F5 Logo MyF5
Search
  1. MyF5 Home
  2. Monitoring and Managing Applications Using BIG-IQ
  3. Monitoring Application Services
  4. Enable HTTP Traffic Capturing
  5. Configure traffic capturing for troubleshooting
Manual Chapter : Configure traffic capturing for troubleshooting

Applies To:

Show Versions Show Versions

BIG-IQ Centralized Management

  • 8.3.0, 8.2.0, 8.1.0, 8.0.0
Manual Chapter

Configure traffic capturing for troubleshooting

Before you begin, you need to ensure that AVR is provisioned on your managed BIG-IP devices, and that Statistics Collection is enabled on your BIG-IQ per device (
Devices
BIG-IP DEVICES
<DEVICE NAME>
STATISTICS COLLECTION
). Enabling Statistics Collection ensures that traffic data from BIG-IP is logged on BIG-IQ.
To view log messages on an external server, you must configure a Remote Publisher. For more information about configuring a Remote Publisher, see the
Managing Logs
 section of
BIG-IQ Centralized Management: Local Traffic and Network Implementations
 on
support.f5.com
.
You can configure your HTTP analytics profile to capture traffic headers and additional transaction details. Once configured, you can review captured traffic, based upon specific transaction parameters and performance thresholds.
  1. Go to
    Configuration
    LOCAL TRAFFIC
    Profiles
    .
    This screen lists the profiles that are configured for the managed BIG-IP devices in your network.
  2. Select the HTTP Analytics profile you wish to edit.
    The
    analytics
     profile is a default profile for all HTTP Analytics management. If you are creating a new HTTP Analytics profile, make sure to select the
    Override All
     check box to change the settings inherited by the parent profile.
  3. For
    Captured Traffic Internal Logging
    , select
    Enable
     to manage the Capture Filter settings.
    AS3 Attribute
    capturedTrafficInternalLogging
    Once you enable a traffic capturing, the Capture Filter area becomes available. This allows you to further configure which traffic you would like to capture.
  4. (Optional) To send captured traffic to an external server, enable
    Captured Traffic External Logging
    .
    AS3 Attribute
    capturedTrafficExternalLogging
    To specify Remote Publisher:
    externalLoggingPublisher
    Once you enable this field, you can select a pre-configured server from the
    Remote Publisher
     field.
  5. From the
    Capture Request Details
     and
    Capture Response Details
     lists, select the options that indicate the part of the traffic to capture.
    Detail options for request and response capture:
    Entity
    Description
    None
    Specifies that the system does not capture request (or response) data.
    Headers
    Specifies that the system captures request (or response) header data only.
    Body
    Specifies that the system captures the body of requests (or responses) only.
    All
    Specifies that the system captures all request (or response) data, including header and body.
    Entity
    AS3 Attribute
    Capture Request Details
    requestCapturedParts
    Capture Response Details
    responseCapturedParts
  6. For
    DoS Activity
    , select the option that indicates which DoS traffic is captured.
    Option
    Description
    Any
    Specifies that the system captures any traffic regardless of DoS activity.
    Mitigated by Application DoS
    Specifies that the system only captures DoS traffic if it was mitigated.
    AS3 Attribute
    dosActivity
  7. For
    Protocols
    , specify whether the system captures
    All
    traffic, or traffic with
    HTTP
    , or
    HTTPS
     protocols.
    AS3 Attribute
    capturedProtocols
  8. For
    Qualified for JavaScript Injection
    , you can select
    Qualified only
     to specify that the system only captures traffic that qualifies for JavaScript injection, which includes the following conditions:
    • The HTTP content is not compressed
    • The HTTP content-type is
      text/html
      .
    • The HTTP content contains an HTML
      <head>
       tag
    AS3 Attribute
    capturedReadyForJsInjection
  9. Customize the dimension filters, according to your application needs, to capture the portion of traffic to that you need for troubleshooting.
    Dimension filters capture traffic according to defined aspects of the transaction's configuration, or header/payload contents. By focusing in on the data and limiting the type of information that is captured, you can troubleshoot particular areas of an application more efficiently. For example, capture only requests or responses, specific status codes or methods, or headers containing a specific string.
    Entity
    Description
    AS3 Attribute
    Response Status Codes
    Select
    All
    to capture traffic, regardless of the HTTP status response code.
    Select
    Only
     to capture traffic with specific response status codes. To specify, add response status codes to the
    Selected Status Codes
     list from the
    Available Status Codes
     list.
    responseCodes
    HTTP Methods
    Select
    All
    to capture traffic, regardless of the HTTP request method.
    Select
    Only
     to capture traffic with requests that contain a specific HTTP method. To specify, add methods to the
    Selected Methods
     list from the
    Available Methods
     list.
    methods
    URL
    Select
    All
     to capture traffic with requests for any URL.
    Select
    Starts With
     to only capture traffic with requests for URLs that start with a specific string.
    If you select this option, and leave the list blank, the system will not capture any traffic.
    Select
    Does not start with
     to capture traffic with requests for URLs except for those that start with a specific string.
    You can add up to 10 different strings to the list. If the list is blank, the system will capture traffic with requests for any URL.
    urlFilterType
    To add URL prefixes:
    urlPathPrefixes
    User Agent
    Select
    All
     to capture traffic sent from any browser.
    Select
    Contains
     to only capture traffic sent from a browser that contains a specific string.
    You can add up to 10 different strings to the list. If the list is blank, the system will capture traffic sent from any browser.
    userAgent
    To add User Agent substrings
    userAgentSubstrings
    Client IP Address
    Select
    All
     to capture traffic sent to, or from, any client IP address.
    Select
    Only
     to only capture traffic sent to or from a specific client IP address.
    You can add up to 10 different IP addresses to the list. If the list is blank, the system will capture traffic sent to, or from, any IP address.
    clientIps
    Request Containing String
    Select
    All
     to capture all traffic.
    Select
    Search in
     filter captured traffic that includes a specific string contained in the request.
    requestContentFilterSearchString
    Response Containing String
    Select
    All
     to capture all traffic.
    Select
    Search in
     filter captured traffic that includes a specific string contained in the response.
    responseContentFilterSearchString
  10. Click
    Save & Close
    .
Your
analytics
 profile is now configured for traffic capturing.You can assign this profile to your virtual servers, if they do not yet have an Analytics profile configured.
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information