Chat now with support
Chat with Support

Foglight Experience Monitor 5.8.1 - User Guide

Installing and configuring Multi-appliance clusters Configuring the appliance Specifying monitored web traffic Transforming monitored URLs Managing applications Foglight components and the appliance Using the console program Troubleshooting the appliance Appendix: Third party software Monitoring the user experience Customizing reports The alarm system Integrating the appliance SOAP-based web services

Editing server details

You can change the display name and command processing time.

For every server listed on the Servers page, there exists a server IP address (under the Servers column), and a server name (under the Display Name column). The display name is used anywhere the server is mentioned in the web console.

By default, the server IP address is assigned as the server.

Every server listed on the Servers page has a Command Processing Time metric value associated with it. You can alter the threshold that determines the value of this metric following the steps defined below. For more information about this metric, see “Command Processing Time” in the Foglight Experience Monitor Metric Reference Guide.

1
Click the corresponding Edit link in the Settings column for the server for which you want to set the service level threshold.
For example, if you decide that the time to process commands should not exceed one second, enter 1000 (units are in milliseconds). The Command Processing Time Service Level metric shows you the percentage of commands whose processing time was under one second.

Configuring server options

The Server Options page provides the ability to configure a server identification tag and also to specify how the appliance filters the traffic that it is receiving.

1
2
In the Server IP Identification Tag box, type the name of HTTP header tag that the appliance will use to identify servers.
3
In the Traffic Filtering list, select a filtering type.
Table 11. Filtering types
Use PCAP1 Filter

Recommended. This option uses the PCAP filter for both TCP ports and IP addresses. It causes the system to apply the list of configured server IPs in a PCAP filter that it uses for each monitoring port.

This option is the most efficient mode of operation and it ensures that unwanted traffic does not appear in the metrics. This is the recommended setting because it incurs the lowest overhead on the system. If you select this option, a limit of 300 configured server IPs is enforced.

This option does not use a PCAP filter. The agent filters both the TCP ports and the IP addresses internally. It causes the system to apply the list of configured server IPs within the analysis layer of the FxM agent.

This option is less efficient than the Use PCAP filter option, but may be needed at sites where more than 300 server IPs need to be monitored.

This option uses the PCAP filter for TCP ports; IP addresses are not filtered. This causes the system to accept any and all server IPs that appear in the monitored traffic.

This option is not as efficient as the first two options, but may be needed at sites where the list of servers that need to be monitored is dynamic and, therefore, cannot be configured in advance.

NOTE: In Foglight Experience Monitor versions 5.6.2 (or earlier), this option was known as No filtering. When upgrading your system to version 5.6.3 (or later), the old No filtering option automatically becomes Use minimal filtering. The new No filtering option is now defined as specified below.

This option dictates that the traffic is not filtered either via PCAP or by the agent internally. Network traffic for any and all TCP ports and IP addresses is captured and analyzed by the system.

This option is the least efficient of the four options, but is required at sites where the IEEE 802.1ad specification (also referred to as 802.1QinQ) is employed.

The disadvantage to this option is that unwanted traffic may be monitored by the system and can appear in the metrics. This option also causes the greatest amount of overhead on the system.


1

PCAP (Packet CAPture) consists of an application programming interface (API) for capturing network traffic. UNIX®-like systems implement PCAP in the libpcap library; Windows® uses a port of libpcap known as WinPcap.


4
In the Maximum Frame Size box type the value for the largest jumbo frame size expected to be present in the monitored traffic. This setting must be at least 9,038 bytes but no more than 64,000 bytes. If the setting is too low, some traffic may be missed. Use caution when increasing the size, as this has an impact on system memory consumption. Generally, Quest Technical Support can advise you when this setting needs to be increased.

The Server Options page provides the ability to configure a server identification tag and also to specify how the appliance filters the traffic that it is receiving.

If your site uses a load balancer, the server IP addresses may not be available in the network traffic that the appliance is monitoring.

Consider the following conditions:

A load balancer that uses a virtual IP is typically configured to strip out server IP information in the IP layer of any communication it receives from its server farm. In this context, the physical server IPs remain hidden, and the appliance is unable to distinguish between unique servers. This means the appliance will not be able to break out metrics for each individual server.

This issue can be resolved by configuring each web server to insert an HTTP header tag that contains the server’s unique IP address (for example, header name: SERVER-ID, header value: “192.168.1.89”).

If you configure the appliance to recognize the tag as the Server IP Identification Tag (in this case, SERVER-ID), it can identify unique servers behind the load balancer. Actual server IP addresses can then be viewed in the web console (in this case, 192.168.1.89) instead of the load balancer’s virtual IP. These real server IPs appear when you auto-discover servers. For more information, see Automatically discovering servers.

This example shows you how to configure an HTTP header that will contain each server's physical IP address in Microsoft® Internet Information Services (IIS). This header will allow Foglight Experience Monitor to track metrics by server as described above.

1
On the web server, navigate to Start > Programs > Administrative Tools > Internet Information Server (IIS) Manager.
5
Select the HTTP Headers tab.
6
Click Add.
For example, SERVER-IP.
For example, 192.168.1.1 (a standard formatted IP address).
9

By default, when the appliance is set up for the first time using the Setup Wizard, it monitors HTTP traffic for each server listed on the Servers page. If any of your servers utilize secure HTTP (HTTPS), the appliance must be provided with each server’s private keys in order to decrypt the secure network traffic they process.

These keys are typically stored in encrypted format with an associated password. In order for the appliance to decode and analyze your HTTPS traffic, you need to provide both the key file and the associated password.

The key file and password can be uploaded to the appliance and stored locally in files that are hidden and encrypted. The secure key file needs to be in the PEM (Privacy Enhanced Mail), DER (Distinguished Encoding Rules) or PKCS12 format. For more information about SSL certificates and keys, see Exporting a Certificate to the Appliance:.

These files typically resemble the following sample:

Configuring SSL keys

Foglight Experience Monitor supports the following Secure Sockets Layer (SSL) and Transport Layer Security (TLS) cryptographic protocols:

When a server and the appliance communicate over SSL/TLS, a session first needs to be established (often referred to as SSL handshake). After a session has been opened, secure data can then be exchanged. This two-step process makes use of two different encryption algorithm types: key exchange algorithms, and bulk encryption algorithms.

There are various implementations of each algorithm type, and the server’s private key you are using must be supported by the appliance.

RSA

yes

Diffie-Hellman (DH)

no

Kerberos5

no

Fortezza

no

The following bulk encryption algorithms are supported:

1
In the Secure HTTP column, click the Configure link that corresponds with the server whose private keys are to be uploaded to the appliance.
2
Click Add SSL Key to display a window in which you can locate the file containing the private key.
3
Click Browse to open a dialog and locate the key.
6
Click OK to upload the key, thereby enabling HTTPS monitoring for the specified port on this server.
Each time you click OK, the private keys are uploaded to the appliance. Ensure you have provided private keys for all secure ports for each server that uses HTTPS.

Exporting SSL keys from IIS

The following example shows how to export an SSL certificate from Internet Information Services (IIS) using Microsoft® Management Console.

1
On the taskbar, click Start and then click Run.
2
Type mmc to open the Microsoft Management Console.
4
6
Click Next.
7
Select Local computer.
8
Click Finish.
9
Click OK in the Add/Remove Snap-in dialog box.
1
Expand the certificates list and navigate to Certificate > Personal > Certificates.
2
Right-click a certificate and select Select All Tasks > Export.
3
Click Next.
4
Select Yes, export the private key and click Next.
5
Ensure that Include all certificates in the certification path if possible and Enable strong protection are not selected.
6
Click Next.
8
Click Next.
10
Click Next.
11
Review the export settings and click Finish to export the certificate.
Related Documents