Manual Chapter :
Configure traffic capturing for troubleshooting
Applies To:
Show Versions
BIG-IQ Centralized Management
- 8.3.0, 8.2.0, 8.1.0, 8.0.0
Configure traffic capturing for troubleshooting
Before you begin, you need to ensure that AVR is provisioned on your managed BIG-IP devices, and that Statistics Collection is enabled on your BIG-IQ per device (
). Enabling Statistics Collection ensures that traffic data from BIG-IP is logged on BIG-IQ.To view log messages on an external server, you must configure a Remote Publisher. For more information about configuring a Remote Publisher, see the
Managing Logs
section of BIG-IQ Centralized Management: Local Traffic and Network Implementations
on support.f5.com
.You can configure your HTTP analytics profile to capture traffic headers and additional transaction details. Once configured, you can review captured traffic, based upon specific transaction parameters and performance thresholds.
- Go to.This screen lists the profiles that are configured for the managed BIG-IP devices in your network.
- Select the HTTP Analytics profile you wish to edit.Theanalyticsprofile is a default profile for all HTTP Analytics management. If you are creating a new HTTP Analytics profile, make sure to select theOverride Allcheck box to change the settings inherited by the parent profile.
- ForCaptured Traffic Internal Logging, selectEnableto manage the Capture Filter settings.AS3 AttributecapturedTrafficInternalLoggingOnce you enable a traffic capturing, the Capture Filter area becomes available. This allows you to further configure which traffic you would like to capture.
- (Optional) To send captured traffic to an external server, enableCaptured Traffic External Logging.AS3 AttributecapturedTrafficExternalLoggingTo specify Remote Publisher:externalLoggingPublisherOnce you enable this field, you can select a pre-configured server from theRemote Publisherfield.
- From theCapture Request DetailsandCapture Response Detailslists, select the options that indicate the part of the traffic to capture.Detail options for request and response capture:EntityDescriptionNoneSpecifies that the system does not capture request (or response) data.HeadersSpecifies that the system captures request (or response) header data only.BodySpecifies that the system captures the body of requests (or responses) only.AllSpecifies that the system captures all request (or response) data, including header and body.EntityAS3 AttributeCapture Request DetailsrequestCapturedPartsCapture Response DetailsresponseCapturedParts
- ForDoS Activity, select the option that indicates which DoS traffic is captured.OptionDescriptionAnySpecifies that the system captures any traffic regardless of DoS activity.Mitigated by Application DoSSpecifies that the system only captures DoS traffic if it was mitigated.AS3 AttributedosActivity
- ForProtocols, specify whether the system capturesAlltraffic, or traffic withHTTP, orHTTPSprotocols.AS3 AttributecapturedProtocols
- ForQualified for JavaScript Injection, you can selectQualified onlyto specify that the system only captures traffic that qualifies for JavaScript injection, which includes the following conditions:
- The HTTP content is not compressed
- The HTTP content-type istext/html.
- The HTTP content contains an HTML<head>tag
AS3 AttributecapturedReadyForJsInjection - Customize the dimension filters, according to your application needs, to capture the portion of traffic to that you need for troubleshooting.Dimension filters capture traffic according to defined aspects of the transaction's configuration, or header/payload contents. By focusing in on the data and limiting the type of information that is captured, you can troubleshoot particular areas of an application more efficiently. For example, capture only requests or responses, specific status codes or methods, or headers containing a specific string.EntityDescriptionAS3 AttributeResponse Status CodesSelectAllto capture traffic, regardless of the HTTP status response code.SelectOnlyto capture traffic with specific response status codes. To specify, add response status codes to theSelected Status Codeslist from theAvailable Status Codeslist.responseCodesHTTP MethodsSelectAllto capture traffic, regardless of the HTTP request method.SelectOnlyto capture traffic with requests that contain a specific HTTP method. To specify, add methods to theSelected Methodslist from theAvailable Methodslist.methodsURLSelectAllto capture traffic with requests for any URL.SelectStarts Withto only capture traffic with requests for URLs that start with a specific string.If you select this option, and leave the list blank, the system will not capture any traffic.SelectDoes not start withto capture traffic with requests for URLs except for those that start with a specific string.You can add up to 10 different strings to the list. If the list is blank, the system will capture traffic with requests for any URL.urlFilterTypeTo add URL prefixes:urlPathPrefixesUser AgentSelectAllto capture traffic sent from any browser.SelectContainsto only capture traffic sent from a browser that contains a specific string.You can add up to 10 different strings to the list. If the list is blank, the system will capture traffic sent from any browser.userAgentTo add User Agent substringsuserAgentSubstringsClient IP AddressSelectAllto capture traffic sent to, or from, any client IP address.SelectOnlyto only capture traffic sent to or from a specific client IP address.You can add up to 10 different IP addresses to the list. If the list is blank, the system will capture traffic sent to, or from, any IP address.clientIpsRequest Containing StringSelectAllto capture all traffic.SelectSearch infilter captured traffic that includes a specific string contained in the request.requestContentFilterSearchStringResponse Containing StringSelectAllto capture all traffic.SelectSearch infilter captured traffic that includes a specific string contained in the response.responseContentFilterSearchString
- ClickSave & Close.
Your
analytics
profile is now configured for traffic capturing.You can assign this profile to your virtual servers, if they do not yet have an Analytics profile configured.