Applies To:Show Versions
BIG-IQ Centralized Management
Enable HTTP Traffic Capturing
Reviewing captured traffic details
Configure traffic capturing for troubleshooting
- Go to.This screen lists the profiles that are configured for the managed BIG-IP devices in your network.
- Select the HTTP Analytics profile you wish to edit.Theanalyticsprofile is a default profile for all HTTP Analytics management. If you are creating a new HTTP Analytics profile, make sure to select theOverride Allcheck box to change the settings inherited by the parent profile.
- ForCaptured Traffic Internal Logging, selectEnableto manage the Capture Filter settings.AS3 AttributecapturedTrafficInternalLoggingOnce you enable a traffic capturing, the Capture Filter area becomes available. This allows you to further configure which traffic you would like to capture.
- (Optional) To send captured traffic to an external server, enableCaptured Traffic External Logging.AS3 AttributecapturedTrafficExternalLoggingTo specify Remote Publisher:externalLoggingPublisherOnce you enable this field, you can select a pre-configured server from theRemote Publisherfield.
- From theCapture Request DetailsandCapture Response Detailslists, select the options that indicate the part of the traffic to capture.Detail options for request and response capture:EntityDescriptionNoneSpecifies that the system does not capture request (or response) data.HeadersSpecifies that the system captures request (or response) header data only.BodySpecifies that the system captures the body of requests (or responses) only.AllSpecifies that the system captures all request (or response) data, including header and body.EntityAS3 AttributeCapture Request DetailsrequestCapturedPartsCapture Response DetailsresponseCapturedParts
- ForDoS Activity, select the option that indicates which DoS traffic is captured.OptionDescriptionAnySpecifies that the system captures any traffic regardless of DoS activity.Mitigated by Application DoSSpecifies that the system only captures DoS traffic if it was mitigated.AS3 AttributedosActivity
- ForProtocols, specify whether the system capturesAlltraffic, or traffic withHTTP, orHTTPSprotocols.AS3 AttributecapturedProtocols
- The HTTP content is not compressed
- The HTTP content-type istext/html.
- The HTTP content contains an HTML<head>tag
- Customize the dimension filters, according to your application needs, to capture the portion of traffic to that you need for troubleshooting.Dimension filters capture traffic according to defined aspects of the transaction's configuration, or header/payload contents. By focusing in on the data and limiting the type of information that is captured, you can troubleshoot particular areas of an application more efficiently. For example, capture only requests or responses, specific status codes or methods, or headers containing a specific string.EntityDescriptionAS3 AttributeResponse Status CodesSelectAllto capture traffic, regardless of the HTTP status response code.SelectOnlyto capture traffic with specific response status codes. To specify, add response status codes to theSelected Status Codeslist from theAvailable Status Codeslist.responseCodesHTTP MethodsSelectAllto capture traffic, regardless of the HTTP request method.SelectOnlyto capture traffic with requests that contain a specific HTTP method. To specify, add methods to theSelected Methodslist from theAvailable Methodslist.methodsURLSelectAllto capture traffic with requests for any URL.SelectStarts Withto only capture traffic with requests for URLs that start with a specific string.If you select this option, and leave the list blank, the system will not capture any traffic.SelectDoes not start withto capture traffic with requests for URLs except for those that start with a specific string.You can add up to 10 different strings to the list. If the list is blank, the system will capture traffic with requests for any URL.urlFilterTypeTo add URL prefixes:urlPathPrefixesUser AgentSelectAllto capture traffic sent from any browser.SelectContainsto only capture traffic sent from a browser that contains a specific string.You can add up to 10 different strings to the list. If the list is blank, the system will capture traffic sent from any browser.userAgentTo add User Agent substringsuserAgentSubstringsClient IP AddressSelectAllto capture traffic sent to, or from, any client IP address.SelectOnlyto only capture traffic sent to or from a specific client IP address.You can add up to 10 different IP addresses to the list. If the list is blank, the system will capture traffic sent to, or from, any IP address.clientIpsRequest Containing StringSelectAllto capture all traffic.SelectSearch infilter captured traffic that includes a specific string contained in the request.requestContentFilterSearchStringResponse Containing StringSelectAllto capture all traffic.SelectSearch infilter captured traffic that includes a specific string contained in the response.responseContentFilterSearchString
- ClickSave & Close.
Review captured traffic
- Device Traffic:.
- DDoS HTTP Analysis:.
- Local Traffic:.
- Navigate to one of the monitoring dashboards that display HTTP traffic data.
- Select theTraffic Capturingbutton above the charts.Selecting this option overlays captured traffic data over the charts, and adds a traffic capturing filter in the Dimensions pane.
- To filter captured traffic based on a specific host object, such as a BIG-IP system (BIG-IP Host Names), application (Applications Services), or virtual server (Virtual Servers), expand the dimension widgets in the Dimensions pane to the right of the charts.You can select multiple dimension objects from multiple dimensions. With each selection, the charts and dimensions filter displayed data according to your selections.
- To filter captured traffic based on server latency and payload volume metrics, expand theTraffic Capturing Filtersfound in the dimensions pane.For latency metrics, you can enter a range, or set a greater or less than filter value.
- To view traffic details, select a traffic capturing icon from within the chart to display an information table.You can click the rows within the displayed table to view additional request/response header and payload information.