• United States (English)
• Brazil (Português)
• China (中文)
• France (Français)
• Germany (Deutsch)
• Italy (Italiano)
• Japan (日本語)
• Korea (한국어)
• Mexico (Español)

• サインイン
• サポートアカウントの作成

無料評価版

• ポータルについて詳しく知る
• 印刷
• MY ダウンロード ()

• サポート
• 技術文書
• Foglight APM for Real User Experience 5.9.9
• Foglight APM for Real User Experience 5.9.9 - Administration and Configuration Guide

Foglight APM for Real User Experience 5.9.9 - Administration and Configuration Guide

コンテンツのナビゲーション  

Getting started

Understanding how Foglight captures real user data

Software components

Foglight Management Server Archiver Sniffer Browser instrumentation Relayer Archiver databases

Simplest monitoring solution Foglight APM Appliances and real user data

Logging in to Foglight Finding the Foglight APM dashboards Registering Sniffers and Archivers

Creating Capture Groups Registering Sniffers Registering Archivers

Verifying that you are capturing data Resolving gaps in traffic capture

Adding missing ports Capturing complete user sessions

Adding session identifier variables in cookies Adding other types of session identifier variables Prioritizing session identifiers

Monitoring secure web traffic

Step 1: Registering secure ports Step 2: Specifying monitored IP addresses Step 3: Providing private keys Step 4: Associating ports and keys with monitored IP addresses

Verifying configuration changes

Making your data more meaningful Focusing on selected web applications and web sites

Monitoring selected IP addresses only Excluding subnets

Assigning user roles Next steps

Configuring traffic capture

Managing Sniffers

Defining Sniffers Testing Sniffer communications

Managing Archivers

Defining Archivers Testing Archiver communications Setting database shard span and retention periods

Managing capture groups

Planning capture groups Defining capture groups Assigning Sniffers and Archivers to capture groups Testing capture group communications

Managing sessionizing policies

Understanding the default sessionizing policy Deciding when to add more sessionizing policies Understanding how sessionizing policies are applied Defining sessionizing policies Sessionizing policies—Identifying user sessions

Discovering session identifier variables in cookies Identifying session identifiers in URL paths Defining session identifiers Prioritizing session identifiers

Sessionizing policies—Associating user names with user sessions

Discovering user names Capturing user names in a single sign-on environment Identifying user names in XML Understanding missing user names Defining username rules

Sessionizing policies—Targeting sessionizing policies to URL prefixes

Discovering URL prefixes Defining URL prefixes

Sessionizing policies—Defining when a session has ended

Managing monitored ports

Discovering ports Defining monitored ports

Managing monitored IP addresses

Discovering IP addresses Defining monitored IP addresses Displaying host names instead of IP addresses Monitoring secure (HTTPS) web traffic

Managing monitored subnets

Discovering subnets Defining monitored subnets

Managing identifiers for virtual addressing schemes

Defining identifiers Capturing originating client IP addresses Capturing server IP addresses Capturing host names

Managing private keys

Managing local private keys Managing HSM private keys

Managing web services and SOAP operations

Creating web services automatically from WSDL files Defining web services and SOAP operations

Configuring traffic analysis

Managing custom fields

Predefined custom fields Setting and updating the value of custom fields Defining custom fields

Managing custom metrics

Editing custom metrics

Managing security policies for sensitive hit details

Hiding or replacing sensitive hit details Omitting sensitive hit details from the database Defining sensitive hit details

Managing security policies for sensitive content

Hiding or replacing sensitive content Omitting sensitive content from the database Defining sensitive content expressions

Managing pivots

Understanding pivot categories Enabling pivot categories and defining their membership Enabling global pivots for web sites and endpoints

Configuring advanced options Managing domain rules

Discovering aliases Defining domain rules

Storing large hit details

Defining large hit details

Managing special events

Defining global stop criteria for sessions Defining global stop criteria for sequences Defining special events

Troubleshooting improperly classified URLs

Defining URL classifiers

Managing user agent rules

Defining new user agent rules Setting the execution order for rule files

Defining additional parsed response types Defining captured request body types Modifying traffic analysis options Managing scripts

Before you begin Determining requirements

Select an appropriate API Define output variables Decide when to execute the script Decide how many uncaught failures are allowed

Creating scripts Testing scripts Defining scripts

Configuring analyzers

Introducing hit analyzers

Reviewing default hit analyzers Tips for creating effective hit analyzers Configuring hit analyzers

Introducing sequence analyzers

Configuring sequence analyzers

Introducing session analyzers

Tips for creating effective session analyzers Configuring session analyzers

Summary of options by analyzer type Configuring conditions

Defining match conditions Defining error and warning conditions Grouping multiple conditions Defining conditions

Working with metrics

Understanding standard metrics Creating custom metrics Changing the name of metric topology objects Understanding pivots for analyzer metrics Publishing hit metrics for use in the Geographical Perspective dashboard Defining service level agreement thresholds

Updating custom fields

Updating the value of custom fields Creating new custom fields Defining custom field updates

Executing scripts

Executing scripts Creating new scripts

Defining storage policies

Defining hit storage restrictions for hit analyzers Defining storage options for sequence analyzers

Setting searchability options for analyzers

Defining options for hit analyzers Defining options for session analyzers

Defining events for sequence analyzers

Understanding sequence states Defining event conditions

Defining event conditions

Recording the order of triggered events Defining sequence events

Capturing traffic outside the network

Deciding when to add browser instrumentation Introducing the instrumentation components Configuring an instrumented monitoring solution Verifying instrumentation payloads are received Viewing metrics collected by instrumentation

Configuring advanced options

Configuring internal settings

Archiver query settings Replay settings Metadata settings

Substituting static page elements

Defining static page elements

Excluding subnets from data collection

Defining subnet filters

Integrating Foglight APM with other products

Integrating with CA SiteMinder

Adding SiteMinder Server definitions in Foglight Registering Foglight as a SiteMinder agent Adding SiteMinder to a sessionizing policy

Integrating with SafeNet Hardware Security Modules

Planning a Foglight–HSM integration Registering HSM servers in Foglight Generating SafeNet HSM client certificates Associating HSM keys with monitored IP addresses

Maintaining and troubleshooting

Checking the health of Foglight APM Appliances

Investigating issues with appliance health Summary of Appliance Health views

Managing configuration changes

Reviewing change versions Understanding configuration modules and objects Exporting configuration modules and objects Restoring and importing configurations Reviewing warnings

Creating support bundles Updating appliance software Restarting the embedded Agent Manager

Appendix: Building regular expressions in Foglight

What is a regular expression? Where can I find regular expressions? Regular expression basics

Building a simple pattern Building a pattern that matches a specific character Building a pattern that matches multiple characters Using advanced quantifiers Using special characters and regular expression flags Grouping elements in a pattern Additional information

Appendix: Traffic analysis processing

Understanding the traffic analysis workflow Stage 1: Run hit analysis Stage 2: Run sequence analysis Stage 3: Finalize stopped sequences Stage 4: Finalize the session Example of interdependent analyzers Online-Only Topics

Removing items from a table Defining extraction expressions Adding, copying, and editing archivers Testing archivers Configuring archiver database shard settings Adding, copying, and editing sniffers Testing sniffers Adding and editing capture groups Testing capture groups Adding and copying sessionizing policies Editing sessionizing policies Selecting session identifiers from a discovery list Adding and editing session identifier variables Organizing session identifiers Selecting user name variables from a discovery list Adding and editing username rules Selecting URL prefixes from a discovery list Adding or adding URL prefixes Selecting ports from a discovery list Adding or editing monitored ports Selecting IP addresses from a discovery list Adding or editing monitored IP addresses Looking up host names for all monitored IP addresses Associating private keys with IP addresses Selecting subnets from a discovery list Adding and editing monitored subnets Adding identifiers Editing identifiers Finding IP addresses in HTTP headers Configuring a custom HTTP header using Microsoft IIS Manager Adding and editing local private keys Adding and editing HSM private keys Exporting keys using Microsoft Management Console Adding or editing web services Importing WSDL files to define web services Managing custom fields and metrics Adding, copying, and editing custom fields Removing custom fields Editing custom metrics Removing custom metrics Managing sensitive data Adding, copying, and editing sensitive hit detail policies Adding, copying, and editing sensitive content expression policies Modifying members of pivot categories Selecting aliases from a discovery list Adding, copying, and editing domain rules Adding, copying, and editing large hit details Adding, copying, and editing URL classifiers Reviewing rules for browser category, browser, and operating system hit details Adding user-defined user agent rules Adding and editing additional parsed response types Adding and editing captured request body types Adding, copying, and editing scripts Removing scripts Referencing configuration objects in a script Testing regular expressions Syntax for test data Adding simple hit analyzers using the Setup Wizard Adding simple sequence analyzers using the Setup Wizard Adding analyzers Copying analyzers Editing analyzers Adding and editing conditions Creating a simple Boolean expression Creating a complex Boolean expression Disabling standard metrics generated by a hit analyzer Adding custom metrics Editing custom metrics Selecting pivot categories Breaking out metrics into dynamically-named topology objects Publishing metric timeslices for the Geographical Perspectives dashboard Changing SLA thresholds Adding custom field updates Editing custom field updates Adding scripts to an analyzer Editing scripts Creating new scripts on the fly Adding hit storage restrictions Editing hit storage restrictions Adding sequence events Editing sequence events Adding static page elements Editing static page elements Viewing resource files defined by static page elements Adding and editing subnet filters Exporting configurations Exporting encrypted configurations Restoring a previous configuration Importing saved configurations Importing hit analysis configurations from Foglight Experience Viewer Using the Import Configuration Wizard

• Viewing Topics 77 - 80 of 328

×

Monitoring secure (HTTPS) web traffic

To analyze HTTPS traffic, Sniffers need to be able to decrypt it. You need to list the IP addresses that handle HTTPS traffic and then associate private keys and HTTPS-enabled ports with each IP address.

 

TIP: If you do not want to analyze HTTPS traffic, you should avoid capturing it. Edit the monitored IP address and select the Ignore HTTPS option.

To monitor HTTPS traffic on an IP address, you need to complete the following tasks:

1	Register HTTPS-enabled ports used by your application. Port 443 is registered by default. If you need to register other HTTPS-enabled ports, see Managing monitored ports.

2

Specify the IP addresses that require private keys. In the Monitored IP Addresses dashboard, add IP addresses that use the HTTPS-enabled ports you specified. You only need to specify the IP addresses carrying secure traffic you are interested in decrypting. For more information, see Discovering IP addresses or Defining monitored IP addresses.

3	Provide private keys. Private keys can be stored locally or hosted in an HSM server. See Managing private keys.

4

Associate monitored IP addresses with private keys and ports. In the Monitored IP Addresses dashboard, click Private Keys icon in the row containing an IP address that handle HTTPS traffic. In the dialog box, select the private key and HTTPS-enabled port required by the selected IP address. For detailed instructions, see Associating private keys with IP addresses.

Managing monitored subnets

Monitored subnets enable you to track metrics for your intranet applications by subnetwork. A subnet (or subnetwork) is a subdivision of a network where the IP addresses of all devices share a common prefix. Using subnet masks, networks are divided into subnets based on security, performance, and physical requirements. If you are monitoring intranet applications, you may want performance metrics broken out by subnet.

To define and manage monitored subnets, navigate to APM > Configure > Traffic Capture > Monitored Subnets.

Figure 33. Monitored Subnets dashboard

In the Monitored Subnet dashboard, you can perform the following tasks:

•	Discovering subnets

•	Defining monitored subnets

Discovering subnets

When you run the Discovery tool from the Monitored Subnet dashboard, it examines monitored network traffic and constructs possible subnets that may be in use on your network. The Discovery tool cannot determine the exact subnets because that information is not available in the traffic. Instead, it uses client IP addresses extracted from IP headers in the traffic or from the x-forwarded-for HTTP request header, and constructs a class C subnet that might be in use on your network. You may need to edit the mask portion of the subnet to match your actual subnets. The tool updates the list continuously until you stop the discovery process.

Figure 34. Subnet Discovery dialog box

The following table summarizes the information found in each column of the Subnet Discovery dialog box. While the discovery process is active, the cumulative values start counting from the beginning of the discovery process and, at any given moment, reflect the current value as detected in the monitored traffic for each subnet. When you stop the process, the values reflect the last values collected for the subnets.

 

Table 20. Discovering subnets

Column Name	Description
Subnets	A list of subnets in use during the discovery process.
Client Packets	The number of packets transmitted from clients to the server through a port within the subnet. TIP: If the Client Packets count is zero and the Server Packet value is greater than zero, the network tap is not configured correctly. Contact your Network Administrator.
Server Packets	The number of packets transmitted from the server to clients through a port within the subnet. TIP: If the Server Packets count is zero and the Client Packet value is greater than zero, the network tap is not configured correctly. Contact your Network Administrator.
Ports	The port numbers of ports handling packets within the subnet.

You can select all the displayed subnets, or you can specify individual subnets by selecting their check boxes first.

Defining monitored subnets

When adding or editing a monitored subnet, you can set the following options.

 

Table 21. Defining monitored subnets

Option	Setting the Option
Name	Specify a unique name for the subnet. When selecting subnets from a discovery list, a default name is created using the IP address and subnet mask.
Geographic Location	Optional—select the browse button to select a type of location (City, Region, Country). You can then choose to monitor one city, region, or country. NOTE: Configuring a subnet by location makes the data for that subnet available for map-based dashboards in Foglight. When using the geographical location, traffic is categorized by location based on a subnet’s address.
CIDR Block	Specify an IP address and subnet mask, separated by a forward slash (/). For example: 177.18.1.0/7

Example

Figure 35. Add Monitored Subnet dialog box

•  前回
• Viewing Topics 77 - 80 of 328
• 次へ 

この文書を検索 すべての文書を検索

×

 サポートへようこそ

Quest *product*のオンラインサポートヘルプは、関連会社のサポートサイトで参照できます。「Continue（続行）」をクリックすると、*product*の適切なサポートコンテンツとアシスタンスへ移動します。

関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択