|Oracle® Real User Experience Insight User Guide
Release 4.5.1 for 64-bit Intel Linux
Part Number E12486-02
This chapter explains the tasks performed by the Administrator. These include monitoring the status of the system, performing backups and upgrades, working with the log file, and issuing messages to system users.
The Administrator can check the system's condition, and receive automatic status monitoring messages on the Status page. To reach this page, select System, and then Status. An example is shown in Figure 9-1:
Figure 9-1 Status Page
Through the Status page, you can the status of the attached Collectors and the log file process, the current level of processing within the system, and the error log. You can also configure which users are notified (and how) about a system status error.
Be aware that the system status indicator shown in Figure 9-1 is only updated when the browser screen is refreshed. If one or more of the system processes are found to be failing, a system alert can be generated (as described in Section 9.3, "Configuring System Failure Alerts"). Therefore, the situation can arise that a process is shown temporarily as failing (with a red cross), but no alert is generated. This is because the system status indicator has returned to normal by the time the system processes are checked.
Due to this design, when an alert is triggered, it is recommended that you regard it as a warning that the system is starting to fail. A failure can be the result of a system delay that is larger than the boundaries set the default (such as the latency between a hit on the monitored line, and the moment the information based on that hit is available in the Reporter, may not be long enough). This latency may be out of boundary within a high-traffic environment. A failure may also be the result of a temporary peak in traffic. However, if this condition persists, it is recommended that you review the monitored traffic level.
You can view the status of each Collector attached to the system by selecting System, then Status, and then Collector status. It opens the Network data Collectors window. An example is shown in Figure 9-2.
Figure 9-2 Network Data Collectors
The System (localhost) refers to the Collector instance on the Reporter system. Other Collectors within the network are represented by their IP address. For each Collector, the following menu options are available:
View statistics: displays a detailed report of the traffic monitored by the Collector. An example is shown in Figure 9-3. This is described in more detail in the following section.
Configure: opens a sub-menu through which you can configure security-related settings for the selected Collector. These are following described in Chapter 8, "Managing Security-Related Information."
The information shown in this window (Figure 9-3) refers to the traffic monitored since midnight for the selected Collector, or the counters were reset. The Uptime field in the bottom left-hand corner of the window shows the time the Collector has been running. The uptime is reset when the Collector is restarted to update its configuration. You can reset all HTTP request counters shown in the window by selecting Reset counters from the View menu. Note that the counters will be reset the next time a network packet is detected. Hence, on an installation with no network traffic, the counters will never be reset. The display is automatically refreshed every two seconds.
Figure 9-3 Collector Statistics Window
The tabs available in the top-left part of the part of the window provide a detailed breakdown of the traffic monitored by the selected Collector. They are explained in Table 9-1:
Table 9-1 Collector Statistics Report Tabs
Provides information on the available network interfaces for data collection. The number of interfaces and their status depends on the system configuration. Note that you will not see any "normally" configured interfaces. For each available interface, the name (in the form ethx), utilization (that is, current bandwidth), and state are displayed. For each interface, the state can be indicated as "OK", "Down", "Not configured", "Not active", or "Not promiscous" (the network adapter is only able to see traffic sent to its MAC address).
Provides a breakdown of the raw packet data transmitted over the monitored ports in terms of its protocols (such as IPv4 and ARP), and the number of measured frames. The "Truncated" listing indicates corrupted or dropped frames.
Provides an analysis of the TCP stream. The following counters are reported:
The following network error meters are also shown:
Provides an analysis of the monitored HTTP stream. In particular, the type of requests (such as GET or POST) they contain.
Reports the encryption method used for packets of encrypted data. In particular:
Errors related to SSL key management are reported. In particular:
Information about (currently) unsupported encryption:
The Decrypt errors gauge indicates the connections which could not be decrypted. This can be caused by several reasons, such as the master key could not be decrypted, session keys were incorrectly computed, or a segment could not be decrypted.
Provides a breakdown of the monitored encrypted data in terms of the employed encryption algorithm. The Used column indicates the amount (percentage) of total monitored SSL encrypted traffic that used an encryption algorithm, and the Errors column indicates the percentage of measured SSL encryption which failed (that is, could not be read).
Reports on the impact to the Collector. Note that if the peak load nears 100%, immediate action should be taken to prevent data being dropped by the Collector. See Section 8.2.2, "Limiting Overall Traffic" about traffic sampling. If this does not provide a solution, it is also recommended that you contact Customer Support.
To attach a new Collector to the system, select Register remote Collector from the Configuration menu. The Register Collector dialog shown in Figure 9-4 appears.
Figure 9-4 Register Collector dialog
Specify the IP address of the new system and, optionally, a brief description. When ready, click Register. See the Oracle User Experience Insight Installation Guide for more information about the configuration requirements for Collector systems.
Note:This facility is also available by selecting System, then Status, and then Collector status. Note that users who are not authorized as the Administrator will receive a read-only version of this interface.
In addition to being notified about KPI and SLA violations, you can also configure alerts for system failure. It is strongly recommended that you do so to ensure prompt action in the case of system problems. To do so, select System, then Status, and then Status notification. The dialog that appears is similar to that described in Section 5.5.1, "Alert Profiles".
Note:The system status alerting does not consider any alerting schedules or escalation levels. When configuring alerts, ensure all user information (such as e-mail addresses and telephone numbers) is correctly specified for the people who should be notified in case of system status failures. Note also that the system status check is run every 10 minutes. Hence, if a system failure is indicated in Figure 9-1, you may not immediately receive an alert about it, but when the scheduled system check is run.
You can open an overview of the monitored network traffic by selecting System, then Status, and then Data processing. This provides you with immediate information about hits, pages, and session processing, as well as the system load. An example is shown in Figure 9-5:
Figure 9-5 Data Processing Dialog
Important:In order for RUEI to correctly report on monitored traffic, it is strongly recommended that you regularly review this traffic summary. If necessary, review the RUEI configuration accordingly. For example, add additional cookie technologies. In addition, if the system is unable to track sessions, proper tracking of transactions will also not be available because transaction reporting requires session tracking.
You can create backups of your system's current configuration, and restore it if necessary. It is recommended that you regularly make backups. Note that backups only contain the system settings. For security reasons, SSL keys and collected data are not included.
To create or restore a backup, do the following:
Select System, then Maintenance, and then Backup and restore. The Backup and restore dialog shown in Figure 9-6 appears.
Figure 9-6 Backup and Restore Dialog
Use the radio buttons to selected the required operation. When ready, click Next.
You are prompted to specify the location for the created or restored file.
Note:The generated backup file contains large amounts of information intended for Customer Support use only. Do not try to modify the file's contents.
You can issue messages to system users to keep them informed about important system events or operational issues. For example, scheduled maintenance periods, installation of service packs, or reported problems. The messages you post are displayed in the Messages area of the user's dashboard (see Figure 1-2). You can create new messages, or re-configure existing messages.
To create a system message, do the following:
Select System, then Messaging, and then New message. The dialog shown in Figure 9-7 appears:
Figure 9-7 New Message Dialog
Specify a brief descriptive title for the message.
Specify the content of the message. It is recommended that you try to keep this as brief as possible.
Use the Date fields to specify when the message should appear on users' message areas. Note the last three messages in the user's message stack are displayed. Hence, the message will remain on users' screens until either three new messages have been displayed, or you explicitly remove the message.
Use the Recipients field to specify the user roles that will receive the message. By default, messages are sent to all system users.
Figure 9-8 Message Components
When ready, click Save to create the message, or Cancel to discard the message.
The message is displayed in the Messages section of the appropriate users' dashboard (see Figure 1-2).
To change an existing message (for example, to modify its text or recipients), right click the message, and select Edit from the menu. You can then modify the message's properties using the dialog shown in Figure 9-7.
In addition to the status information described in Section 9.1, "Monitoring the Status of the System", RUEI maintains an error log. This file contains a record of all system events. Normally, it should be empty. If any error is reported in the file, you should contact Customer Support.
To view the error log, select System, then Status, and then Error log. A listing of the file's current contents appears. Within the error log, you can select the following options from the File menu:
Reload: refreshes the displayed file with any event information that occurred since you opened the file.
Mark as read: all events reported in the error file are also reported in the message area (see Figure 1-2). Use this option to clear the Status indicator. That is, return it to status OK.
Download: saves the error log as an ASCII text file. It is recommended that you save the error log and have it ready when contacting Customer Support.
Close: closes the error log file.
RUEI supports the use of text message notifications. In order to make use of this facility, all text message providers that you are planning to use must be configured and known to the system. To manage your provider information, select System, then Maintenance, and then Text message providers. The dialog shown in Figure 9-9 appears.
Figure 9-9 Text Message Accounts Dialog
Do the following:
Click « Add new account » to define a new text message provider. The dialog shown in Figure 9-10 appears.
Figure 9-10 Select Text Message Provider Dialog
Select the required text message provider from the list. It contains a number of predefined supported services. Each of these require an account with the associated provider. When ready, click Next. A dialog similar to the one shown in Figure 9-11 appears.
Important:If you specify a local GSM modem, a GSM modem must be installed on the system. The installed local modem must be a USB or serial GSM ETSI 07.05-compliant modem.
Figure 9-11 Account Detail Dialog
The exact fields available within the dialog depend on the provider selected in Figure 9-10. For example, if you selected a local GSM modem, you are required to specify the local port and baud rate for the modem. If not known, automatic detection is available. Optionally, you can also specify a SIM PIN (if one is required).
If you selected the predefined Mollie or Clickatell services, you are required to specify the user name, password, originator, API ID, and protocol sending method used for the account. These should have been given to you by your account provider. When ready, click Save. You returned to the dialog box shown in Figure 9-9.
Right click the providers in the list and use the Move up and Move down options to control a provider's position in the list. Providers are tried in the order they appear in the list. Hence, the first account is tried and, on failure, the second one, and so on.
When ready, click Close to leave the dialog.
If you experience problems with the use or operation of RUEI, you can contact Customer Support. However, before doing so, it is strongly recommended that you create a Helpdesk report file of your system. To do so, select System, then Configuration, and then Helpdesk report. You are then prompted to specify a location to which the file should be downloaded.
This file contains extended system information that is extremely useful to Customer Support when handling any issues that you report.
Please note that this file contains software proprietary information. Do not try to modify its content.
To view the status of network data collectors, or to add new ones, select System, then Maintenance, and then Network Data Collectors. The use of this facility is the same as that described in Section 9.2, "Viewing the Status of the Collectors".
The RUEI software uses core components of the underlying operating system, together with core functionality based on third-party software. To view the status of this underlying layer, select System, then Maintenance, and then Environment check. A window similar to the one shown in Figure 9-12 appears.
Figure 9-12 Environment Check Dialog
This window provides you with an overview of the available external components and their status. For each component there is a status indicator, and a short description of what was found on the system. Ensure that all components are indicated as status OK. If necessary, resolve any reported errors with your system administrator. When ready, click Close.
If you experience unexplained problems, you can restart processing to ensure that it is operating properly and synchronized. Note that selection of this option will result in a temporary delay in data availability and monitoring.
In the last resort, you can remove all collected data from the system. Alternatively, you can reset all parameters (such as created users and environment parameters) to their out-of-the-box default values.
To reset the system, do the following:
Select System, then Maintenance, and then System reset. The System reset wizard shown in Figure 9-13 appears.
Figure 9-13 System Reset Wizard
Select the required option:
Restart system processing to reactivate system processing. This is the default.
Purge collected data to remove all collected data from the system.
Reset to factory defaults to remove all collected data and SSL keys, and resets all system parameters to their default values.
When ready, click Next.
Caution:The Purge collected data and Reset to factory defaults options are irreversible. All collected data will be erased. In the case of Reset to factory defaults, all system settings will also be returned to their original state. Therefore, a complete initial configuration will be required before you have access to the Reporter interface. If you have previously created a backup (described in Section 9.5, "Creating and Restoring Configuration Backups"), you can restore this backup after initial configuration. This initial configuration is described in the Oracle Real User Experience Insight Installation Guide.
As explained in Section 2.2, "Using the Mailing Facility", RUEI can send automatic e-mails of requested reports. This facility uses the information specified during the initial configuration phase (described in the Oracle Real User Experience Insight Installation Guide). However, this configuration can be changed by selecting System, then Maintenance, and then Mail setup. The Mail setup dialog shown in Figure 9-14 appears.
Figure 9-14 Mail Setup Dialog
Use this dialog to specify the following information:
Return address: specifies the e-mail address to which failed or problem e-mails are reported. It is strongly recommended that this an address that is regularly checked.
From address: specifies the address that the recipient sees in their mail client.
Reply-to address: specifies the address that users can click within an e-mail to reply to an e-mail. If this is not specified, the From address is used.
Mail size limit: specifies the maximum message size (in kilobytes) allowed for e-mails. Note that if an e-mail contains reports that exceed this limit, the system will try to split up the reports into individuals e-mails to overcome this limitation. Reports that are too large to be sent individually are not sent, and the user is informed of the problem. The default mail size limit is 5000.
As explained in Section 1.6, "Customizing Your Environment", users can customize the formatting settings used in their sessions. They can specify the characters used for the decimal point indicator and the thousand separator, and the date format that should be used. The administrator can also specify defaults for these settings on a system-wide basis by selecting System, then Maintenance, and then Formatting preferences.
To start working with user definitions, select System, and then User management. The screen shown in Figure 9-15 appears.
Figure 9-15 User Management
This screen lists the currently defined system users. The role and status of each registered user is shown through the color-coded scheme explained in Figure 9-16:
Figure 9-16 User Roles and Status
To create a new user, do the following:
Figure 9-17 New User Dialog
Within the Details tab, enter the user name by which the user will be known within your RUEI installation. This must be a unique name.
Enter the user's full name.
Specify and confirm a password for the new user. Note that after initial creation, the user is required to change their password within seven days. For further information on password security policies, see Section 9.15.4, "Enforcing Password Security Policies".
Note:Within RUEI, passwords are case sensitive, while user names are not. It is recommended that you do not include any diacritic characters, such as u-umlaut.
Optionally, use the Disabled check box to disable the user at this time. You are free to enable them later.
Figure 9-18 New User (Permissions) Dialog
Within the Permissions tab shown in Figure 9-18, use the check boxes and radio buttons to specify the permissions to be assigned to the new user. The Business and IT access rights are described in Table 1-3.
Click Save to create the user definition. You are returned to the user list shown in Figure 9-15.
Note:In addition to the settings described above, there are a number of additional settings (such as language, mailing type, and so on) that are set to their default values when a user is created. These additional settings can also be modified using the procedure described in Section 1.6, "Customizing Your Environment".
Figure 9-19 User Menu
The following options are available:
Edit: allows you modify a user's definition. This is described in Section 9.15.3, "Modifying a User's Settings".
Switch to: allows you to temporarily change to the selected user. This is useful if you want to view the modules and reports that they are authorized to see. Select Switch back from the View menu to return to your own role.
Remove: deletes the selected user from the system's user administration. Note that any private reports that the user created are also deleted. However, public reports created by the user remain available to other users.
To change the settings for an existing user, do the following:
Figure 9-20 Edit User Dialog
Optionally, modify any of the displayed information. Note that the fields shown with a red asterisk indicate they are mandatory. That is, they can not be left blank. You can use the Disabled check box to prevent the user from using this account. You are free to enable them later. The Locked check box is normally activated automatically after a user has failed to correctly enter their password on five successive attempts. Password security is fully described in Section 9.15.4, "Enforcing Password Security Policies". You can use this check box to unlock the user's account.
Click the Settings tab to view the user settings dialog shown in Figure 9-17:
Figure 9-21 User Settings Dialog
Within the Settings tab, you can modify the following:
Startup module: specifies the module in which the user starts their session. (For example, Reports, System, or User management). The default is the user's home page.
Optionally, click the Permissions tab, and use the check boxes and radio buttons to specify the permissions to be assigned to the user. These are explained in Section 1.3, "Understanding User Roles"Section 9.15.1, "Adding New Users".
When ready, click Save for the changes you have made to take effect. Otherwise, click Cancel to discard your changes.
Resetting the Administrator Password
In the event that you need to reset the
admin user password, you can do so with the use of the
set-admin-password script. This is described in the Oracle Real User Experience Insight Installation Guide.
Each user must be defined and authorized to work with RUEI. The procedure to do this is fully explained in Section 9.15, "Managing Users and Permissions". In order to optimize the security of your installation, you can use the password settings facility to enforce your organization's security policies. Specifically, you can control the maximum length of user passwords, and how often users are required to change their passwords.
To control your installation's password enforcement, do the following:
Select System, then User management, and click Password settings. The dialog shown in Figure 9-22 appears.
Figure 9-22 Password Settings
Use the Password length field to specify the minimum number of characters that user passwords must contain. The minimum length is eight characters, and the maximum length is 255 characters.
Use the Duration field to specify how often users are required to change their passwords. This should be between 7 and 60 days. The default is 60 days.
When ready, click Save.
When creating and authorizing users, the following rules are automatically enforced:
User accounts are locked after five failed attempts. The account must be unlocked before the user can logon again (see Section 9.15.3, "Modifying a User's Settings"). However, locked users will continue to receive mailed reports and alerts.
A user password must have a minimum of eight characters. It must contain one or more non-alphanumeric characters (such as $, @, &, and !).
A password cannot include the defined user name, or their first and last name. In addition, the user's last three passwords are also remembered, and cannot be re-used.
Passwords are case sensitive.
The Enriched data exchange facility enables the alternative analysis of the data collected by RUEI. In particular, it allows you to combine the data collected by RUEI with other data warehouse data. For example, a Customer Relationship Management (CRM) or Business Intelligence (BI) system. Using this facility, you can extract a rich set of collected data, such as product names, shopping basket values, and address information.
While the facility described in Section 2.11, "Exporting Report Data" is limited to report data, the enriched data exchange facility allows the export of all page-based data. In addition, report data export is based on HTTPS transfer, and enriched data exchange is based on SFTP file transfer. As described later, you can also customize the content of the exported data to include header information not normally collected by RUEI. Because the exported data is page-based, the available is restricted to applications, and does not include service-related data.
Enabling and Disabling Enriched Data Exchange
To enable Enriched data exchange, do the following:
Select Configuration, then Applications, and then Enriched data exchange. The window shown in Figure 9-23 appears.
Figure 9-23 Enriched Data Exchange
Use the Enabled check box to enable or disable the Enriched data exchange facility. By default, it is enabled.
Optionally, you can define additional data items to be included in the exported data. Typically, these are elements in the client request or server response headers that are not normally collected by RUEI, but which you want included in the exported data. To do so, click «Add new item». The dialog shown in Figure 9-24 appears.
Figure 9-24 Add Enriched Data Export Item
Specify the name to be assigned to the data item. This become the item's element name. For example, if specify the name "product", any matched data will appear in the export file with the label <product>.
Use the Search type menu to define how the required item should be identified within the data collected by RUEI, and the scope of the search. You can specify to search within the client request header or server response header, using either a literal search or an XPath expression, or to search within a custom page-tagging implementation for a specific tag. Further information about support for custom page-tagging schemes is available in Appendix A, "Tagging Conventions".
When ready, click Save. The new data item, if found in the monitored traffic, will start to be reported in the exports within 5 to 10 minutes.
Existing data can be modified by right-clicking it, and selecting Edit. You can also select Remove to delete it, or select Remove all to delete all currently items.
The exported data is based on pageviews, and is in XML format. This enables its immediate importation into a wide variety of systems. An XSD file defines the structure of the exported XML. The XML schema is shown in Figure 9-25:
Figure 9-25 XML Schema
For an explanation of the standard data items featured in the schema, see Appendix D, "Summary of Data Items".
File location and Naming Structure
When enabled, the Enriched data export facility creates an export file every five minutes. The files are located in the directory
/home/moniforce/websensor/xml-events/wg/xml-sespage/. Each file within this directory has the following name structure:
nnnn represents the file sequence. Because an export file is created every five minutes, 288 files can be created per day. This can range from 0001 to 0289.
L indicates that it is the last file for that day. This always has the file sequence 289, and is used to gather up any open sessions after the 24 hour period.
M indicates that more files are still to follow this file.
Exports are retained for a period of seven days before they are automatically deleted. In order to access these files, you will need a working FTP file transfer connection to the Reporter system. Consult your System Administrator for further information on this facility.
If required, you can use a symbolic link definition to change the location to which files are exported. Consult your System Administrator for further information on the use of this facility.
While access to the data generated by the Enriched data exchange facility can be controlled in several different ways at the operating system level, it is recommended that you use SCP/SFTP and create a separate OS user with minimal access rights to the directory containing the exported data. You can then use an
scp command to copy the data to a local system. For example:
scp -r <OS user>@Reporter:/home/moniforce/websensor/xml-events/wg/xml-sespage/20080903 .
Oracle BI is based on the Oracle Business Intelligence Enterprise Edition (OBI EE), a comprehensive, innovative, and leading BI foundation. For further information, go to