver database.

The following flowchart provides an overview of the traffic analysis process. The subprocesses in this flowchart are expanded upon in the rest of this appendix.

Figure 115. Traffic analysis process overview

Stage 1: Run hit analysis

In the hit analysis stage, all hit analyzers are evaluated to see if their match conditions match the hit. First, the Archiver evaluates analyzers with the phase set to Filtering, because a match here causes the hit to be discarded (no hit details are stored) and ends the traffic analysis process.


	TIP: If you do not want sensitive data in a hit exposed to any kind of processing or storage, you can use the Filtering phase to drop the hit before it is available to any other analyzers.

If the hit passes the Filtering phase, the Archiver then evaluates all Main phase hit analyzers and compiles a list of matches. For each matching analyzer, it then evaluates warning and error conditions and sets the final analyzer status to the worst status. For example, if a warning condition sets the analyzer status to Warning, but an error condition in the same analyzer sets the analyzer to Error, then the final analyzer status is Error, because Error is worse than Warning. Then, for each matching analyzer, the Archiver runs the actions associated with the final analyzer status—with one exception. If a hit analyzer sets hit storage restrictions (that is, sensitive data storage policies), these restrictions are deferred until after the end of the traffic analysis process (see the flow chart in Understanding the traffic analysis workflow).

The Archiver repeats this process for Final phase hit analyzers. With these two phases, you can be sure that if you set the value of a session-scoped custom field in the Main phase based on the final analyzer status, its value can be reliably used by a Final phase hit analyzer.

Figure 116. Hit analysis stage

After running the actions for matching analyzers in all phases, the Archiver determines the final hit status for the hit. The final hit status is the worst final analyzer status from among all the matching hit analyzers. The Archiver then iterates through the list of matching hit analyzers and runs any actions associated with the final hit status.


	NOTE: Do not confuse final analyzer status with final hit status. The final hit status is determined at the end of the hit analysis phase, after analyzers in all phases are evaluated. If a Main phase hit analyzer updates a custom field based on the final hit status, the value will not be set (and therefore is not available) until after the Final phase hit analyzers are evaluated.

Documents connexes

The document was helpful.

Sélectionner une évaluation

I easily found the information I needed.

Sélectionner une évaluation