| Oracle® Real User Experience Insight Installation Guide Release 4.5.2 for Linux x86-64 Part Number E14989-01 |
|
|
View PDF |
| Oracle® Real User Experience Insight Installation Guide Release 4.5.2 for Linux x86-64 Part Number E14989-01 |
|
|
View PDF |
This chapter describes the procedure for initially configuring RUEI. This task is performed by the individual within your organization who has been assigned the role of RUEI Administrator. For more information about roles, see the Oracle Real User Experience User Guide.
In order to get RUEI up and running, you will need to have prepared the server systems for RUEI, and installed the RUEI software. This is described in Chapter 2, "Installing RUEI". After that, you are required to specify the installation type and mail setup (described in Section 3.1, "Performing Initial RUEI Configuration"), and then perform some post-installation configuration (described in Section 3.3, "Performing Post-Installation Configuration"). This is necessary in order to start reporting. It includes deciding how pages and users will be identified, and specifying the scope of monitoring in your network environment. Finally, you will need to define the system's initial users, as described in Section 3.3.6, "Authorizing Initial Users". Note that if you are installing a split-server configuration, you will need to configure each Collector system. This is described in Section 3.2, "Configuring a Collector System".
Caution:
The configuration of RUEI should be discussed with someone with a detailed knowledge of your organization's network topology.In order for RUEI to start data monitoring and reporting, it must be configured with some information about your network infrastructure. Once completed, user traffic reporting is available. Note that this initial configuration can be changed later, as necessary. It is only intended to provide RUEI with sufficient information to start real-user monitoring and reporting.
To perform the initial RUEI configuration, do the following:
Start the Initial setup wizard by pointing your browser at https://Reporter/ruei. The dialog shown in Figure 3-1 appears:
Specify the admin user, and the RUEI Administration password defined with the set-admin-password script (defined in Section 2.5.4, "Installation of the RUEI Software"). When ready, click Login. The dialog shown in Figure 3-2 appears.
Note:
The first time a user logs on, they receive a warning that the Web server was unable to verify the identify of the site's certificate. Depending on your security policies, you can either choose to accept this certificate permanently, temporarily for this session, or reject the certificate. Alternatively, you can purchase a certificate from a Certificate Authority (CA). You can also create an SSL certificate. For more information, visit
http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#realcert.Click Next to proceed with configuration. The dialog shown in Figure 3-3 appears:
Use the radio buttons to select the required installation type. A Reporter system performs both data collection and reporting, and is the default configuration. A Collector configuration only performs data monitoring. After making your selection, click Next. The dialog shown in Figure 3-4 appears.
Important:
Configuration of a RUEI system as a Collector (that is, as part of a split-server configuration) is only possible during this initial configuration phase; and this selection cannot be changed later. You should fully understand the implications of your selection before proceeding. Also, see Section 3.2, "Configuring a Collector System" for important information about registering the Collector with a Reporter system.Specify the requested information. The e-mail information is used to configure RUEI's interface to your internal network, and will be used for reporting problems. When you have entered the required information, click Next. The dialog shown in Figure 3-5 appears.
Check that the information specified in the settings overview is correct. You can use Back and Next to move between dialogs as necessary. When ready, click Next. The dialog shown in Figure 3-6 appears.
This dialog indicates how far the system has got in applying your specified settings. Typically, this process takes a maximum of 15 minutes. When finished, click Finish to close the dialog.
Select System, and then Status to view the system's status. An example is shown in Figure 3-8.
Verify that all processes are operating properly.
If you selected a Collector configuration (Figure 3-3), the dialog shown in Figure 3-8 appears after logon:
To register a Collector to a Reporter system, do the following:
Within the Reporter system, select System, then Maintenance, and then Network data collectors. The Network data collectors window appears.
Select Configuration, and then Register remote Collector. The Register Collector dialog shown in Figure 3-9 appears.
Enter the IP address of the Collector. Optionally, you can also specify a brief description of the attached Collector. When ready, click Register. On return to the Network data collectors window, the new Collector should be listed.
As mentioned earlier, it is not possible to select a Collector type installation for a system, and later change it to a Reporter installation. The only way you can change its installation type is by resetting the Collector system with the Reset to factory defaults option described in the Oracle Real User Experience Insight User Guide. After that, the initial setup wizard would need to be re-run.
In order to start reporting, the RUEI needs certain information about the monitored network environment. It is important to understand that RUEI is designed to work within a wide range of network environments. Therefore, the configuration choices you make will affect the accuracy and usability of the reported data. It is strongly recommended that you carefully review the settings described in this section.
Within RUEI, session information is based on cookies. Therefore, RUEI needs to know and understand the cookie technology (or technologies) your organization is using. The procedure to configure this is described in the Oracle Real User Experience Insight User Guide. The structure of supported cookie technologies is also explained in the Oracle Real User Experience Insight User Guide.
If cookie information is not available, user tracking is based on visitor IP address. This can lead to unreliable session information. For example, in the case of users behind a proxy server, all users coming from that network would be identified as the same user.
Uploading SSL keys to the system is extremely important if most of your HTTP traffic is based on SSL sessions. Without the SSL keys being available to the system, the Collector will not be able to decrypt the SSL session traffic. In these circumstances, further configuration of cookies, user identification, and application pages would make little sense. Ensure that you upload and activate your HTTPS SSL keys as early on as possible in the configuration process. The management of SSL keys is fully described in the Oracle Real User Experience Insight User Guide.
Within RUEI, user identification is first based on the HTTP Authorization field. After that, it is derived from the supplied GET/POST argument within URLs. Therefore, if you are using arguments within URLs, the item within these used for user identification must be specified in order to provide reliable results. This is fully described in the Oracle Real User Experience Insight User Guide.
Page identification within RUEI is based on applications. Essentially, an application is a collection of Web pages. This is because pages on a Web site are typically bound to a particular application. For each page that the system detects, it uses the available application definitions to assign a name to it. Note that information about any pages that could not be identified using these definitions is discarded, and, therefore, not available through reports and the data browser. This is fully described in the Oracle Real User Experience User Guide.
Within RUEI, you control the scope of traffic monitoring by specifying which TCP ports the SYSTEM should monitor. Obviously, no information is available for non-monitored ports. In addition, you can restrict monitoring to specific servers and subnets. This is fully described in the Oracle Real User Experience Insight User Guide.
In order for users to start working with RUEI, you will need to authorize the required users. Only one user, the Administrator, is available after installation. The procedure to set the initial admin user password is described in Section 2.5.4, "Installation of the RUEI Software". All other required users must be created and assigned the necessary roles and access permissions through the Reporter GUI. In particular, it is recommended that you create a dedicated Security Officer account to finalize the security-related configuration. User roles, creation and management are fully described in the Oracle Real User Experience Insight User Guide.
Note that passwords are case sensitive, while user names are not. It is recommended that you do not include any diacritic characters, such as umlauts.
Several directories on the Reporter system may hold sensitive data which was captured during monitoring. This is especially true if the Replay Viewer has been enabled. Enterprise Linux provides an encrypted file system to secure the data on disk. To do so, you need to install the ecryptfs-utils RPM. Then you need to load the ecryptfs kernel modules using the following command:
insmod /lib/modules/2.6.18-*.*.el5/kernel/fs/ecryptfs/ecryptfs.ko
To encrypt the Replay Viewer database, issue the following command as root:
mount -t ecryptfs /home/moniforce/appsensor/wg/REPLAY \ /home/moniforce/appsensor/wg/REPLAY
Other directories you might consider encrypting are /home/moniforce/appsensor/sslkeys (containing private keys) and /home/moniforce/websensor/data (containing log files).
More information about the use of the ecryptfs module is available at http://ecryptfs.sourceforge.net/README.
Note the ecryptfs facility is only available in Technology Preview since Oracle Linux 5.2.
To ensure the quality and quantity of data being collected and analyzed by your RUEI system, it is strongly advised that you verify the system's configuration using some core metrics. These are described in the following sections.
You can open an overview of the monitored network traffic by selecting System, then Status, and then Data processing. This provides you with immediate information about hits, pages, and session processing, as well as the system load. An example is shown in Figure 3-10:
The precise number of percentage of identified sessions, pageviews, and hits relies heavily on your exact configuration. If you intend to measure all traffic, it is recommended that at least 80% of sessions, pageviews, and hits are reported as "identified". It is also recommended that you regularly review the reported numbers and percentages to ensure the quality and quantity of reported data.
Important:
After initial configuration of cookies, user identification, and application page structure, the system will take at least 5 - 10 minutes before the Sessions/Hits/Pageviews tabs are updated with green bars. If, after 20 - 30 minutes after initial configuration, there is no green bars showing on any of the tabs, please review your initial RUEI configuration. If the bars do not indicate any activity at all, please review your system's network card configuration as outlined in Section 1.7, "Network Requirements".At this point, RUEI should be collecting data from each of its associated Collectors. You can easily check the status of these Collectors by selecting System, then Status, and then Collector status. This opens the Network data collectors window. This is fully described in the Oracle Real User Experience Insight User Guide.
It is important to understand that the data being collected by Collector system(s) is offered to the RUEI data processing module for further analysis. If no data is collected, there is no means by which it can be processed.
|
 Copyright © 2009, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|
