Chatta subito con l'assistenza
Chat con il supporto

Foglight APM for Real User Experience 5.9.9 - Administration and Configuration Guide

Getting started Configuring traffic capture
Managing Sniffers Managing Archivers Managing capture groups Managing sessionizing policies Managing monitored ports Managing monitored IP addresses Managing monitored subnets Managing identifiers for virtual addressing schemes Managing private keys Managing web services and SOAP operations
Configuring traffic analysis Configuring analyzers Capturing traffic outside the network Configuring advanced options Integrating Foglight APM with other products Maintaining and troubleshooting Appendix: Building regular expressions in Foglight Appendix: Traffic analysis processing
Understanding the traffic analysis workflow Stage 1: Run hit analysis Stage 2: Run sequence analysis Stage 3: Finalize stopped sequences Stage 4: Finalize the session Example of interdependent analyzers Online-Only Topics
Removing items from a table Defining extraction expressions Adding, copying, and editing archivers Testing archivers Configuring archiver database shard settings Adding, copying, and editing sniffers Testing sniffers Adding and editing capture groups Testing capture groups Adding and copying sessionizing policies Editing sessionizing policies Selecting session identifiers from a discovery list Adding and editing session identifier variables Organizing session identifiers Selecting user name variables from a discovery list Adding and editing username rules Selecting URL prefixes from a discovery list Adding or adding URL prefixes Selecting ports from a discovery list Adding or editing monitored ports Selecting IP addresses from a discovery list Adding or editing monitored IP addresses Looking up host names for all monitored IP addresses Associating private keys with IP addresses Selecting subnets from a discovery list Adding and editing monitored subnets Adding identifiers Editing identifiers Finding IP addresses in HTTP headers Configuring a custom HTTP header using Microsoft IIS Manager Adding and editing local private keys Adding and editing HSM private keys Exporting keys using Microsoft Management Console Adding or editing web services Importing WSDL files to define web services Managing custom fields and metrics Adding, copying, and editing custom fields Removing custom fields Editing custom metrics Removing custom metrics Managing sensitive data Adding, copying, and editing sensitive hit detail policies Adding, copying, and editing sensitive content expression policies Modifying members of pivot categories Selecting aliases from a discovery list Adding, copying, and editing domain rules Adding, copying, and editing large hit details Adding, copying, and editing URL classifiers Reviewing rules for browser category, browser, and operating system hit details Adding user-defined user agent rules Adding and editing additional parsed response types Adding and editing captured request body types Adding, copying, and editing scripts Removing scripts Referencing configuration objects in a script Testing regular expressions Syntax for test data Adding simple hit analyzers using the Setup Wizard Adding simple sequence analyzers using the Setup Wizard Adding analyzers Copying analyzers Editing analyzers Adding and editing conditions Creating a simple Boolean expression Creating a complex Boolean expression Disabling standard metrics generated by a hit analyzer Adding custom metrics Editing custom metrics Selecting pivot categories Breaking out metrics into dynamically-named topology objects Publishing metric timeslices for the Geographical Perspectives dashboard Changing SLA thresholds Adding custom field updates Editing custom field updates Adding scripts to an analyzer Editing scripts Creating new scripts on the fly Adding hit storage restrictions Editing hit storage restrictions Adding sequence events Editing sequence events Adding static page elements Editing static page elements Viewing resource files defined by static page elements Adding and editing subnet filters Exporting configurations Exporting encrypted configurations Restoring a previous configuration Importing saved configurations Importing hit analysis configurations from Foglight Experience Viewer Using the Import Configuration Wizard

Monitoring secure (HTTPS) web traffic

To analyze HTTPS traffic, Sniffers need to be able to decrypt it. You need to list the IP addresses that handle HTTPS traffic and then associate private keys and HTTPS-enabled ports with each IP address.
 
* 
TIP: If you do not want to analyze HTTPS traffic, you should avoid capturing it. Edit the monitored IP address and select the Ignore HTTPS option.
To monitor HTTPS traffic on an IP address, you need to complete the following tasks:
1
Register HTTPS-enabled ports used by your application. Port 443 is registered by default. If you need to register other HTTPS-enabled ports, see Managing monitored ports.
2
Specify the IP addresses that require private keys. In the Monitored IP Addresses dashboard, add IP addresses that use the HTTPS-enabled ports you specified. You only need to specify the IP addresses carrying secure traffic you are interested in decrypting. For more information, see Discovering IP addresses or Defining monitored IP addresses.
3
Provide private keys. Private keys can be stored locally or hosted in an HSM server. See Managing private keys.
4
Associate monitored IP addresses with private keys and ports. In the Monitored IP Addresses dashboard, click Private Keys icon in the row containing an IP address that handle HTTPS traffic. In the dialog box, select the private key and HTTPS-enabled port required by the selected IP address. For detailed instructions, see Associating private keys with IP addresses.

Managing monitored subnets

Monitored subnets enable you to track metrics for your intranet applications by subnetwork. A subnet (or subnetwork) is a subdivision of a network where the IP addresses of all devices share a common prefix. Using subnet masks, networks are divided into subnets based on security, performance, and physical requirements. If you are monitoring intranet applications, you may want performance metrics broken out by subnet.
To define and manage monitored subnets, navigate to APM > Configure > Traffic Capture > Monitored Subnets.
Figure 33. Monitored Subnets dashboard
In the Monitored Subnet dashboard, you can perform the following tasks:
Discovering subnets
Defining monitored subnets

Discovering subnets

When you run the Discovery tool from the Monitored Subnet dashboard, it examines monitored network traffic and constructs possible subnets that may be in use on your network. The Discovery tool cannot determine the exact subnets because that information is not available in the traffic. Instead, it uses client IP addresses extracted from IP headers in the traffic or from the x-forwarded-for HTTP request header, and constructs a class C subnet that might be in use on your network. You may need to edit the mask portion of the subnet to match your actual subnets. The tool updates the list continuously until you stop the discovery process.
Figure 34. Subnet Discovery dialog box
The following table summarizes the information found in each column of the Subnet Discovery dialog box. While the discovery process is active, the cumulative values start counting from the beginning of the discovery process and, at any given moment, reflect the current value as detected in the monitored traffic for each subnet. When you stop the process, the values reflect the last values collected for the subnets.
 
Table 20. Discovering subnets
Column Name
Description
Subnets
A list of subnets in use during the discovery process.
Client Packets
The number of packets transmitted from clients to the server through a port within the subnet.
TIP: If the Client Packets count is zero and the Server Packet value is greater than zero, the network tap is not configured correctly. Contact your Network Administrator.
Server Packets
The number of packets transmitted from the server to clients through a port within the subnet.
TIP: If the Server Packets count is zero and the Client Packet value is greater than zero, the network tap is not configured correctly. Contact your Network Administrator.
Ports
The port numbers of ports handling packets within the subnet.
You can select all the displayed subnets, or you can specify individual subnets by selecting their check boxes first.

Defining monitored subnets

When adding or editing a monitored subnet, you can set the following options.
 
Table 21. Defining monitored subnets
Option
Setting the Option
Name
Specify a unique name for the subnet. When selecting subnets from a discovery list, a default name is created using the IP address and subnet mask.
Geographic Location
Optional—select the browse button to select a type of location (City, Region, Country). You can then choose to monitor one city, region, or country.
NOTE: Configuring a subnet by location makes the data for that subnet available for map-based dashboards in Foglight. When using the geographical location, traffic is categorized by location based on a subnet’s address.
CIDR Block
Specify an IP address and subnet mask, separated by a forward slash
(/). For example: 177.18.1.0/7
Example
Figure 35. Add Monitored Subnet dialog box
Related Documents

The document was helpful.

Seleziona valutazione

I easily found the information I needed.

Seleziona valutazione