Converse agora com nosso suporte

Obtenha ajuda em tempo real
Concluir registro

Entrar

Solicitar preços

Entre em contato com o setor de vendas

AVALIAÇÕES GRATUITAS

Foglight APM for Real User Experience 5.9.9 - Administration and Configuration Guide

Navegação de conteúdo

Getting started

Understanding how Foglight captures real user data

Software components

Foglight Management Server Archiver Sniffer Browser instrumentation Relayer Archiver databases

Simplest monitoring solution Foglight APM Appliances and real user data

Logging in to Foglight Finding the Foglight APM dashboards Registering Sniffers and Archivers

Creating Capture Groups Registering Sniffers Registering Archivers

Verifying that you are capturing data Resolving gaps in traffic capture

Adding missing ports Capturing complete user sessions

Adding session identifier variables in cookies Adding other types of session identifier variables Prioritizing session identifiers

Monitoring secure web traffic

Step 1: Registering secure ports Step 2: Specifying monitored IP addresses Step 3: Providing private keys Step 4: Associating ports and keys with monitored IP addresses

Verifying configuration changes

Making your data more meaningful Focusing on selected web applications and web sites

Monitoring selected IP addresses only Excluding subnets

Assigning user roles Next steps

Configuring traffic capture

Managing Sniffers

Defining Sniffers Testing Sniffer communications

Managing Archivers

Defining Archivers Testing Archiver communications Setting database shard span and retention periods

Managing capture groups

Planning capture groups Defining capture groups Assigning Sniffers and Archivers to capture groups Testing capture group communications

Managing sessionizing policies

Understanding the default sessionizing policy Deciding when to add more sessionizing policies Understanding how sessionizing policies are applied Defining sessionizing policies Sessionizing policies—Identifying user sessions

Discovering session identifier variables in cookies Identifying session identifiers in URL paths Defining session identifiers Prioritizing session identifiers

Sessionizing policies—Associating user names with user sessions

Discovering user names Capturing user names in a single sign-on environment Identifying user names in XML Understanding missing user names Defining username rules

Sessionizing policies—Targeting sessionizing policies to URL prefixes

Discovering URL prefixes Defining URL prefixes

Sessionizing policies—Defining when a session has ended

Managing monitored ports

Discovering ports Defining monitored ports

Managing monitored IP addresses

Discovering IP addresses Defining monitored IP addresses Displaying host names instead of IP addresses Monitoring secure (HTTPS) web traffic

Managing monitored subnets

Discovering subnets Defining monitored subnets

Managing identifiers for virtual addressing schemes

Defining identifiers Capturing originating client IP addresses Capturing server IP addresses Capturing host names

Managing private keys

Managing local private keys Managing HSM private keys

Managing web services and SOAP operations

Creating web services automatically from WSDL files Defining web services and SOAP operations

Configuring traffic analysis

Managing custom fields

Predefined custom fields Setting and updating the value of custom fields Defining custom fields

Managing custom metrics

Editing custom metrics

Managing security policies for sensitive hit details

Hiding or replacing sensitive hit details Omitting sensitive hit details from the database Defining sensitive hit details

Managing security policies for sensitive content

Hiding or replacing sensitive content Omitting sensitive content from the database Defining sensitive content expressions

Managing pivots

Understanding pivot categories Enabling pivot categories and defining their membership Enabling global pivots for web sites and endpoints

Configuring advanced options Managing domain rules

Discovering aliases Defining domain rules

Storing large hit details

Defining large hit details

Managing special events

Defining global stop criteria for sessions Defining global stop criteria for sequences Defining special events

Troubleshooting improperly classified URLs

Defining URL classifiers

Managing user agent rules

Defining new user agent rules Setting the execution order for rule files

Defining additional parsed response types Defining captured request body types Modifying traffic analysis options Managing scripts

Before you begin Determining requirements

Select an appropriate API Define output variables Decide when to execute the script Decide how many uncaught failures are allowed

Creating scripts Testing scripts Defining scripts

Configuring analyzers

Introducing hit analyzers

Reviewing default hit analyzers Tips for creating effective hit analyzers Configuring hit analyzers

Introducing sequence analyzers

Configuring sequence analyzers

Introducing session analyzers

Tips for creating effective session analyzers Configuring session analyzers

Summary of options by analyzer type Configuring conditions

Defining match conditions Defining error and warning conditions Grouping multiple conditions Defining conditions

Working with metrics

Understanding standard metrics Creating custom metrics Changing the name of metric topology objects Understanding pivots for analyzer metrics Publishing hit metrics for use in the Geographical Perspective dashboard Defining service level agreement thresholds

Updating custom fields

Updating the value of custom fields Creating new custom fields Defining custom field updates

Executing scripts

Executing scripts Creating new scripts

Defining storage policies

Defining hit storage restrictions for hit analyzers Defining storage options for sequence analyzers

Setting searchability options for analyzers

Defining options for hit analyzers Defining options for session analyzers

Defining events for sequence analyzers

Understanding sequence states Defining event conditions

Defining event conditions

Recording the order of triggered events Defining sequence events

Capturing traffic outside the network

Deciding when to add browser instrumentation Introducing the instrumentation components Configuring an instrumented monitoring solution Verifying instrumentation payloads are received Viewing metrics collected by instrumentation

Configuring advanced options

Configuring internal settings

Archiver query settings Replay settings Metadata settings

Substituting static page elements

Defining static page elements

Excluding subnets from data collection

Defining subnet filters

Integrating Foglight APM with other products

Integrating with CA SiteMinder

Adding SiteMinder Server definitions in Foglight Registering Foglight as a SiteMinder agent Adding SiteMinder to a sessionizing policy

Integrating with SafeNet Hardware Security Modules

Planning a Foglight–HSM integration Registering HSM servers in Foglight Generating SafeNet HSM client certificates Associating HSM keys with monitored IP addresses

Maintaining and troubleshooting

Checking the health of Foglight APM Appliances

Investigating issues with appliance health Summary of Appliance Health views

Managing configuration changes

Reviewing change versions Understanding configuration modules and objects Exporting configuration modules and objects Restoring and importing configurations Reviewing warnings

Creating support bundles Updating appliance software Restarting the embedded Agent Manager

Appendix: Building regular expressions in Foglight

What is a regular expression? Where can I find regular expressions? Regular expression basics

Building a simple pattern Building a pattern that matches a specific character Building a pattern that matches multiple characters Using advanced quantifiers Using special characters and regular expression flags Grouping elements in a pattern Additional information

Appendix: Traffic analysis processing

Understanding the traffic analysis workflow Stage 1: Run hit analysis Stage 2: Run sequence analysis Stage 3: Finalize stopped sequences Stage 4: Finalize the session Example of interdependent analyzers Online-Only Topics

Removing items from a table Defining extraction expressions Adding, copying, and editing archivers Testing archivers Configuring archiver database shard settings Adding, copying, and editing sniffers Testing sniffers Adding and editing capture groups Testing capture groups Adding and copying sessionizing policies Editing sessionizing policies Selecting session identifiers from a discovery list Adding and editing session identifier variables Organizing session identifiers Selecting user name variables from a discovery list Adding and editing username rules Selecting URL prefixes from a discovery list Adding or adding URL prefixes Selecting ports from a discovery list Adding or editing monitored ports Selecting IP addresses from a discovery list Adding or editing monitored IP addresses Looking up host names for all monitored IP addresses Associating private keys with IP addresses Selecting subnets from a discovery list Adding and editing monitored subnets Adding identifiers Editing identifiers Finding IP addresses in HTTP headers Configuring a custom HTTP header using Microsoft IIS Manager Adding and editing local private keys Adding and editing HSM private keys Exporting keys using Microsoft Management Console Adding or editing web services Importing WSDL files to define web services Managing custom fields and metrics Adding, copying, and editing custom fields Removing custom fields Editing custom metrics Removing custom metrics Managing sensitive data Adding, copying, and editing sensitive hit detail policies Adding, copying, and editing sensitive content expression policies Modifying members of pivot categories Selecting aliases from a discovery list Adding, copying, and editing domain rules Adding, copying, and editing large hit details Adding, copying, and editing URL classifiers Reviewing rules for browser category, browser, and operating system hit details Adding user-defined user agent rules Adding and editing additional parsed response types Adding and editing captured request body types Adding, copying, and editing scripts Removing scripts Referencing configuration objects in a script Testing regular expressions Syntax for test data Adding simple hit analyzers using the Setup Wizard Adding simple sequence analyzers using the Setup Wizard Adding analyzers Copying analyzers Editing analyzers Adding and editing conditions Creating a simple Boolean expression Creating a complex Boolean expression Disabling standard metrics generated by a hit analyzer Adding custom metrics Editing custom metrics Selecting pivot categories Breaking out metrics into dynamically-named topology objects Publishing metric timeslices for the Geographical Perspectives dashboard Changing SLA thresholds Adding custom field updates Editing custom field updates Adding scripts to an analyzer Editing scripts Creating new scripts on the fly Adding hit storage restrictions Editing hit storage restrictions Adding sequence events Editing sequence events Adding static page elements Editing static page elements Viewing resource files defined by static page elements Adding and editing subnet filters Exporting configurations Exporting encrypted configurations Restoring a previous configuration Importing saved configurations Importing hit analysis configurations from Foglight Experience Viewer Using the Import Configuration Wizard

Step 4: Associating ports and keys with monitored IP addresses

A monitored IP address can have one or more keys associated with it. If your web server is configured to support multiple domains from the same IP address and TCP port number (using Server Name Identification (SNI)), you also need to select the domain when you select the key. For more information, see Monitoring secure web traffic.


	TIP: If the private key you need is not available in the Add Private Key dialog box, you need to add the key on the Private Keys dashboard. For more information, see Step 3: Providing private keys. If a port is not available, see Adding missing ports.

To associate private keys with an IP address:

1

Click APM > Configure > Traffic Capture > Monitored IP Addresses.

2

In the row containing the IP address, click Private Keys

.

The Monitored IP Addresses > Private Keys view appears. The table contains a list of private keys (if any) associated with the monitored IP address.

3

The Add Private Key dialog box appears.

a

From the Private Key list, select a key.

The list contains private keys that were previously defined on the Private Keys dashboard.

b

Select the port that carries web traffic encrypted using this private key.

The list contains monitored ports configured for HTTPS that were previously defined on the Monitored Ports dashboard.

c

Optional—if the private key is valid for a limited time, you can include the time frame so that you know when to request an updated key. Select Enforce Key Usage Time Frame, and specify the start date/time and the end date/time.

d

The private key appears in the table and is now associated with the IP address.

4

Repeat to add other private keys required by the device located at this IP address.

Verifying configuration changes

After you make your changes, run another default Search Hits search. If you are still missing hits for one of your applications, the application may not be actively handling web traffic. Use the application (log in or perform a task) to generate a hit and then run another Search Hits search. You may need to sort the results table or use the search box to locate the hit.


	TIP: The default search shows results for the last 15 minutes, so unless you wait 15 minutes after making a change to your configuration (or define a Simple Search with a shorter time range), you may continue to see some previously collected data in your new search results. By default, search results are sorted by the Time column, so hits captured after changes to your traffic capture configuration should appear at the top of the table.

If the hit you generated is still missing from your results, it may be that traffic for the application is not crossing one of the Sniffers’ tap points on the network. Contact your Network Administrator to discuss your options.

Making your data more meaningful

After you confirm that Sniffers are able to capture hit and session details for all the web traffic you want to monitor, you can evaluate the quality and completeness of your data. You may find areas where you can improve the quality of the data collected. You may also want to annotate the data with additional information to support searching and reporting tasks. Many customers choose to do some of these tasks now, during the initial configuration, and postpone other tasks until after they become familiar with the data collected.

Consider the situations/requirements and symptoms in the following table. If you want to make changes, click the link in the Instructions column to go to the relevant sections within this guide.


	NOTE: To locate the issues described in the Symptom column, in most cases you can start from the Search Hits results that you generated earlier in this workflow. For more information, see Verifying that you are capturing data.

Table 2. Making data more meaningful
Situation/Requirement	Symptom (in Search Hits results)	Instructions
The network uses a proxy server to route client traffic.	In the Client IP column, most of the hits are coming from the same client IP address.	Capturing originating client IP addresses
The network uses a load balancer, reverse proxy, or virtual IP addressing scheme.	In the Server IP column, most of the server IP addresses are the same.	Capturing server IP addresses
Identify user sessions by the user name.	Click Session Explorer beside any HTML hit. At the top of the Session Explorer, the User Name field is blank.	Sessionizing policies—Associating user names with user sessions
Map SOAP operations to web services.	First visit the web service to generate some hits. In the Search Hits dashboard, run a Simple Search and select the content category SOAP. In the search results, click Hit Detail View beside a SOAP hit. In the Hit Detail view, under Request Content, the SOAP Web Service Name field is blank.	Managing web services and SOAP operations
Annotate data with the subnet (for intranet applications).	None. You need to specify your subnets.	Managing monitored subnets
Search for data using the name of the analyzer that captured that data.	In the Simple Search and Expert Search dialog boxes, the Analyzer list is empty or incomplete.	Setting searchability options for analyzers
Annotate data with custom text.	None. You can define custom fields and create analyzers to insert the custom field into the database.	Managing custom fields
Generate custom metrics.	None. You can create analyzers to generate and update custom metrics.	Configuring analyzers
Migrate hit analysis filters and settings from Foglight Experience Viewer (FxV)	None. You can export your FxV hit analysis settings and import them as traffic analysis settings.

Focusing on selected web applications and web sites

You can often improve the usability of your data simply by focusing your data capture only on the web applications and web sites that you want to monitor. For example, you may not be interested in monitoring a web email application, but the hits associated with that application are cluttering your search results. Many customers choose to monitor traffic to and from selected web servers and application servers only. Another way to focus data capture is to avoid collecting data on subnetworks that carry intranet web traffic that you are not interested in.

This section covers the following topics:

•

Monitoring selected IP addresses only

•

Excluding subnets

Documentos relacionados

The document was helpful.

Selecione a classificação

I easily found the information I needed.

Selecione a classificação