Configuring rules for user-defined software services

Each software service can have a number of specific rules that define what is to be monitored and what additional options are in effect. You can also assign each software service to existing or newly created tiers and applications.

Overview

It is assumed that, for this task, you are already familiar with the concept of software services and that you know how to create and edit software services and how to open the Rules window.

After a user-defined software service is created, create a group of settings that comprise the rules for the software service. It is necessary to specify, at minimum, the IP addresses and port numbers for the software service.

To configure rules for a user-defined software service:

  1. Open a software service for editing.
  2. Open the Edit Rule window.
  3. On the Edit Rule screen, open the Services tab.

Services tab

Each software service has a different set of configuration options, so the set of tabs available on the Edit Rule screen depends on the software service (the context in which this screen was opened). However, all software services have a Services tab for basic configuration.

On the Services tab, select or clear Enabled to activate or deactivate the service definition.

In Rule description, type a brief description to identify the rule.

The description you enter is shown in the Rules table, in the column Rule Name. If no text is entered here, the IP address specified later is used as the description for this rule.

Optional: Select the Aggregate ports check box.

Using this feature, you can limit the unnecessary number of sessions. This is very useful for definitions of software services which utilize a wide range of ports.

Right-click in the Services table and select Add or Open from the context menu.

If there are many entries in this table, click in the table and then type some or all of an IP address to navigate to that entry. Also, you can click the magnifying glass icon or press [CTRL+F] to open a search box to limit the table view to only those rows that contain a match (in any column) to the search string.

The Service Details screen is displayed.

On the Service Details screen, in the IP address(es) fields, specify a server or a range of servers to monitor.

  • To monitor one server, enter a single server IP address in the left box and leave the right box empty.
  • To monitor more than one server (a range of servers), enter an IP address in each box to specify the low and high limits of the IP address range.

In the Port(s) fields, specify a port or a range of ports for the monitored service.

  • To monitor one port, enter a single port number in the left box and leave the right box empty.

  • To monitor more than one port (a range of ports), enter a port number in each box to specify the low and high limits of the port range.

    This can be useful when a software service is active on a number of predefined ports or changes ports dynamically. However, specifying more than one port for a service prevents the port number from being reported for that service. If you define more than one port for a particular service name and server IP address (by either specifying a range of ports, or by creating two or more distinct rules for the same service name and server IP address but with different port numbers), the NAM Probe reports the port number for this service as 0, causing the port number to be ignored in traffic reports.

Note

You can define up to 20000 definitions containing a server and a port. Each association of a server and a port counts as a single definition. Specifying a range of ports counts as providing many individual definitions.

On the NAM Server, the number of processed server definitions is limited by the license.

Advanced Configuration

On the Service Details screen, click Advanced to display the more advanced options. Options may vary according to  protocol.

Optional: Select the Client port(s) check box for reversed-direction protocols.

This option is available only to protocols such as X-Window whose client-server meanings are reversed. If you are uncertain, leave this option cleared.

Optional: Select or enter a Group name.

Part of URL auto learning configuration. By default, the URL auto-learning mechanism stores the URLs from all the servers defined in the software service in one pool. You can create separate pools within a single software service based on a number of servers. This way, you ensure the URLs monitored on a server with a lower traffic do not have to compete with URLs from a much larger server in terms of volume. You achieve this by assigning servers to groups within a single software service which translates to separate pools. To create a separate pool for a group of server, keep them under a common group name of your choice.

Note

It is important that grouping within the services definition is consistent. Defining services with that same IP address but different ports and assigning them to different groups results in the generation of redundant and irrelevant data.

Optional: Enter the Main server IP address.

If the monitored application runs on several servers that are linked together in a farm, you can monitor the farm as one virtual server. In this case, type the IP address that you want to use as your main server IP address.

Optional: Enter the NLB NAT masking IP address.

This is the IP address of the server masking the addresses of monitored servers. If the servers you intend to monitor reside behind an appliance that masks and replaces the addresses of the target servers, you need to set NLB NAT masking IP address to the IP address of the masking server.

Without doing so, the NAM Probe will see two unidirectional conversations instead of one bi-directional conversation between the servers and appliance:

  • The conversation between the client and server is observed and recorded (IP address A talking to IP address B)
  • When a response travels to the client, a different session (IP address C talking to IP address A) is recorded due to the server's IP address being replaced by the load balancer's IP address.

Unless you account for this, the NAM Server reports will return ambiguously granulated data. Using the NLB NAT masking IP address option will ensure that the NAM Probe monitors contiguous conversations.

Click OK to confirm your changes and close the Service Details window.

Optional: In the Client IP Configuration table, map client IP addresses to client group names.

Right-click in the table and select Add to add a new entry or Open to edit an existing entry.

The mapping allows you to catalog and report traffic going to the same server IP and port by associating client group names with the originating client IP. On the report, the client group name will be reported as a suffix to the software service name. Select Use internal IP address or Use external IP address to determine the software service name suffix. If you do not use suffixes, these options are not taken into account.

For example, a software service named “SQL” configured on a server located at 10.1.1.10 can be configured the following way:

  • Client IP address 10.1.1.1 and software service name suffix _ATLANTA
  • Client IP address 10.1.1.2 and software service name suffix _BOSTON

The system will differentiate the “SQL” software service traffic going to the server based on the client IP definition and report data for software service “SQL_ATLANTA” and “SQL_BOSTON” individually.

The default configuration, containing no client IP definitions, results in an empty client group name. Similarly, an empty group name is used if a client IP is not included in any of the defined IP ranges. This configuration makes it possible to obtain only the client group name.

The same client group name can be used in many client IP ranges. The configuration of each software service is individual per client group name. No cross-relations or cross-checks are performed between the definitions. It is possible to use a different name for the same client IP in each of the software services.

Other tabs

Again, each software service has a different set of configuration options, so the set of tabs available on the Edit Rule screen depends on the software service (the context in which this screen was opened).

  1. Configure the settings on the available tabs.

    The number of available configuration options depends on the analyzer. See the analyzer-specific section for more information.

  2. Optional: On the Options tab, define analyzer-specific options.

    The following list describes all possible options. Depending on the analyzer, some may be unavailable:

    Operation load time threshold

    An operation that takes more than this many seconds is considered slow. When Inherit from global setting is selected, the global setting is used. The global threshold value depends on the analyzer.

    Operation time threshold

    An operation that takes more than this many seconds is considered slow. When Inherit from global setting is selected, the global setting is used. To edit the global setting, open the NAM Probe configuration, select Global ► General and set the Operation time threshold.

    Server time threshold

    Server time threshold relates to the server time portion of an overall operation time. Server times above the threshold limit are considered to be slow due to the poor datacenter performance. When Inherit from global setting is selected, the global setting is used. To edit the global setting, open the NAM Probe configuration, select Global ► General and set the Server time threshold.

    Report SSL handshakes in NAM Server data

    When checked, the NAM Server generated data will contain all defined operations including SSL handshakes. You can turn off the SSL handshake operations globally per AMD or individually per software service for the NAM Server or ADS. When Inherit from global setting is selected, the global setting is used. To edit the global setting, open the NAM Probe configuration, select Global ► Front-End Monitoring ► SSL and set the Report defined operations in NAM Server data.

    Report SSL handshakes in ADS data

    When checked, ADS generated data will contain SSL handshakes data. You can turn off the SSL handshake operations globally per AMD or individually per software service for the NAM Server or ADS. When Inherit from global setting is selected, the global setting is used. To edit the global setting, open the NAM Probe configuration, select Global ► Front-End Monitoring ► SSL and set the Report SSL handshakes in ADS data.

    Report only errors in ADS data

    When checked, ADS generated data will contain only errors and slow operations. You can turn off the SSL handshake operations globally per AMD or individually per software service for the NAM Server or ADS. When Inherit from global setting is selected, the global setting is used. To edit the global setting, open the NAM Probe configuration, select Global ► Front-End Monitoring ► SSL and set the Report only errors in ADS data.

    SQL query time threshold

    A database query that takes more than this many seconds is considered slow. When Inherit from global setting is selected, the global setting is used. To edit the global setting, open the NAM Probe configuration, select Global ► Database Monitoring ► General and set the SQL query time threshold.

    Enable monitoring of persistent TCP sessions

    When this option is selected, the TCP sessions that do not start with SYN packets are monitored. By default, this option is selected.

    Persistent TCP sessions are TCP sessions for which the start was not recorded. They are also referred to as non-SYN sessions. These sessions can be included in the TCP statistics, based on the configuration properties you enable in the NAM Console. The inclusion of these sessions may render the statistics somewhat inaccurate and must be undertaken with care.

    Generate transactions and ADS data

    Select this option to provide the report server with, for example, raw HTTP traffic data enabling you to view the full HTTP request-response dialog.

    SQL Server uses dynamic ports

    This option only applies to the TDS analyzer.

    Select this option if the database engine you intend to monitor does not have a static port number assigned (for example, a named instance). In this case SQL Server Browser Service (SSBS) is used to discover the actual port of the service. The NAM Probe uses additional UDP analysis of the SSBS to discover the port number for the service you intend to monitor.

    If you select this option make sure that the connection details specified on the Services tab identify the SQL Server Browser Service (use the IP address of the server and the port number of the SSBS).

    Do not enable this option if your SQL Server uses static ports.

    Convert the XML content URL-encoding

    This check box defines whether the XML URL-encoding content is enabled. When Inherit from global setting is selected, the global XML setting is used.

    URL parameter name that contains URL encoded XML document

    Provide the parameter name that contains a URL encoded XML document. If this field is empty, the NAM Probe will not analyze XML documents sent in URL parameters.

  3. Configure availability.

    Select the Availability tab to configure the availability reporting at the software service level, overriding the global settings. The scope of failure reporting depends on an analyzer.

  4. Click OK.