• United States (English)
• Brazil (Português)
• China (中文)
• France (Français)
• Germany (Deutsch)
• Italy (Italiano)
• Japan (日本語)
• Korea (한국어)
• Mexico (Español)

• Sign In
• Create Support Account

FREE TRIALS

• Become a portal pro
• Print
• My Downloads ()

• Support
• Technical Documentation
• Foglight APM for Real User Experience 5.9.11
• Foglight APM for Real User Experience 5.9.11 - Installation and Setup Guide

Foglight APM for Real User Experience 5.9.11 - Installation and Setup Guide

Table of Contents  

Installation overview

Introducing the monitoring architecture

Software components

Foglight Management Server Archiver Sniffer Browser Instrumentation Relayer Archiver databases

Ports used by Foglight APM

Appliance types Typical monitoring solutions

Monitoring physical networks Monitoring virtual networks Mixing physical and virtual appliances Adding Foglight APM to an existing Foglight installation

Installing physical appliances

Before you begin

Physical appliance components Other network components required Anatomy of an appliance

Planning an installation of physical appliances

Public network switch Private network switch for the capture subnet Network taps

Monitoring individual web servers Monitoring web server farms

Network information required for physical appliances

Installing appliances on a network rack Connecting appliances to the network Connecting Sniffers

Connecting Sniffers to network taps Connecting Sniffers to Archivers

Connecting one Sniffer to one Archiver Connecting Sniffers to Archivers

Starting physical appliances and configuring remote access Launching the Console Program remotely with DRAC

Installing virtual appliances

Monitoring multiple ESXi hosts

Monitoring multiple hosts through a centralized Sniffer Monitoring multiple hosts using local Sniffers Mixing virtual and physical appliances Scaling out a multiple host configuration Installing virtual appliances to monitor multiple hosts

Monitoring a single ESXi host

All-on-one-host variation Scalability Installing virtual appliances to monitor a single host

Before you begin

Software environment Foglight APM OVF templates Required port groups RAID configuration Network information for virtual appliances

Creating port groups on virtual switches

Configuring port groups on a distributed switch

Creating a Monitoring Network port group required by Sniffers Creating the Capture Network port group required by Sniffers and Archivers Creating a virtual adapter for the Capture Network port group

Configuring port groups on a standard switch

Deploying Foglight virtual templates Deploying the Foglight virtual Sniffer template Connecting virtual appliances on different servers Powering on virtual appliances

Setting up appliances

Logging in to the Console Program Enabling SSH and changing the default password Setting the date and time Specifying network settings Exiting the Console Program Launching Foglight Configuring software components

Working with appliance-hosted Management Servers

Configuring Management Server settings Configuring the Management Server to work with SSL keys

Creating a new SSL key for Foglight HTTPS access Using an existing SSL key for Foglight HTTPS access Configuring Foglight for secure remote LDAP access

Restricted file access Transferring support files from a physical appliance

Transferring files to Windows systems Transferring files to Linux systems

Troubleshooting appliance-hosted Management Servers Differences from working with server-hosted Management Servers

Setting up server-hosted Management Servers

Server requirements

Downloading and installing 256-bit encryption files Disabling the NetBIOS over TCP/IP setting

Installing Foglight APM cartridges Communicating with Sniffer and Archiver appliances Configuring Federated Children Enabling High Availability mode

Maintaining appliances

Launching the Console Program

Accessing physical appliances using SSH on Microsoft Windows systems Accessing physical appliances using SSH on UNIX systems

List of tasks available from the main menu Managing user accounts

Adding new user accounts Modifying user accounts and enabling SSH Removing user accounts

Modifying the time zone, time, or date Modifying the list of NTP servers for physical appliances Modifying network settings Shutting down appliances Rebooting appliances Updating software

Upgrading from a PKG file Displaying the upgrade log

Testing network settings Stopping and starting processes Reviewing the appliance system details and health status Reviewing the status of NIC devices Verifying monitored traffic by port Purging and resetting Archiver databases Creating support bundles Creating TCP dump files Accessing the home directory Creating Dell report archives on physical appliances

Backing up and restoring physical appliances

Setting up appliances as NetVault clients

Enabling an appliance's NetVault client Registering an appliance in NetVault

Running and restoring backups

Stopping Foglight and running a backup Restoring backups

Preparing a new appliance Restoring a backup

Appendix: Troubleshooting

Diagnosing Sniffer issues

Overview of the Sniffer test Running the Sniffer test Investigating and resolving issues in monitored traffic

Understanding packet drops with SPAN ports and aggregation network taps Expanding full partitions on virtual appliances

Expanding the size of virtual disks Expanding the size of partitions

• Viewing Topics 77 - 80 of 137

×

Using an existing SSL key for Foglight HTTPS access

To use an existing SSL key for Foglight HTTPS access:

1	Convert your existing certificate and private key into a PKCS12 file using the following command from the OpenSSL toolkit:

openssl pkcs12 -export -in server.crt -inkey server.key \

-out server.p12 -name some-alias \

-CAfile ca.crt -caname root

2	When prompted, enter a password for the PKCS12 file.

 

IMPORTANT: Failing to put a password on the PKCS12 file, generates a “null reference” exception when you try to import it.

3	Log into the appliance’s command line shell (see Accessing the home directory) and securely copy (scp) the PKCS12 file onto the Foglight APM appliance.

4	Run the following script to import the PKCS12 file into Foglight.

/opt/quest/foglight/config.appliance/import_pkcs12_file.sh \

<pkcs12 file> <pkcs12 file password> <openssl -name argument>

5	Verify the server.console.httpsonly = “true” entry is uncommented in the /opt/quest/foglight/config.appliance/appliance.config file.

6	Restart Foglight by typing: rcfoglight restart

Configuring Foglight for secure remote LDAP access

Use the following instructions if you need to encrypt communication between the Management Server and the LDAP server.

To encrypt communication between Management Server and LDAP:

1	Acquire the LDAP server certificate in .pem format from the administrator.

2	Log into the appliance's command line shell (see Accessing the home directory) and securely copy (scp) the LDAP server certificate file onto the Foglight APM appliance.

3	Import the LDAP server certificate using the following script:

/opt/quest/foglight/config.appliance/import_ldap_cert.sh <ldap certificate file>

4	On the navigation panel, under Dashboards, click Administration > Users & Security > Directory Services Settings.

5	Under LDAP Locations, click Edit.

6	Specify the LDAP server URL in the following format:

ldaps://ldap_server_host_name:636

 

NOTE: The port number for LDAP over SSL is usually 636. Confirm the exact port number with your LDAP server administrator.

7	Restart the Management Server.

Restricted file access

For security purposes, file access is restricted. You have access to the following directories for the specified activities:

•	/opt/quest/foglight — Read/write access to the appliance.config file for configuration purposes. All other files in this directory and its subdirectories are read-only.

•	/home/<current_user_account> — Read/copy files to or from this directory for Support purposes. For instructions, see Transferring support files from a physical appliance.

•	opt/quest/foglight/ — Read/delete log files in the following directories:

•	/opt/quest/foglight/logs/

•	/opt/quest/foglight/fglam/state/default/logs/

Transferring support files from a physical appliance

Transferring support files from a physical appliance

Generally speaking, you do not need to transfer files manually. Support-related activities, such as creating a support bundle or installing patches and hotfixes, can be done using the tools located under the APM > Support menu in the Foglight browser interface. The browser facilitates file transfers. For example, after creating a support bundle, the browser automatically initiates a file download to your workstation.

Occasionally, Quest Support representatives may ask you to create a support bundle or TCP dump from the Console Program on an appliance. In this case, to transfer files, you need to use a Secure Copy Protocol (SCP) utility. File transfers are permitted from the home directory of the logged in user. SSH must be enabled on this account. For more information, see Modifying user accounts and enabling SSH.

The following procedures describe how to use SCP utilities to transfer files to Windows® and Linux® systems:

•	Transferring files to Windows systems

•	Transferring files to Linux systems

•  Previous
• Viewing Topics 77 - 80 of 137
• Next 

Search this document Search all documents

×

 Welcome to Quest Support

You can find online support help for Quest *product* on an affiliate support site. Click continue to be directed to the correct support content and assistance for *product*.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating