Manual Chapter :
Using Local Traffic Policies with Analytics
Applies To:
Show VersionsBIG-IP AAM
- 15.1.10, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0
BIG-IP APM
- 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.10, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0
BIG-IP Analytics
- 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.10, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0
BIG-IP Link Controller
- 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.10, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0
BIG-IP LTM
- 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.10, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0
BIG-IP PEM
- 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.10, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0
BIG-IP AFM
- 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.10, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0
BIG-IP DNS
- 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.10, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0
BIG-IP ASM
- 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.10, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0
Using Local Traffic Policies with Analytics
Overview: Using local traffic policies with Analytics
When you attach an Analytics (AVR) profile to a virtual server, the BIG-IP system can gather, log, notify, and display statistical information about the
traffic. You can associate a local traffic policy with a virtual server to further define which
transactions to include or exclude in the statistics. Rules in the local traffic policy can
enable or disable AVR for whatever type of traffic you want to define. You might want to do this
to save system resources by not deploying Analytics on parts of the traffic that you are not
interested in monitoring.
This implementation shows how to create an HTTP Analytics profile to store statistics locally.
It then describes how to create a local traffic policy and add rules to the policy so that the
Analytics module saves statistics for all traffic except that which has a URI containing the word
index
. (In this case, you are not interested in monitoring traffic
directed towards index pages.) Other options are available for configuring local traffic policies with Analytics. By following
through the steps in this example, you can see the other options that are available on the
screens, and can adjust the example for your needs.
Collecting application statistics locally
You need to provision the Application
Visibility and Reporting (AVR) module before you can collect application
statistics locally.
You can configure the BIG-IP system to
collect specific application statistics locally.
- On the Main tab, click.IfAnalyticsis not listed, this indicates that Application Visibility and Reporting (AVR) is not provisioned, or you do not have rights to create profiles.The HTTP Analytics screen opens.
- ClickCreate.The New HTTP Analytics profile screen opens.
- In theProfile Namefield, type a unique name for the Analytics profile.
- From theParent Profilelist, select the profile from which you want to inherit settings.The default profile is often used as the parent profile.The new profile inherits the values from the parent profile. If the parent is changed, the inherited values in the new profile also change.
- Select theCustomcheck box.
- For theStatistics Logging Typesetting, verify thatInternalis selected. If it is not, select it.SelectingInternalcauses the system to store statistics locally, and you can view the charts on the system by starting at the Main tab, and clicking .
- You can use the default values for the rest of the General Configuration settings.
- In the Associated Virtual Servers area, specify the virtual servers for which to capture application statistics:
- For theVirtual Serverssetting, clickAdd.
- From the Select Virtual Server popup that opens, select the virtual servers to include and then clickDone.
Only virtual servers previously configured with an HTTP profile display in the list (because the data being collected applies to HTTP traffic). Also, you can assign only one HTTP Analytics profile to a virtual server; therefore, the list displays only virtual servers that have not been assigned an Analytics profile.Special considerations apply if using Analytics on a BIG-IP system with both Application Security Manager and Access Policy Manager, where security settings (in Portal Access webtop or an iRule) redirect traffic from one virtual server to another. In this case, you need to attach the HTTP Analytics profile to the second virtual server to ensure that the charts show accurate statistics. - In the Statistics Gathering Configuration area, select theCustomcheck box.
- In the Statistics Gathering Configuration area, forCollected Metrics, select additional statistics you want the system to collect from the requests:OptionDescriptionMax TPS and ThroughputCollects and logs statistics regarding the maximum number of transactions occurring per second (TPS) and the amount of traffic moving through the system.Maximum request and response throughput is collected and recorded separately. Each value is then displayed separately when you drill down into details of Transaction Outcomes ().HTTP Timing (RTT, TTFB, Duration)Collects and logs statistics regarding the HTTP request and response times, including round-trip time, time to first byte and overall transaction duration time.Page Load TimeCollects and logs statistics regarding the time it takes an application user to get a complete response from the application, including network latency and completed page processing.End-user response times and latencies can vary significantly based on geographic location and connection types.User SessionsCollects and logs statistics regarding the number of unique user sessions. ForTimeout, select the allowed minutes of user inactivity before the system considers the session to be over.ForCookie Secure Attribute, specify whether to secure session cookies:
- Always, the secure attribute is always added to the session cookie.
- Never, the secure attribute is never added to the session cookie.
- Only SSL, the secure attribute is added to the session cookie only when the virtual server has a client SSL profile (the default value).
By default, the system collects many metrics, including TPS, throughput, server latency, response time, network latency. You can select the metrics here, in addition to the ones already collected, once the Analytics profile is attached to one or more virtual servers. - In the Statistics Gathering Configuration area, forCollected Entities, select additional entities to collect statistics for each request.By default, the system collects many entity statistics, including virtual servers, pool members, browser names, operating system, and so on. You can select the ones here in addition to the ones already collected once the Analytics profile is attached to one or more virtual servers.When you selectURLs,Countries,Client IP AddressesorClient Subnetsyou have additional options configure specific statistics filtering options.OptionDescriptionURLsSaves the URLs that were requested.CountriesSaves the name of the country where the request came from, and is based on the client IP address criteria.Client IP AddressesSaves the IP address where the request originated. The address saved also depends on whether the request has an XFF (X-forwarded-for) header and whether the HTTP profile accepts XFF headers.Client SubnetsSaves statistics for predefined client subnets. Client subnets can be added in the Subnets area of the default HTTP Analytics profile.Response CodesSaves HTTP response codes that the server returned in response to requests.User AgentsSaves information about browsers making the request.MethodsSaves HTTP methods in requests.OS and BrowsersSaves information about the operating system and browser making the request.
- In the Statistics Gathering Configuration area, forCollect URLs, you can configure whether the system collects traffic from all or from specific URLs.
- SelectAllto collect traffic from all URLs.By default, the system collects traffic from all URLs, when you selectURLsfrom theCollected Entitieslist.
- SelectOnlyto collect traffic from specific URLs.
- Specify the URLs for which to capture traffic and clickAdd. You can add up to 10 URLs to the list.If you selectOnlyand leave the list empty, the system collects traffic data from all URLs.
- In the Statistics Gathering Configuration area, forCollect Countries, you can configure whether the system collects traffic from all or from specific countries.
- SelectAllto collect traffic from all countries.By default, the system collects traffic from all countries, when you selectCountriesfrom theCollected Entitieslist.
- SelectOnlyto collect traffic from specific countries.
- Specify the countries for which to capture traffic. Select from the Available Countries list and use the arrow keys to move each country to the Selected Countries list. You can add up to 10 countries to the Selected list.If you selectOnlyand leave the list empty, the system collects traffic data from all countries.
- In the Statistics Gathering Configuration area, forCollect Client IP Addresses, you can configure whether the system collects traffic from all or from specific client IPs.
- SelectAllto collect traffic from all client IP addresses.By default, the system collects traffic from all client IPs, when you selectClient IP Addressesfrom theCollected Entitieslist.
- SelectOnlyto collect traffic from specific client IP addresses.
- Specify the client IP addresses for which to capture traffic and clickAdd. You can add up to client IP addresses to the list.If you selectOnlyand leave the list empty, the system collects traffic data from all client IP addresses.
- In the Statistics Gathering Configuration area, forCollect Client Subnets, you can configure whether the system collects traffic from all or from specific client subnet IPs.
- SelectAllto collect traffic from all subnets.By default, the system collects traffic from all subnets, when you selectClient Subnetsfrom theCollected Entitieslist.
- SelectOnlyto collect traffic from specific subnets.
- Specify the subnet IPs for which to capture traffic and clickAdd. You can add up to 10 subnet IPs to the list.You can filter the listed subnets by one type of IP protocol. Adding both IPv4 and IPv6 protocols results in an error.If you selectOnlyand leave the list empty, the system collects traffic data from all subnets.
- ClickFinished.
The BIG-IP system collects the
statistics specified in the Analytics profile. You can view the statistics
by clicking
.Creating a local traffic policy for Analytics
Before you can create a local traffic policy for Analytics, you need to provision
the Application Visibility and Reporting (AVR) module.
You can create a local traffic policy to define which traffic should be included
(or excluded) from Analytics statistics collection. This example creates one rule that
looks at all traffic and excludes traffic that has the word "index" in the
URI.
- On the Main tab, click.The Policy List Page screen opens.
- ClickCreate.The New Policy screen opens.
- In thePolicy Namefield, type a unique name for the policy.
- For theStrategysetting, selectfirstto apply the actions in the first rule that matches.
- If you see aTypesetting, leave it set toTraffic Policy.
- ClickCreate Policy.The Draft Policy screen opens.
- In the Rules area, clickCreateto create a rule that defines when traffic is handled by the security policy.
- In theNamefield, type the wordindex.
- In the Match all of the following conditions area, click+and specify these conditions:
- For the first condition, selectHTTP URI.
- For the second condition, selectpath.
- For the third condition, selectcontains.
- For the fourth condition, by the field belowany of, typeindexand clickAdd.
This rule looks for requests with a URI that contains the word "index". - In the Do the following when the traffic is matched area, click+and specify the actions:
- For the first action, selectDisable.For the second action, selectavr.
- ClickSaveto add the rule to the local traffic policy.The policy properties screen opens.
- Create a default rule that tells the system to store statistics for all other traffic.
- In the Rules area, clickCreate.
- In theNamefield, type the worddefault.
- LeaveMatch all of the following conditionsset toAll traffic.
- In the Do the following when the traffic is matched area, click+.
- For the actions, selectEnable, thenavr.
- ClickSaveto add the rule to the local traffic policy.
- To save the updated policy, clickSave Draft.The Policy List Page opens.
- Select the check box next to the draft policy you edited, and clickPublish.
You have created and published a local traffic policy that controls Analytics. It
looks at all traffic and disables statistics gathering for any request that includes the
word
index
in the URI. For all other traffic, statistics are
collected.Associating a
published local traffic policy with a virtual server
After you publish a local traffic policy, you
associate that published policy with the virtual server created to handle application
traffic.
- On the Main tab, click.The Virtual Server List screen opens.
- Click the name of the virtual server you want to modify.
- On the menu bar, clickResources.
- In the Policies area, click theManagebutton.
- For thePoliciessetting, select the local traffic policy you created from theAvailablelist and move it to theEnabledlist.
- ClickFinished.
The published policy is associated with the virtual server.