• Become a portal pro
• Download
• Print
• My Downloads ()

• Support
• Technical Documentation
• Foglight Experience Monitor 5.8.1
• Foglight Experience Monitor 5.8.1 - Installation and Administration Guide

Foglight Experience Monitor 5.8.1 - Installation and Administration Guide

Table of Contents  

Installing and configuring

Pre-installation considerations

Required hardware and network information Network taps

Installing Foglight Experience Monitor

Installing the appliance on the rack Connecting the appliance Making network connections Setting the appliance clock Entering required network information

Configuring the appliance

Using the web console and setup wizard Entering a permanent license key Configuring the Appliance Type Designating Time Servers Configuring protocols Detecting ports in use Configuring servers Completing the Setup Wizard

Maintaining the appliance Advanced configuration options

Appliance management Data monitoring Foglight Experience Monitor and Ixia Net Tool Optimizers

Multi-appliance clusters

About multi-appliance configurations Setting up High Availability (HA) mode

Configuring Probes for High Availability mode Deleting High Availability configurations

Aggregation of metrics and configuration

Aggregating metrics Configuration settings Storing report sets

Switching from stand-alone to clusters

Creating a cluster from a stand-alone appliance

Configuring the appliance

Network settings

Foglight Mail Network Time Servers (NTP) SNMP Other

User accounts

User account management Global user account options Increasing security for user account management and access privileges

Security settings on the appliance

Configuring the web server to use SSL

Report settings

Email groups Adding email groups Scheduled reports Metric categories Database metrics Baseline calculations Time frames Distribution metrics Percentile metrics Foglight metrics User agent transformations

Database configuration

Viewing the database page Viewing the database details page Resetting a database Resetting the configuration Exporting a configuration Importing a configuration Setting database retention Configuring remote database access Purging existing resources

Appliance integrity

Viewing system information System information in a multi-appliance setup Viewing and changing the license Database repair log

Updating the appliance

Installing an upgrade

Backing up and restoring data

Restoring a backup How backup works About the security of your appliance

Specifying monitored web traffic

Configuration settings Identifying protocols

Manually adding protocols and ports Automatically discovering ports Removing protocols Managing protocols on a Portal

Managing monitored servers

Manually adding a new server Automatically discovering servers Removing servers Editing server details Configuring server options Configuring SSL keys Exporting SSL keys from IIS Managing servers on a Portal

Using filters to exclude traffic Defining subnets

Manually adding subnets Automatically discovering subnets Checking for overlapping subnets Configuring a default subnet Removing subnet definitions Managing subnets on a Portal

Identifying user sessions

How user sessions are identified Configuring user session identification Defining user session options Configuring client IP tags Augmenting user sessions log information Using logout patterns to detect completed sessions

Monitoring instrumented web pages

Instrumenting web pages Configuring instrumentation options and metrics

Transforming monitored URLs

Managing URLs

Encoded and decoded URLs Setting URL encoding in the Resource List Setting URL encoding for user sessions metrics in the All Metrics View Filtering data in the Resource List

Processing and aggregating URLs

Sending URLs to the Foglight Experience Viewer Transforming URLs example using variable rules

Managing URL transformation rules Defining site rules

Declaring site rules Automatically discovering site rules Editing and removing site rules

Defining path rules

Segment rules as path rule components Segment rule actions Managing path rules Editing and removing path rules

Managing variable rules

Transforming query variables Transforming form variables Transforming session identification variables Performing actions on variable names and values

Using hints

Defining page hints Defining hit hints Defining asynchronous page hints Defining asynchronous hit hints Testing hints Deleting hints

Advanced URL options

"Show ports in URLs" option "Show parameters in URLs" option "Show HTTP request methods in URLs" option "POSTs with no content-type should be handled as XML" option Proxy tunneling "Do not strip the "www" prefix from URLs" option "Ignore 401 codes during NTLM authentication" option "Exclude redirections from metric calculations" option "Use HTML parser for page recognition" option Extensions Response codes

Managing applications

Integrating with CA SiteMinder

Communicating with SiteMinder

Integrating with SafeNet Hardware Security Modules (HSMs)

Configuring Foglight Experience Monitor to use SafeNet HSM Associating monitored SSL ports with HSM keys

Managing application components

Defining an application component Editing an application component Deleting an Application Component Defining an instrumented application component Editing an instrumented application component Deleting an instrumented application component

Managing services definitions

Configuring services auto-discovery Configuring synthetic transactions Managing existing service definitions Using alternative methods to define a service

Monitoring Microsoft Office SharePoint Servers

Configuring SharePoint monitoring Configuring how URLs display SharePoint and SOAP

Monitoring PeopleSoft applications

Monitoring PeopleSoft applications Configuring how URLs display

Monitoring Siebel applications

Monitoring Siebel applications Configuring how URLs display

Monitoring SOAP applications

Defining a SOAP application Modifying SOAP application definitions Defining a SOAP transaction Managing existing SOAP transaction definitions Mapping SOAP operations to a web service Adding and removing SOAP tags

Configuring enterprise-wide service levels

Setting enterprise-based service levels

Foglight components and the appliance

Connecting to the Foglight Experience Viewer

How Foglight Experience Monitor and Foglight Experience Viewer work together Connecting the appliance to your network Connecting Foglight Experience Viewer to a Foglight Experience Monitor Configuring monitoring appliances

Foglight Management Server

Ensuring product compatibility Setting up the Cartridge for FxM Configuring the appliance for data communication Exporting metrics to Foglight

Synthetic transaction scripts

Using the console program

Accessing the console program

Logging in using the Dell Remote Access Controller (DRAC) Logging in from Microsoft Windows Logging in from Linux and UNIX

Exploring the main menu Network configuration

Configuring the control device Configuring the auxiliary device settings Displaying information for monitor devices Advanced network settings

System date and time configuration

System date configuration System time configuration System timezone configuration

Database management Account management

Change password Enable and disable SSH access Enable and disable web access

Appliance update

Update from CD Update from PKG file Update from USB flash drive

Advanced options

Configuring the appliance type Configuring Foglight Experience Viewer settings Reset firewall to allow HTTP Add and remove network device Configuring the license More advanced options

System restart Troubleshooting

Sample output for NIC driver

Reporting system status Logging out of the console program

Troubleshooting the appliance

Common issues when installing the appliance

Appliance connection failure through a web browser All reports are empty Verify the network configuration and connectivity Verify the network tap configuration Verify the server configuration

Appliance runtime issues

Foglight Experience Monitor reports Report sets are not updating

Confirming system health

System performance System events Database performance Error rates

Using the appliance support tools

Install log Creating a support bundle Monitor NIC activity test TCP dump

Appendix: Third party software

Using X-Forwarded-For

Enabling the insert X-Forwarded-For in the HTTP profile iRule Configuring the web server to extract the IP address from the HTTP header

Appendix: Dell PowerEdge system appliance

Dell PowerEdge R300 and R310 Dell PowerEdge R610 Dell PowerEdge R710 Dell PowerEdge R720 Dell PowerEdge R730 Updating the Dell system firmware on the appliance

Accessing the drivers and downloads Downloading the ISO images Updating the firmware on the appliance

• Viewing Topics 265 - 268 of 278
•  Previous
• Next 

×

Using X-Forwarded-For

Using X-Forwarded-For

The X-Forwarded-For (XFF) HTTP header is a method for identifying the originating IP address of a client connecting to a web server through an HTTP proxy.

Without the use of XFF or another similar technique, any connection through the proxy reveals only the originating IP address of the proxy server. This makes the detection and prevention of abusive accesses significantly harder than if the originating IP address was available.

You can use a product such as Big-IP to translate the source IP address of the incoming packet to the original client IP address or what is referred to as a Secure Network Address Translation (SNAT).

A SNAT provides a secure mechanism for translating internal, non-routable addresses into routable addresses. When the BIG-IP system translates the source IP address of the incoming packet to the SNAT address, the web server sees the request as originating from the SNAT address, not the original client IP address.

 

NOTE: If the web servers are required to log the original client IP address for requests, the SNAT address translation behavior can become problematic.

To configure the BIG-IP system to insert the original client IP address in an X-Forwarded-For HTTP header, you can use one of the following methods:

•	Enable Insert XForwardedFor in the HTTP profile

•

iRule

For more information, see these topics:

•	Enabling the insert X-Forwarded-For in the HTTP profile

•

iRule

•	Configuring the web server to extract the IP address from the HTTP header

Enabling the insert X-Forwarded-For in the HTTP profile

Enabling the insert X-Forwarded-For in the HTTP profile

To configure the BIG-IP system to insert the original client IP address in an X-Forwarded-For HTTP header, perform the following procedure:

1	Log in to the BIG-IP Configuration utility.

2	Click Local Traffic.

3	Click Profiles.

4	Click HTTP from the Services list.

5	Click Create.

6	Type a name for the HTTP profile.

7	Select the Insert XForwarded For check box.

A list appears.

8	Select Enabled from the list.

9	Click Finished.

You must now associate the new HTTP profile with the virtual server.

iRule

To configure the BIG-IP system to insert the original client IP address in an X-Forwarded-For HTTP header using an iRule, perform the following procedure:

1	Log in to the BIG-IP Configuration utility.

2	Click Local Traffic.

3	Click iRules.

4	Click the Create.

5	Type a name in the Name field.

6	Copy and paste the following iRule in the Definition field:

when HTTP_REQUEST {

HTTP::header insert X-Forwarded-For [IP::remote_addr]

}

7	Click the Finished.

You must now associate the new iRule with the virtual server.

Configuring the web server to extract the IP address from the HTTP header

Once you have configured the BIG-IP system to insert the original client IP address in an HTTP header using an X-Forwarded-For HTTP header, you must also configure the web server to extract the IP address from the HTTP header, and log the IP address to the web server log file.

 

IMPORTANT: For specific details about using HTTP header information in log files, see the documentation provided by the vendor for your specific web server.

Apache web server

You can configure an Apache™ web server to extract the IP address from the X-Forwarded-For HTTP header and log the IP address to the web server log file by adding the appropriate logging directives to the Apache httpd.conf file. For example:

LogFormat "%v %{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" X-Forwarded-For

CustomLog /var/log/apache/www.example.com-xforwarded.log X-Forwarded-For

For more information about Apache logging, see the Apache documentation.

Microsoft IIS web server

You can configure the Microsoft® IIS web server to extract the IP address from the X-Forwarded-For HTTP header and log the IP address to the web server log file. To do so, you will need to download and install the IIS X-Forwarded-For ISAPI Log Filter from http://devcentral.f5.com.

The IIS ISAPI filter will look for the X-Forwarded-For HTTP header in the HTTP request. If the IIS ISAPI filter finds an X-Forwarded-For HTTP header in the HTTP request, it will replace the client IP address in the W3SVC log traces with the value of the X-Forwarded-For HTTP header.

•  Previous
• Viewing Topics 265 - 268 of 278
• Next 

Search this document Search all documents for this product-version Search all documents for this product Search all documents

×

 Welcome to Quest Support

You can find online support help for Quest *product* on an affiliate support site. Click continue to be directed to the correct support content and assistance for *product*.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating

© ALL RIGHTS RESERVED. Feedback Terms of Use Privacy