Applies To:Show Versions
- 14.1.3, 14.1.2, 14.1.0
Troubleshooting Applications by Capturing Traffic
Overview: Troubleshooting applications by capturing traffic
About prerequisites for capturing application traffic
- Provision Application Visibility and Reporting (AVR):.
- Create an iApps® application service (go to ), or configure at least one virtual server with a pool pointing to one or more application servers.
- On the Main tab, click.IfAnalyticsis not listed, this indicates that Application Visibility and Reporting (AVR) is not provisioned, or you do not have rights to create profiles.The HTTP Analytics screen opens.
- In the Profile Name column, clickanalytics(the name of the default profile).
- In the General Configuration area, clear theSamplecheck box from theTransaction Samplingfield.The system now analyzes all traffic to the associated virtual servers. This can improve the troubleshooting accuracy for captured traffic.
- Above the menu bar, click theProfiles: Analyticslink to return to the Analytics list screen.
- ClickCreate.The New HTTP Analytics profile screen opens.
- In theProfile Namefield, type a unique name for the Analytics profile.
- Select theCustomcheck box.
- ForTraffic Capturing Logging Type, specify where to store captured traffic.
- To store traffic locally, clickInternal. You can view details on the Captured Transactions screen. This option is selected by default.
- To store traffic on a remote logging server, clickExternaland provide the requested information.
- In the Associated Virtual Servers area, specify the virtual servers for which to capture application statistics:
Only virtual servers previously configured with an HTTP profile display in the list (because the data being collected applies to HTTP traffic). Also, you can assign only one HTTP Analytics profile to a virtual server; therefore, the list displays only virtual servers that have not been assigned an Analytics profile.Special considerations apply if using Analytics on a BIG-IP system with both Application Security Manager and Access Policy Manager, where security settings (in Portal Access webtop or an iRule) redirect traffic from one virtual server to another. In this case, you need to attach the HTTP Analytics profile to the second virtual server to ensure that the charts show accurate statistics.
- For theVirtual Serverssetting, clickAdd.
- From the Select Virtual Server popup that opens, select the virtual servers to include and then clickDone.
- If you want to make changes to any of the selections, above the Statistics Gathering Configuration area, select theCustomcheck box.
- In the Statistics Gathering Configuration area, forCollected Metrics, select additional statistics you want the system to collect from the requests:OptionDescriptionMax TPS and ThroughputCollects and logs statistics regarding the maximum number of transactions occurring per second (TPS) and the amount of traffic moving through the system.Maximum request and response throughput is collected and recorded separately. Each value is then displayed separately when you drill down into details of Transaction Outcomes ().HTTP Timing (RTT, TTFB, Duration)Collects and logs statistics regarding the HTTP request and response times, including round-trip time, time to first byte and overall transaction duration time.Page Load TimeCollects and logs statistics regarding the time it takes an application user to get a complete response from the application, including network latency and completed page processing.End-user response times and latencies can vary significantly based on geographic location and connection types.User SessionsCollects and logs statistics regarding the number of unique user sessions. ForTimeout, select the allowed minutes of user inactivity before the system considers the session to be over.ForCookie Secure Attribute, specify whether to secure session cookies:
By default, the system collects many metrics, including TPS, throughput, server latency, response time, network latency. You can select the metrics here, in addition to the ones already collected, once the Analytics profile is attached to one or more virtual servers.
- Always, the secure attribute is always added to the session cookie.
- Never, the secure attribute is never added to the session cookie.
- Only SSL, the secure attribute is added to the session cookie only when the virtual server has a client SSL profile (the default value).
- In the Capture Filter area, from theCapture RequestsandCapture Responseslists, select the options that indicate the part of the traffic to capture.OptionDescriptionNoneSpecifies that the system does not capture request (or response) data.HeadersSpecifies that the system captures request (or response) header data only.BodySpecifies that the system captures the body of requests (or responses) only.AllSpecifies that the system captures all request (or response) data, including header and body.
- ForDoS Activity, select the option that indicates which DoS traffic is captured.OptionDescriptionAnySpecifies that the system captures any traffic regardless of DoS activity.Mitigated by Application DoSSpecifies that the system only captures DoS traffic if it was mitigated.
- ForProtocols, specify whether the system only captures traffic withHTTP, orHTTPSprotocols.
- The HTTP content is not compressed
- The HTTP content-type istext/html.
- The HTTP content contains an HTML<head>tag
- Depending on the application, customize the remaining filter settings to capture the portion of traffic to that you need for troubleshooting.Virtual ServersSelectAllto capture traffic for all Virtual servers.SelectOnlyto capture traffic from specific virtual servers. To specify, add virtual servers to theSelected Virtual Serverslist from theAvailable Virtual Serverslist.NodesSelectAllto capture traffic from all nodes.SelectOnlyto capture traffic from specific nodes. To specify, add nodes to theSelected Nodeslist from theAvailable Nodeslist.Response Status CodesSelectAllto capture traffic, regardless of the HTTP status response code.SelectOnlyto capture traffic with specific response status codes. To specify, add response status codes to theSelected Status Codeslist from theAvailable Status Codeslist.HTTP MethodsSelectAllto capture traffic, regardless of the HTTP request method.SelectOnlyto capture traffic with requests that contain a specific HTTP method. To specify, add methods to theSelected Methodslist from theAvailable Methodslist.URLSelectAllto capture traffic with requests for any URL.SelectStarts Withto only capture traffic with requests for URLs that start with a specific string.If you select this option, and leave the list blank, the system will not capture any traffic.SelectDoes not start withto capture traffic with requests for URLs except for those that start with a specific string.You can add up to 10 different strings to the list. If the list is blank, the system will capture traffic with requests for any URL.User AgentSelectAllto capture traffic sent from any browser.SelectContainsto only capture traffic sent from a browser that contains a specific string.You can add up to 10 different strings to the list. If the list is blank, the system will capture traffic sent from any browser.Client IP AddressSelectAllto capture traffic sent to, or from, any client IP address.SelectOnlyto only capture traffic sent to or from a specific client IP address.You can add up to 10 different IP addresses to the list. If the list is blank, the system will capture traffic sent to, or from, any IP address.Request Containing StringSelectAllto capture all traffic.SelectSearch infilter captured traffic that includes a specific string contained in the request.Response Containing StringSelectAllto capture all traffic.SelectSearch infilter captured traffic that includes a specific string contained in the response.By focusing in on the data and limiting the type of information that is captured, you can troubleshoot particular areas of an application more quickly. For example, capture only requests or responses, specific status codes or methods, or headers containing a specific string.
Reviewing captured traffic
- On the Main tab, click.The Captured Transactions screen opens and lists all of the captured transactions.
- Optionally, use the time period and filter settings to limit which transactions are listed.
- In the Captured Traffic area, click any transaction that you want to examine.Details of the request display on the screen.
- Review the general details of the request.The general details, such as the response code or the size of the request and response, help with troubleshooting.
- For more information, clickRequestorResponseto view the contents of the actual transaction.Review the data for anything unexpected, and other details that can help troubleshoot the application.
- On the Captured Transactions screen, clickClear Allto clear all previously captured data records (including those not displayed on the screen) and start collecting transactions again.The system captures up to 1000 transactions locally and displays them on the screen. Captured transactions are visible a few seconds after they occur.