Overview: Troubleshooting applications by capturing traffic
This implementation describes how to set up the BIG-IP® system to collect application traffic so that you can troubleshoot problems that have become apparent by monitoring application statistics. For example, by examining captured requests and responses, you can investigate issues with latency, throughput, or reduced transactions per second to understand what is affecting application performance.
When Application Visibility and Reporting (AVR) is provisioned, you can create an analytics profile that includes traffic capturing instructions. The system can collect application traffic locally, remotely, or both. If the system is already monitoring applications, you can also update an existing analytics profile to make it so that it captures traffic.
The system logs the first 1000 transactions and displays charts based on the analysis of those transactions. To see additional application statistics, you can clear the existing data to display additional statistics.
Prerequisites for capturing application traffic
After you finish a basic networking configuration of the BIG-IP® system, you must complete the following tasks as prerequisites for setting up application statistics collection:
- Provision Application Visibility and Reporting (AVR):
- Create an iApps™ application service ( , or configure at least one virtual server with a pool pointing to one or more application servers.
You can set up the system for capturing traffic locally or remotely (or both).
Capturing traffic for troubleshooting
- On the Main tab, click Tip: If Analytics is not listed, this indicates that Application Visibility and Reporting (AVR) is not provisioned and you need to provision it first.
The Analytics screen opens and lists all Analytics profiles that are on the system.
- Click Create. The New Analytics Profile screen opens.
- In the Profile Name field, type a name for the Analytics profile. Names must begin with a letter, and can contain only letters, numbers, and the underscore (_) character.
- To the right of the General Configuration area, click the Custom check box. The settings in the area become available for modification.
- For Traffic Capturing Logging Type, specify where to store captured traffic.
OPTION DESCRIPTION Internal Stores traffic locally and you can view details on the Statistics: Captured Transactions screen. This option is selected by default. External Stores traffic on a remote logging server if one is already configured on your network. If you select this check box, configure the Remote Server IP Address and Server Port number.Tip: If you specify remote logging for multiple applications, you can use the Facility filter to sort the data for each.
- In the Included Objects area, specify the virtual servers for which to capture performance statistics:
Note: You need to have previously configured the virtual servers (with an HTTP profile) for them to appear in the list. Also, you can assign only one Analytics profile to a virtual server so only virtual servers that have not been assigned an Analytics profile are listed.
- For the Virtual Servers setting, click Add. A popup lists the virtual servers that you can assign to the Analytics profile.
- From the Select Virtual Server popup list, select the virtual servers to include and click Done.
- In the Capture Filter area, from the Capture Requests and Capture Responses lists, select the options that indicate the part of the traffic to capture.
OPTION DESCRIPTION None Specifies that the system does not capture request (or response) data. Header Specifies that the system captures request (or response) header data only. Body Specifies that the system captures the body of requests (or responses) only. All Specifies that the system captures all request (or response) data.
- Depending on the application, customize the remaining filter settings to capture the portion of traffic to use for troubleshooting.
Tip: Focusing in on the data by limiting the type of information that is captured lets you troubleshoot particular areas of an application more quickly. For example, capture only requests or responses, specific status codes or methods, or headers containing a specific string.
- Click Finished.
Reviewing captured traffic
- On the Main tab, click . The Captured Transactions screen opens and lists all of the captured transactions.
- Optionally, use the Filter settings to limit which transactions are listed. For each setting you want change, perform these steps:
- Click Only.
- Click the adjacent field. A popup window opens listing items (that is, applications, virtual servers, pool members, and so on) from the captured traffic.
- Select the item whose traffic you want to examine.
- In the Captured Traffic area, click any transaction that you want to examine. Details of the request display on the screen below.
- Review the general details of the request.
Tip: The general details, such as the response code or the size of the request and response, may help with troubleshooting.
- For more information, click Request or Response to view the contents of the actual transaction. Review the data for anything unexpected, and other details that will help with troubleshooting the application.
- On the Captured Transactions screen, click Clear All to clear the previously captured data and start collecting transactions again. The system captures up to 1000 transactions and displays them on the screen. Captured transactions are visible approximately 10 seconds after they occur.