PK
:0Boa, mimetypeapplication/epub+zipPK :0B iTunesMetadata.plist}
This appendix describes how you can use the TCP diagnostic facility to verify that RUEI "sees" all required network traffic. It is strongly recommended that a network engineer within your organization validates collected network traffic after installation and configuration of RUEI.
The TCP diagnostics utility allows you to create 1-minute snapshots of the network traffic seen by a selected Collector. This snapshot can then be used to help determine whether there are gaps in the expected traffic flow. For example, there could be unconfigured port numbers, or an incorrectly specified VLAN ID.
The TCP traffic can be analyzed across client and server IP and MAC address, as well as port number and VLAN ID. Each snapshot's scope in terms of network traffic information is shown in Figure F-1.
To create a TCP traffic snapshot, do the following:
Within the Configuration facility, click the Show Collector status icon. Alternatively, select System, then Status, and then Collector status. The Network data Collectors window shown in Figure F-2 opens. This is fully explained in the Oracle Real User Experience Insight User's Guide.
Click the required Collector. The System (localhost) item refers to the Collector instance running on the Reporter system. Other Collectors within the network are represented by their IP address.
Click the TCP diagnostics tab. A panel similar to the one shown in Example F-0 appears.
Click the New snapshot icon in the toolbar. The dialog shown in Figure F-4 appears.
Figure F-4 New TCP Traffic Snapshot Dialog
Use the Apply filters check box to specify whether the create traffic snapshot should be created to report all traffic seen by the selected Collector, or only that traffic that fits the Collector's currently defined filters (see the Oracle Real User Experience Insight User's Guide for more information). These are shown in the lower part of the dialog. Note that you can also view them by clicking the View snapshot filters icon on the toolbar. When ready, click Create snapshot.
Note: The maximum number of traffic snapshots across all Collector systems in your RUEI installation is 15. When this maximum is reached, the oldest snapshot is automatically replaced by the newly created snapshot. |
There is a 1-minute delay while the snapshot is created. Upon completion, an overview of the newly created snapshot's details is presented. An example is shown in Figure F-5.
To analysis a created snapshot, do the following:
Select the required snapshot from the snapshot menu, or click it via the TCP diagnostics main panel (shown in Figure F-3). Snapshots created with applied filters are indicated with a tick character in the Filtered column. You can view the applied filters by clicking the tick character.
An overview of the selected snapshot (similar to the one shown in Figure F-5) appears. Note that you can click a selectable item to filter on it. For example, the list of reported items should be restricted to those that include a particular server IP address. You can remove a filter by clicking the Remove icon beside it in the filters section of the panel.
Optionally, use the sort menu (shown in Figure F-6) to the right of the snapshot menu to select the primary column used for the displayed items.
The Status column shown in Figure F-5 indicates whether a possible problem may exist with the TCP traffic monitored during the snapshot. In the event of a fail status being reported, you can mouse over the status icon to see additional information. Possible identified problems are explained in Table F-1.
Table F-1 Identify Problems and Possible Causes
Status | Description |
---|---|
Client/server packet ratio is too high. |
The number of client packets compared to server packets seems to be unusually large. This could indicate that the Collector cannot see both directions of traffic due (or is seeing duplicate traffic in one direction), or there is a server-related issue (for example, it is switched off). |
Server/client packet ratio is too high. |
The number of server packets compared to client packets seems to be usually large. This could indicate that the Collector cannot see both directions of traffic due (or seeing duplicate traffic in one direction), or there is a client-related issue (for example, unacknowledged server packets). |
Insufficient number of server and client packets for analysis. |
There was insufficient traffic (TCP packets) to perform a reliable client/server ratio analysis. A minimum of 100 packets is required. This may because normal traffic levels to the server are low. Otherwise, it may indicate routing issues with RUEI being unable to see some portions of network traffic. |
Server VLAN ID does not match client VLAN ID. |
This would normally indicate a routing issue. For example, traffic from the client to the server is being routed via one VLAN, but the traffic back from the server to the client is being routed via another VLAN. Be aware that RUEI can only monitor traffic on one VLAN segment at a time. |
This appendix contains licensing information about certain third-party products included with this release of RUEI. Unless otherwise specifically noted, all licenses herein are provided for notice purposes only.
The sections in this appendix describe the following third-party licenses:
Apache Software License, Version 2.0
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files.
"Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions:
You must give any other recipients of the Work or Derivative Works a copy of this License; and
You must cause any modified files to carry prominent notices stating that You changed the files; and
You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and
If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
OpenSSL
This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org
).
Copyright © 1998-2007 The OpenSSL Project. All rights reserved.
Copyright © 1995-1998 Eric Young (eay@cryptsoft.com). All rights reserved.
THIS SOFTWARE IS PROVIDED BY THE OPENSSL PROJECT "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OPENSSL PROJECT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA OR PROFITS; OR BUSINESS INTERRUPTION) HOWVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
PHP
Copyright © 1999-2006 The PHP Group. All rights reserved.
This product includes PHP software, freely available from http://php.net/software/
.
"THIS SOFTWARE IS PROVIDED BY THE PHP DEVELOPMENT TEAM "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE PHP DEVELOPMENT TEAM BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE."
Java Runtime Environment
ORACLE AMERICA, INC. ("ORACLE"), FOR AND ON BEHALF OF ITSELF AND ITS SUBSIDIARIES AND AFFILIATES UNDER COMMON CONTROL, IS WILLING TO LICENSE THE SOFTWARE TO YOU ONLY UPON THE CONDITION THAT YOU ACCEPT ALL OF THE TERMS CONTAINED IN THIS BINARY CODE LICENSE AGREEMENT AND SUPPLEMENTAL LICENSE TERMS (COLLECTIVELY "AGREEMENT"). PLEASE READ THE AGREEMENT CAREFULLY. BY SELECTING THE "ACCEPT LICENSE AGREEMENT" (OR THE EQUIVALENT) BUTTON AND/OR BY USING THE SOFTWARE YOU ACKNOWLEDGE THAT YOU HAVE READ THE TERMS AND AGREE TO THEM. IF YOU ARE AGREEING TO THESE TERMS ON BEHALF OF A COMPANY OR OTHER LEGAL ENTITY, YOU REPRESENT THAT YOU HAVE THE LEGAL AUTHORITY TO BIND THE LEGAL ENTITY TO THESE TERMS. IF YOU DO NOT HAVE SUCH AUTHORITY, OR IF YOU DO NOT WISH TO BE BOUND BY THE TERMS, THEN SELECT THE "DECLINE LICENSE AGREEMENT" (OR THE EQUIVALENT) BUTTON AND YOU MUST NOT USE THE SOFTWARE ON THIS SITE OR ANY OTHER MEDIA ON WHICH THE SOFTWARE IS CONTAINED.
1. DEFINITIONS. "Software" means the software identified above in binary form that you selected for download, install or use (in the version You selected for download, install or use) from Oracle or its authorized licensees, any other machine readable materials (including, but not limited to, libraries, source files, header files, and data files), any updates or error corrections provided by Oracle, and any user manuals, programming guides and other documentation provided to you by Oracle under this Agreement. "General Purpose Desktop Computers and Servers" means computers, including desktop and laptop computers, or servers, used for general computing functions under end user control (such as but not specifically limited to email, general purpose Internet browsing, and office suite productivity tools). The use of Software in systems and solutions that provide dedicated functionality (other than as mentioned above) or designed for use in embedded or function-specific software applications, for example but not limited to: Software embedded in or bundled with industrial control systems, wireless mobile telephones, wireless handheld devices, netbooks, kiosks, TV/STB, Blu-ray Disc devices, telematics and network control switching equipment, printers and storage management systems, and other related systems are excluded from this definition and not licensed under this Agreement. "Programs" means: (a) Java technology applets and applications intended to run on the Java Platform, Standard Edition platform on Java-enabled General Purpose Desktop Computers and Servers, and (b) JavaFX technology applications intended to run on the JavaFX Runtime on JavaFX-enabled General Purpose Desktop Computers and Servers. “README File” means the README file for the Software set forth in the Software or otherwise available from Oracle at or through the following URL:
http://www.oracle.com/technetwork/java/javase/documentation/index.html
2. LICENSE TO USE. Subject to the terms and conditions of this Agreement including, but not limited to, the Java Technology Restrictions of the Supplemental License Terms, Oracle grants you a non-exclusive, non-transferable, limited license without license fees to reproduce and use internally the Software complete and unmodified for the sole purpose of running Programs.
3. RESTRICTIONS. Software is copyrighted. Title to Software and all associated intellectual property rights is retained by Oracle and/or its licensors. Unless enforcement is prohibited by applicable law, you may not modify, decompile, or reverse engineer Software. You acknowledge that the Software is developed for general use in a variety of information management applications; it is not developed or intended for use in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use the Software in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its safe use. Oracle disclaims any express or implied warranty of fitness for such uses. No right, title or interest in or to any trademark, service mark, logo or trade name of Oracle or its licensors is granted under this Agreement. Additional restrictions for developers and/or publishers licenses are set forth in the Supplemental License Terms.
4. DISCLAIMER OF WARRANTY. THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. ORACLE FURTHER DISCLAIMS ALL WARRANTIES, EXPRESS AND IMPLIED, INCLUDING WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NONINFRINGEMENT.
5. LIMITATION OF LIABILITY. IN NO EVENT SHALL ORACLE BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, PUNITIVE OR CONSEQUENTIAL DAMAGES, OR DAMAGES FOR LOSS OF PROFITS, REVENUE, DATA OR DATA USE, INCURRED BY YOU OR ANY THIRD PARTY, WHETHER IN AN ACTION IN CONTRACT OR TORT, EVEN IF ORACLE HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. ORACLE'S ENTIRE LIABILITY FOR DAMAGES HEREUNDER SHALL IN NO EVENT EXCEED ONE THOUSAND DOLLARS (U.S. $1,000).
6. TERMINATION. This Agreement is effective until terminated. You may terminate this Agreement at any time by destroying all copies of Software. This Agreement will terminate immediately without notice from Oracle if you fail to comply with any provision of this Agreement. Either party may terminate this Agreement immediately should any Software become, or in either party's opinion be likely to become, the subject of a claim of infringement of any intellectual property right. Upon termination, you must destroy all copies of Software.
7. EXPORT REGULATIONS. You agree that U.S. export control laws and other applicable export and import laws govern your use of the Software, including technical data; additional information can be found on Oracle's Global Trade Compliance web site (http://www.oracle.com/products/export
). You agree that neither the Software nor any direct product thereof will be exported, directly, or indirectly, in violation of these laws, or will be used for any purpose prohibited by these laws including, without limitation, nuclear, chemical, or biological weapons proliferation.
8. TRADEMARKS AND LOGOS. You acknowledge and agree as between you and Oracle that Oracle owns the ORACLE and JAVA trademarks and all ORACLE- and JAVA-related trademarks, service marks, logos and other brand designations ("Oracle Marks"), and you agree to comply with the Third Party Usage Guidelines for Oracle Trademarks currently located at http://www.oracle.com/us/legal/third-party-trademarks/index.html
. Any use you make of the Oracle Marks inures to Oracle's benefit.
9. U.S. GOVERNMENT LICENSE RIGHTS. If Software is being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), then the Government's rights in Software and accompanying documentation shall be only those set forth in this Agreement.
10. GOVERNING LAW. This agreement is governed by the substantive and procedural laws of California. You and Oracle agree to submit to the exclusive jurisdiction of, and venue in, the courts of San Francisco, or Santa Clara counties in California in any dispute arising out of or relating to this agreement.
11. SEVERABILITY. If any provision of this Agreement is held to be unenforceable, this Agreement will remain in effect with the provision omitted, unless omission would frustrate the intent of the parties, in which case this Agreement will immediately terminate.
12. INTEGRATION. This Agreement is the entire agreement between you and Oracle relating to its subject matter. It supersedes all prior or contemporaneous oral or written communications, proposals, representations and warranties and prevails over any conflicting or additional terms of any quote, order, acknowledgment, or other communication between the parties relating to its subject matter during the term of this Agreement. No modification of this Agreement will be binding, unless in writing and signed by an authorized representative of each party.
SUPPLEMENTAL LICENSE TERMS
These Supplemental License Terms add to or modify the terms of the Binary Code License Agreement. Capitalized terms not defined in these Supplemental Terms shall have the same meanings ascribed to them in the Binary Code License Agreement. These Supplemental Terms shall supersede any inconsistent or conflicting terms in the Binary Code License Agreement, or in any license contained within the Software.
A. SOFTWARE INTERNAL USE FOR DEVELOPMENT LICENSE GRANT. Subject to the terms and conditions of this Agreement and restrictions and exceptions set forth in the README File incorporated herein by reference, including, but not limited to the Java Technology Restrictions of these Supplemental Terms, Oracle grants you a non-exclusive, non-transferable, limited license without fees to reproduce internally and use internally the Software complete and unmodified for the purpose of designing, developing, and testing your Programs.
B. LICENSE TO DISTRIBUTE SOFTWARE. Subject to the terms and conditions of this Agreement and restrictions and exceptions set forth in the README File, including, but not limited to the Java Technology Restrictions of these Supplemental Terms, Oracle grants you a non-exclusive, non-transferable, limited license without fees to reproduce and distribute the Software, provided that (i) you distribute the Software complete and unmodified and only bundled as part of, and for the sole purpose of running, your Programs, (ii) the Programs add significant and primary functionality to the Software, (iii) you do not distribute additional software intended to replace any component(s) of the Software, (iv) you do not remove or alter any proprietary legends or notices contained in the Software, (v) you only distribute the Software subject to a license agreement that protects Oracle's interests consistent with the terms contained in this Agreement, and (vi) you agree to defend and indemnify Oracle and its licensors from and against any damages, costs, liabilities, settlement amounts and/or expenses (including attorneys' fees) incurred in connection with any claim, lawsuit or action by any third party that arises or results from the use or distribution of any and all Programs and/or Software. The license set forth in this Section B does not extend to the Software identified in Section D.
C. LICENSE TO DISTRIBUTE REDISTRIBUTABLES. Subject to the terms and conditions of this Agreement and restrictions and exceptions set forth in the README File, including but not limited to the Java Technology Restrictions of these Supplemental Terms, Oracle grants you a non-exclusive, non-transferable, limited license without fees to reproduce and distribute those files specifically identified as redistributable in the README File ("Redistributables") provided that: (i) you distribute the Redistributables complete and unmodified, and only bundled as part of Programs, (ii) the Programs add significant and primary functionality to the Redistributables, (iii) you do not distribute additional software intended to supersede any component(s) of the Redistributables (unless otherwise specified in the applicable README File), (iv) you do not remove or alter any proprietary legends or notices contained in or on the Redistributables, (v) you only distribute the Redistributables pursuant to a license agreement that protects Oracle's interests consistent with the terms contained in the Agreement, (vi) you agree to defend and indemnify Oracle and its licensors from and against any damages, costs, liabilities, settlement amounts and/or expenses (including attorneys' fees) incurred in connection with any claim, lawsuit or action by any third party that arises or results from the use or distribution of any and all Programs and/or Software. The license set forth in this Section C does not extend to the Software identified in Section D.
D. JAVA TECHNOLOGY RESTRICTIONS. You may not create, modify, or change the behavior of, or authorize your licensees to create, modify, or change the behavior of, classes, interfaces, or subpackages that are in any way identified as "java", "javax", "javafx", "sun", “oracle” or similar convention as specified by Oracle in any naming convention designation. You shall not redistribute the Software listed on Schedule 1.
E. SOURCE CODE. Software may contain source code that, unless expressly licensed for other purposes, is provided solely for reference purposes pursuant to the terms of this Agreement. Source code may not be redistributed unless expressly provided for in this Agreement.
F. THIRD PARTY CODE. Additional copyright notices and license terms applicable to portions of the Software are set forth in the THIRDPARTYLICENSEREADME file set forth in the Software or otherwise available from Oracle at or through the following URL: http://www.oracle.com/technetwork/java/javase/documentation/index.html
. In addition to any terms and conditions of any third party opensource/freeware license identified in the THIRDPARTYLICENSEREADME file, the disclaimer of warranty and limitation of liability provisions in paragraphs 4 and 5 of the Binary Code License Agreement shall apply to all Software in this distribution.
G. TERMINATION FOR INFRINGEMENT. Either party may terminate this Agreement immediately should any Software become, or in either party's opinion be likely to become, the subject of a claim of infringement of any intellectual property right.
H. INSTALLATION AND AUTO-UPDATE. The Software's installation and auto-update processes transmit a limited amount of data to Oracle (or its service provider) about those specific processes to help Oracle understand and optimize them. Oracle does not associate the data with personally identifiable information. You can find more information about the data Oracle collects as a result of your Software download at http://www.oracle.com/technetwork/java/javase/documentation/index.html
.
For inquiries please contact: Oracle America, Inc., 500 Oracle Parkway, Redwood Shores, California 94065, USA.
License for Archived Java SE Technologies; Last updated 13 March 2012.
The MIT License (MIT)
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Installation Guide
12c Release 2 (12.1.0.3) for Linux x86-64
E37265-05
October 2012
Oracle Real User Experience Insight Installation Guide, 12c Release 2 (12.1.0.3) for Linux x86-64
E37265-05
Copyright © 2012 Oracle and/or its affiliates. All rights reserved.
Primary Author: Paul Coghlan
Contributing Author: Eddy Vervest
This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited.
The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing.
If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable:
U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification, and adaptation shall be subject to the restrictions and license terms set forth in the applicable Government contract, and, to the extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software License (December 2007). Oracle USA, Inc., 500 Oracle Parkway, Redwood City, CA 94065.
This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use this software or hardware in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications.
Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.
This software and documentation may provide access to or information on content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services.
This chapter describes the prerequisites and procedure for installing each of the RUEI components. The procedure for upgrading an existing RUEI 11.1 installation to release 12.1 is described in Chapter 3, "Upgrading to RUEI 12.1.0.3". The post-installation configuration procedure is described in Chapter 4, "Configuring RUEI".
This section describes the steps that should be taken before starting to install the RUEI software. Ensure that all preconditions described in this section are met before proceeding with the installation process.
Depending on the installation location of the Reporter database and the RUEI software, the necessary disk space needs to be carefully planned. During operating system installation, you will need this information at hand for the disk partitioning phase.
Table 2-1 shows the disk space requirements for the RUEI installation components.
Table 2-1 Required Disk Space Specifications
Partition | Min. Required Disk Space (GB) | Component |
---|---|---|
ORACLE_BASE (default |
500 |
Database server |
RUEI_HOME (default |
5 |
Reporter, Collector |
RUEI_DATA (default |
100 |
Reporter, Collector |
Footnote 1 This is the example database location used throughout this guide.
This means that for a stand-alone RUEI server installation, a minimum of 700 GB is required. In the case of a high-traffic implementation, involving a dedicated remote Collector, a minimum of 200 GB of disk space is recommended for /var/opt/ruei
(RUEI_DATA
).
Important: The Reporter and database servers require high-performance data storage. RAID-10 or RAID-5 (or equivalent) storage configurations with high-performance disks are strongly recommended. |
Ensure that a static IP address is assigned to the interface used to access the RUEI web interface. In addition, the assigned IP address and host name should be configured in the /etc/hosts
file. If necessary, ensure that all Reporter, Collector, and Processing Engine systems are correctly defined in the DNS system.
Ensure that the network interface(s) used for network packet monitoring are administratively up, but without an IP address.
Important: Make the network interface up status permanent (after a reboot) by setting theONBOOT parameter of the capturing interfaces to yes . The network interfaces configuration can be found in the /etc/sysconfig/networking/devices/ifcfg-eth X file (where X represents the necessary network interface). Alternatively, use the graphical utility system-config-network to perform the above actions. |
When the system boots for the first time, a post-installation wizard appears, and allows you to finalize the operating system configuration settings. Ensure that:
The RUEI firewall rules shown in Table 1-9 are correctly configured.
Security Enhanced Linux (SELinux) is disabled. This is necessary for the correct operation of RUEI. Note that changing the SELinux setting requires rebooting the system so that the entire system can be relabeled.
For security reasons, it is strongly recommended that you check the Encrypt System check box during operating system installation so that all sensitive data is stored in a secure manner. A passphase is required during booting the system.
Ensure that the date and time settings are correctly specified. The use of NTP is strongly recommended, and is required in a split-server deployment. In addition, all time zones specified for Reporter, Collector, and Processing Engine systems must be identical.
Because the NTP daemon is a critical component of RUEI, especially in a split server configuration, it is recommended that you verify that it is activated in at least run level 5 during boot. Use the following commands:
/sbin/chkconfig --list | grep ntp ntpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off /sbin/chkconfig ntpd on /sbin/chkconfig --list | grep ntp ntpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off /etc/init.d/ntpd start Starting ntpd: [ OK ]
Note that if the NTP daemon is not already running, you can start it by issuing the following command:
/etc/init.d/ntpd restart
The following sample output shows when the NTP daemon is synchronized (indicated by an "*").
ntpq -pn remote refid st t when poll reach delay offset jitter ============================================================================== *194.171.167.130 .PPS. 1 u 994 1024 377 6.429 0.041 0.093 +80.85.129.25 130.235.20.3 3 u 725 1024 377 4.435 0.673 0.129 +82.94.235.106 135.81.191.59 2 u 678 1024 377 1.709 1.774 0.020 127.127.1.0 .LOCL. 10 l 8 64 377 0.000 0.000 0.001
Important: In distributed environments, all time zones specified for Reporter, Collector, and Processing Engine systems must be identical. |
Note that the procedure described in this section is only required for a Reporter system.
The required packages are available from the Oracle Linux or RedHat Enterprise Linux distribution sets. Issue the following command to install all prerequisites for the Reporter:
rpm -Uhv httpd-2.2.3-*.el5.x86_64.rpm \ libpcap-0.9*.x86_64.rpm \ apr-1.2.7-11.*.x86_64.rpm \ apr-util-1.2.7-*.x86_64.rpm \ php-5.1.6-*.x86_64.rpm \ mod_ssl-2.2.3-*.el5.x86_64.rpm \ distcache-1.4.5-*.x86_64.rpm \ php-common-5.1.6-*.x86_64.rpm \ php-cli-5.1.6-*.x86_64.rpm \ php-mbstring-5.1.6-*.x86_64.rpm \ php-soap-5.1.6-*.x86_64.rpm \ php-ldap-5.1.6-*.x86_64.rpm \ gmp-4.1.4-*.el5.x86_64.rpm \ postgresql-libs-8.1.11-*.el5_1.1.x86_64.rpm \ lm_sensors-2.10.7-*.el5.x86_64.rpm \ net-snmp-5.3.2.2-*.el5.x86_64.rpm \ net-snmp-utils-5.3.2.2-*.el5.x86_64.rpm \ perl-XML-Twig-3.26-*.fc6.noarch.rpm \ perl-XML-Parser-2.34-*.x86_64.rpm
Issue the following command to install all optional fonts. Alternatively, install the multi-byte character sets necessary to meet your NLS requirements.
rpm -Uhv fonts-*
Installing All Requirements Using a Yum Repository (Alternative)
As an alternative to manual installation, you can use a Yum repository to install the required RPMs. This requires a working Yum repository. Information about Yum repositories is available at the following location:
http://linux.duke.edu/projects/yum/
Install the necessary Reporter packages using the following commands:
yum -y install perl-URI yum -y install perl-XML-Twig yum -y install net-snmp-utils yum -y install sendmail-cf yum -y install httpd yum -y install mod_ssl yum -y install php yum -y install php-mbstring yum -y install php-ldap yum -y install php-soap yum -y install bitstream-vera-fonts yum -y install librsvg2 yum -y install xorg-x11-xinit yum -y install fonts-*
Download and install Oracle Database 11g Enterprise Edition from the Oracle database home page at the following location:
http://www.oracle.com/technology/software/products/database/index.html
The procedure for installing the Oracle database is fully described in the product documentation. It is strongly recommended that you download and review the appropriate Oracle Database 11g Quick Installation Guide. It is available from the Oracle Database Documentation Library. A summary of this procedure is described in Appendix A, "Installing the Oracle Database Software". Note that the path, user, and group names used in this guide are based on the Oracle database product documentation.
The RUEI software is available from the Oracle E-Delivery website (http://edelivery.oracle.com
). Select the following media pack criteria:
Oracle Enterprise Manager
Linux x86-64
Copy the downloaded RUEI zip file to /root
directory on the server, and unzip it. Use the following commands:
cd /root
unzip package_name
.zip
The following directories are created which contain the software required to complete the RUEI installation:
/root/RUEI/121
/root/RUEI/ZendOptimizer
/root/RUEI/IC
/root/RUEI/PHP
/root/RUEI/Java
/root/RUEI/extra
/root/RUEI/libxml2
All steps described in this section must be performed regardless of your planned installation (that is, a Reporter with local database, a Reporter with remote database, a Processing Engine, or a Collector).
The /etc/ruei.conf
file specifies the settings used within your installation. A template of this file is provided in the /root/RUEI/extra
directory of the RUEI distrubution zip. Note that all components in your RUEI environment (such as the remote database and Collectors) require the same global /etc/ruei.conf
configuration file. Note that there is one exception to this requirement, and that is for Processing Engine systems. This requirement is fully described in Chapter 7, "Installing Processing Engines". The settings shown in Table 2-2 are defined.
Table 2-2 RUEI Configuration Settings
Setting | Description | ValueFoot 1 |
---|---|---|
|
Home directory of the RUEI software. |
|
|
Directory for RUEI data files. |
|
|
The RUEI operating system user. |
|
|
The RUEI operating system group. |
|
|
The database instance name. |
|
|
The database user name. |
|
|
The Reporter or Processing Engine database connect string. |
|
|
The Reporter database connect string. |
$RUEI_DB_TNSNAME or |
|
The export database connect string. |
|
|
The Oracle Enterprise Manager database connect string. | |
|
The PHP timezone setting. |
|
Footnote 1 Be aware that all variables specified in this table are the values used throughout this guide, and can be modified as required.
Footnote 2 The directory name cannot exceed 50 characters in length.
Footnote 3 The database instance name cannot exceed 8 characters in length.
Footnote 4 The database user name cannot exceed 30 characters in length.
Footnote 5 The alias name cannot exceed 255 characters in length.
Footnote 6 RUEI_DB_TNSNAME
is the default for a Reporter system. For a Processing Engine, the example value config
is used in this guide.
Footnote 7 Necessary when you want to integrate your RUEI deployment with Oracle Enterprise Manager's Incident Manager facility (see Appendix D, "Setting up a Connection to the Enterprise Manager Repository").
Footnote 8 This should be the appropriate timezone setting.
Important
Be aware that the RUEI_HOME
, RUEI_DATA
, RUEI_USER
and RUEI_GROUP
settings described in Table 2-2 must be specified in terms of literal values. Therefore, the following is not permitted:
RUEI_BASE=/my/ruei/dir export RUEI_HOME=$RUEI_BASE/home
Failover Reporter Configuration Settings
Table 2-3 shows the settings that are used to configure a failover Reporter, and are only relevant to Reporter systems. See Chapter 8, "Configuring a Failover Reporter System" for information on the configuration procedure.
Table 2-3 RUEI Failover Reporter Configuration Settings
Setting | Description |
---|---|
|
The primary Reporter IP address. |
|
The secondary Reporter IP address. |
|
The virtual Reporter IP address. |
|
The network interface used to connect to the virtual Reporter IP address. |
|
The network mask of the virtual Reporter IP address. |
Failover Collector Configuration Settings
Table 2-4 shows the settings that are used to configure a failover Collector, and are only relevant to Collector systems. See Chapter 9, "Configuring a Failover Collector System" for information on the configuration procedure.
Table 2-4 RUEI Failover Collector Configuration Settings
Settings | Description |
---|---|
|
The primary Collector IP address. |
|
The secondary Collector IP address. |
|
The virtual Collector IP address. |
|
The network interface used to connect to the virtual Collector IP address. |
|
The network mask of the virtual Reporter IP address. |
There is no need to change the settings for JAVA_HOME
and INSTANTCLIENT_DIR
if you intend to use the software contained on the RUEI distribution pack.
Create the moniforce
group and user. The home directory of moniforce
should be set to /var/opt/ruei
, with read permissions for group members.
/usr/sbin/groupadd moniforce /usr/sbin/useradd moniforce -g moniforce -d /var/opt/ruei chmod -R 750 /var/opt/ruei chown -R moniforce:moniforce /var/opt/ruei
An example of the configuration file is included in the RUEI distribution pack. Ensure the file is readable by the RUEI_USER
user by issuing the following commands:
cp /root/RUEI/extra/ruei.conf /etc/ chmod 644 /etc/ruei.conf chown moniforce:moniforce /etc/ruei.conf
In case of a remote Reporter database installation, the ruei.conf
file needs to be identical to that of the Reporter system.
For Reporter, Collector, and Processing Engines systems, you need to install the Java Runtime Environment (JRE). Java is bundled within the RUEI distribution pack.
Issue the following commands:
cd /root/RUEI/Java chmod +x ./jre-1_5_0_22-linux-amd64-rpm.bin ./jre-1_5_0_22-linux-amd64-rpm.bin
Note you are prompted to accept the Java licence agreement. You cannot continue until you have done so.
This installs the necessary Java software in the directory /usr/java/jre1.5.0_22
. To make the install directory version independent, create a more generic symlink using the following command:
ln -s /usr/java/jre1.5.0_22 /usr/java/jre
Within RUEI, XPath support is based on the libxml2
library. This is available as part of the RUEI distribution set. Logon to the Collector system as the root
user, and do the following:
Identify the currently installed libxml2
packages by issuing the following command:
rpm -qa | grep libxml2
Upgrade the installed packages by issuing the following commands:
cd zipextraction_path
cd RUEI/libxml rpm -Uhvpackage-name-1
package-name-2
...
where:
extraction_path
is the location of the libxml2
packages within the RUEI distribution set.
package-name-n
represents the appropriate libxml2
package names identified in step 1.
The procedure described in this section is only relevant to remote Collector systems.
Logon to the Collector system as the root
user, and do the following:
Create the RUEI application root directory using the following commands:
mkdir -p /opt/ruei chmod 750 /opt/ruei
Change to the RUEI root directory and run the ruei-install.sh
script using the following commands:
cd /root/RUEI/121 chmod +x ruei-install.sh ruei-check\|.sh ./ruei-install.sh collector
In addition to the actions described above, you need to configure the network interfaces. This is described in Configuring the Network Interface. Moreover, you also need to setup a password-less remote login from the Reporter system to the newly created Collector system. The necessary configuration steps are described in Configuring Reporter Communication (Split-Server Setup Only).
This section describes the procedure for installing the required components for a Reporter system. These include the Apache web server, the Oracle database Instant Client, and the Zend Optimizer.
This section describes the installation and configuration of the Apache web server, and the components that use it.
Ensure that the web server starts automatically after re-boot by issuing the following command:
/sbin/chkconfig httpd on
Edit the /etc/sysconfig/httpd
file to include the following line at the bottom of the file:
source /etc/ruei.conf
Create the following settings in the /etc/php.d/ruei.ini
file:
session.gc_maxlifetime = 14400 memory_limit = 96M upload_max_filesize = 128M post_max_size = 128M
Install the Oracle database Instant Client and SQLplus extension by issuing the following commands as the root
user:
cd /root/RUEI/IC rpm -Uhv oracle-instantclient11.2-basic-11.2.0.3.0-1.x86_64.rpm rpm -Uhv oracle-instantclient11.2-sqlplus-11.2.0.3.0-1.x86_64.rpm
Install the php-oci8
module (this is part of the RUEI distribution set) using the following commands:
cd /root/RUEI/PHP rpm -Uhv php-oci8-11gR2-5.1.6-27.el5_7.4.x86_64.rpm
Note that if you are using a version of RedHat Enterprise Linux or Oracle Linux prior to 5.7, you should use php-oci8-11gR2-5.1.6-27.el5.x86_64.rpm
. This is also shipped with the RUEI distribution set.
Go to the directory containing the Zend Optimizer code, unpack the tar file, and run the Zend optimizer installer. Read the license agreement. You will not be able to proceed until you have accepted the license terms. Accept all default settings, and allow the installer to restart the Apache web server. Issue the following commands:
cd /root/RUEI/ZendOptimizer tar zxvf ZendOptimizer-3.3.3-linux-glibc23-x86_64.tar.gz cd ZendOptimizer-3.3.3-linux-glibc23-x86_64 ./install
Note: If you upgrade your system packages (for example, using Yum), this can overwrite changes you previously made to the/etc/php.ini file. Therefore, you should be prepared to re-install the Zend Optimizer. When doing so, ensure the Zend Optimizer installer indicates the location of the php.ini file as /etc/php.ini and not /usr/local/Zend/etc/php.ini . |
Additional Information
It is recommended you move the Zend configuration lines created in the /etc/php.ini
file to the RUEI-specific PHP configuration file /etc/php.d/ruei.ini
to prevent PHP upgrade issues. If you performed a default installation of the Zend Optimizer, this involves moving the following lines:
[Zend] zend_extension_manager.optimizer=/usr/local/Zend/lib/Optimizer-3.3.3 zend_extension_manager.optimizer_ts=/usr/local/Zend/lib/Optimizer_TS-3.3.3 zend_optimizer.version=3.3.3 zend_extension=/usr/local/Zend/lib/ZendExtensionManager.so zend_extension_ts=/usr/local/Zend/lib/ZendExtensionManager_TS.so
The procedure described in this section should be skipped if you are installing a secondary (failover) Reporter system (see Chapter 8, "Configuring a Failover Reporter System"), and you should continue at Installation of the Reporter Software.
The Reporter database can reside either locally (that is, on the Reporter server) or on a remote database server. In this section you will create the database instance required for RUEI, and generate the "connection data" required for the Reporter to connect to this database instance. As an alternative for the database setup described in this chapter, you can follow the procedure described in Appendix B, "Generic Database Instance Setup".
You will need the following scripts to be present on the system where the database instance (RUEI_DB_INST
) will be created:
ruei-prepare-db.sh
: creates the database instance, Oracle wallet, and database connect files. Note that this script will only run on Linux. If you are installing the Oracle database on a different operating system, see Appendix B, "Generic Database Instance Setup" for more information.
sql_scripts
: this directory contains a number of SQL scripts that are called by the ruei-prepare-db.sh
script.
ruei-check.sh
: this is a hardware and environment check utility, and is automatically invoked by ruei-prepare-db.sh
. The script can also be used as a stand-alone troubleshooting utility. For a complete description of the script, refer to Appendix E, "The ruei-check.sh Script".
The four "connection data" files created during the procedure described in this section are as follows:
cwallet.sso
ewallet.p12
sqlnet.ora
tnsnames.ora
The RUEI configuration file (/etc/ruei.conf
) also needs to be present on the database server and configured as described in The RUEI Configuration File.
Do the following:
Copy the ruei-prepare-db.sh
and ruei-check.sh
scripts, and the sql_scripts
directory to the server on which you intend to run the database instance, and make them executable for the oracle
user. These scripts can be found in the RUEI distribution zip (/root/RUEI/121
).
Review the settings in the /etc/ruei.conf
file to match your needs as described in The RUEI Configuration File.
Logon to the database server as the oracle
user on the database server, and set the ORACLE_HOME
environment variable. You need to run the ruei-prepare-db.sh
script as the oracle
user. This script creates the $RUEI_DB_INST database, but only after a number of hardware and software environment checks have been performed. The actual checks performed depend on the system type you are currently installing.
The script prompts you for the Reporter database user passwordFoot 1 . This enables the RUEI application to login to the database automatically. The script also creates the "connection data" files for you now.
Issue the following commands:
chmod +x ruei-prepare-db.sh ruei-check.sh export ORACLE_HOME=/u01/app/oracle/product/11.2.0/dbhome_1Foot 2 ./ruei-prepare-db.sh create
If you ran the above commands on a combined Reporter/Database server, you can skip step 4 and proceed to step 5.
This step only applies when using a remote database.
In the case of a Reporter system using a remote database, you will need to copy the generated /tmp/ruei-database-configuration.tar
file in step 3 from the database server to the Reporter system. The /tmp/ruei-database-configuration.tar
file must be extracted on the Reporter server in the directory /var/opt/ruei
(RUEI_DATA
). The permissions of the files need to be set so that the specified RUEI_USER
(moniforce
) can use them.
Copy the generated .tar
file, which holds connection data files to the Reporter system. Logon to the Reporter server and extract the .tar
file using the following commands:
cd /var/opt/ruei
tar xvf path-to-tar-file
/ruei/database-configuration.tar
chown moniforce:moniforce cwallet.sso ewallet.p12 sqlnet.ora tnsnames.ora
Because logging of the database can consume a large amount of disk space, it is recommended that you install a clean-up script to avoid the usage of unnecessary disk space. Copy the (example) script to the oracle
user directory and activate it via cron
using the following commands:
mkdir -p /home/oracle/bin cp /root/RUEI/extra/ruei-clean.sh /home/oracle/bin chmod +x /home/oracle/bin/ruei-clean.sh su - oracle -c 'echo "10 0 * * * /home/oracle/bin/ruei-clean.sh" | crontab'
The RUEI directory locations are flexible. Therefore, it is necessary to use the exact directory name described as configured in the /etc/ruei.conf
file. Create the RUEI application root directory using the following commands:
mkdir -p /opt/ruei chmod 750 /opt/ruei
Note: The specified $RUEI_HOME and $RUEI_DATA directories must have 750 permissions defined for them. |
Make the apache
and moniforce
members of two additional groups using the following commands:
/usr/sbin/usermod -aG moniforce apache /usr/sbin/usermod -aG uucp apache /usr/sbin/usermod -aG uucp moniforce
Go to the directory that holds the RUEI software, and install the RUEI packages. You can specify reporter
or collector
to the ruei-install.sh
script depending on the required installation:
cd /root/RUEI/121 chmod +x ruei-install.sh ./ruei-install.sh reporter
Re-start the Apache web server using the following command:
/sbin/service httpd restart
As the root
user, add the following lines to the .bash_profile
file of the RUEI_USER
(RUEI_DATA
/.bash_profile
):
source /etc/ruei.conf source $RUEI_HOME/bin/env.sh
Verify that the RUEI software was correctly installed by issuing the following command:
./ruei-check.sh postinstall
This step should not be performed if you are installing a secondary (failover) Reporter system (see Chapter 8, "Configuring a Failover Reporter System"). You should continue at Configuring the Network Interface.
As the moniforce
user, set the RUEI admin
user password to enable logging onto the RUEI interface with the following commands:
su - moniforce set-admin-password
You are prompted to enter and confirm the password.
Password Requirements
When defining the admin
user password, bear the following in mind:
The password must have at least eight characters, and contain at least one non-alphanumeric character (such as $, @, &, and !).
The initial password must be changed within seven days.
The user name and password are case sensitive.
This section is only relevant to Collector systems.
Make the monitoring network interface up
status permanent (after a reboot) by setting the ONBOOT
parameter of the capturing interfaces to yes
in the interface configuration files. The network interfaces configuration can be found in the /etc/sysconfig/network-scripts/ifcfg-eth
X
file (where X
represents the necessary network interface). Alternatively, use the graphical utility system-config-network to set the appropriate interfaces to "activate device when computer starts".
This section is only relevant to the Reporter system.
For PDF generation with international character content, additional fonts are required to be enabled. These fonts need to be made available to Java. Use the following command to copy (or move) the RUEI-installed fonts to the appropriate Java directory:
cp RUEI_HOME
/bi-publisher/fonts/* \
/usr/java/jre/lib/fonts/
This section is only relevant to the Reporter system.
RUEI assumes a working local MTA for sending PDF reports and E-mail alerts. By default, Linux uses the Sendmail MTA. By default, Sendmail delivers the E-mail directly to the destination MTA. If this behavior is not according to your needs or policies, sending mail via a SmartHost (relay) might be an alternative. To configure a SmartHost in Sendmail, do the following:
Install the Sendmail configuration utility by going to the directory containing the uploaded RPM and issuing the following command:
rpm -Uhv sendmail-cf-8.13.8-*.el5.x86_64.rpm
Find the line which contains the Smart Host setting in /etc/mail/sendmail.mc
. Modify the SMART_HOST
setting to your needs. For example:
define('SMART_HOST', 'my.example')dnl
Generate the new configuration into a new sendmail.cf
by executing the following command:
make -C /etc/mail
Restart Sendmail. For example:
/etc/init.d/sendmail restart
Note: Extensive information about the configuration of the Sendmail MTA is available athttp://www.sendmail.org . |
You can download the RUEI MIB definition file through the Reporter interface. This definition file can then be added to your SNMP manager. The procedure for downloading the MIB file is described in the Oracle Real User Experience Insight User's Guide.
This section is only relevant to Reporter systems.
To have the browser automatically redirected to the correct RUEI path, create the file /var/www/html/index.html
with the following content:
<head> <meta http-equiv="REFRESH" content="0;URL=/ruei/"> </head>
This section is only relevant to a Reporter system with remote Collector(s).
A password-less SSH connection must be setup between the Moniforce
user from the Reporter system to each Collector system. Do the following:
Logon to the Reporter server as root
. Issue the following commands:
su - moniforce ssh-keygen -P ""
Press Enter to accept the defaults.
Logon as root
to each of the Collector systems and become the moniforce
user by issuing the following command:
su - moniforce
Create the .ssh
directory (if it does not already exist) for the moniforce
user on each Collector system by issuing the following commands:
mkdir ~/.ssh chmod 700 ~/.ssh
Copy the SSH key on the Reporter system to the required location on the Collector system by issuing the following commands:
cd ~/.ssh
ssh root@Reporter
cat /var/opt/ruei/.ssh/id_rsa.pub >> authorized_keys
(you will need to specify the Reporter system root
password)
chmod 600 authorized_keys
Check that it is now possible to execute a remote command (as moniforce
user) on the Reporter system without using a password. For example:
Logon as root
on the Reporter server.
Logon as moniforce
user: su - moniforce
.
Execute a remote pwd command: ssh
Collector
pwd
.
Enter yes to the question "Are you sure you want to continue connecting (yes/no)?".
The command should return /var/opt/ruei
.
The above steps must be performed for each Collector!
Note: If the connection between the Reporter and the Collector(s) has not been correctly configured, you will receive an authorization error when you try to register the remote Collector. |
On completion of the Initial Setup Wizard (described in Performing Initial RUEI Configuration), you can verify your installation by selecting System, then Status. All system indicators should report OK. Note Status notification will indicate "Unknown" because no system alerts have yet been configured. This is fully described in the Oracle Real User Experience Insight User's Guide.
Footnote Legend
Footnote 1: The database password is also used as the Oracle wallet password. Both passwords must be 8-30 characters in length, and contain both numbers and letters. For information on changing the Oracle wallet password, please consult the appropriate Oracle documentation.This chapter introduces the role of Oracle Real User Experience Insight (RUEI). In particular, it describes how RUEI monitors data traffic, its operational requirements, and the available deployment options. Information is also provided about how you can increase the amount of information available within the RUEI Reporter database.
The usage of web applications and services continues to grow. This includes not only the use of the Internet as a marketing channel, but also Extranet-based supply chain and back-office integration, and Intranet deployment of internal applications. Increasingly, it also includes the utilization of web services which implement clearly defined business functions. RUEI is designed for measuring, analyzing, and improving the availability and performance of all of these deployment scenarios.
Typically, RUEI is installed before the web servers, behind a firewall in the DMZ (as shown in Figure 1-1). The data collection method is based on Network Protocol Analysis (NPA) technology. This method is 100% non-intrusive. Hence, it does not place any load on a web server, or require installing software agents that will impact performance. In addition, it does not require any change to the current application or infrastructure. When a new application release is deployed, or when an additional web server is added, there is no or very little change required to RUEI's monitoring environment.
When an object is requested by a visitor, RUEI sees the request and measures the time the web server requires to present the visitor with the requested object. At this point, RUEI knows who requested the page (the client IP), which object was requested, and from which server the object was requested (server IP).
When the web server responds and sends the requested object to the visitor, RUEI sees that response. At this point, RUEI can see whether there is a response from the server, whether this response is correct, how much time the web server required to generate the requested object, and the size of the object. In addition, RUEI can also see whether the object was completely received by the visitor, or if the visitor aborted the download (that is, proof of delivery). Hence, RUEI can determine the time taken for the object to traverse the Internet to the visitor, and calculate the Internet throughput between the visitor and the server (that is, the connection speed of the visitor).
RUEI is based on a three-layer product architecture, as shown in Figure 1-2.
The monitored data packets are processed by the layers shown in Table 1-1.
Table 1-1 Product Architecture Layers
Layer | Description |
---|---|
Data Collection |
This layer is responsible for acquiring raw data and delivering it to the Data Processor layer. This data can be collected from multiple sources. The available attachment options are described later in this section. |
Data Processing |
This layer converts the raw data into the OLAP data sets. These comprise the multi-dimensional data structure that is viewable with the Data Browser. |
Data Presentation (Reporter) |
This layer is RUEI's analysis and reporting environment. This is a web-based information portal that can be accessed from any supported browser. |
As will be explained in a later section, each of these layers can be deployed on the same system, or for scalability issues, on separate systems.
To read HTTP(S) data streams, a proprietary software module reassembles TCP/IP packet streams. Because the data collectors do not have an assigned IP number, and the software using these data collectors does not have a functional IP stack, RUEI is not able to respond to incoming traffic received on the data collectors. This makes RUEI "invisible" to the monitored networks, and completely secure.
Note: Because of the non-intrusive way in which RUEI collects data, it is not possible for it to request retransmission in the event of an error on the measurement port. |
Data collection can be configured to log encrypted data. To facilitate this, a copy of the web server's private SSL keys needs to be set up in the data collector. In addition, RUEI can be configured to omit logging of sensitive data in the arguments of POST requests of forms or content; so called data masking (or blinding).
RUEI supports the use of both copy portsFoot 1 and TAPsFoot 2 for monitoring network traffic (10/100 Mbps and 1/10 Gbps Ethernet connections are supported). Copy ports and TAPs are available for copper or fibre-based network infrastructures. While both devices allow non-intrusive monitoring of network traffic, there are differences between these two connection options. These are highlighted in the rest of this section.
Monitoring SSL and Forms Traffic
Be aware that SSL and Oracle Forms traffic are particularly sensitive to disruptions in the TCP packet stream. This is because they require state information to be maintained for the duration of the connection, and any lost packets can cause that information to be lost, preventing RUEI from accurately monitoring and reporting the connection.
Therefore, you should ensure that each Collector is connected to a reliable network device, such as a TAP. In addition, it is strongly recommended that you regular review the information available through the Collector Statistics window (select System, then Status, and then Collector status) to verify the integrity of the TCP packet stream. Particular attention should be paid to the reported TCP and SSL connection errors.
A copy port is a switch that starts to build up a Layer 2 forwarding table on the basis of the source MAC address of the different packets that the switch receives. After this forwarding table is built, the switch forward traffic that is destined for a MAC address directly to the corresponding port.
For example, after the web server MAC in Figure 1-3 is learned, unicast traffic from the browser to the web server is only forwarded to the web server port. Therefore, the Collector does not see this traffic.
Figure 1-3 Network Connection Using a Copy Port
In the configuration shown in the lower part of Figure 1-3, the Collector is attached to a port that is configured to receive a copy of every packet that the browser sends and receives. This port is called a copy port. Copy ports can copy traffic from any or all data ports to a single unused port and prevents bi-directional traffic on the port to protect against backflow or traffic into the network.
Be aware that activating a copy port on a switch can have a performance impact. Typically, copy ports support a wide range of configuration options, and for further information about these options you should consult your switch documentation or contact the vendor.
TAPs can be placed between any two network devices (such as routers and firewalls). Any monitoring device connected to a TAP receives the same traffic as if it were in-line, including all errors. This is achieved through the TAP duplicating all traffic on the link, and forwarding it to the monitoring port(s). The example shown in Figure 1-4 illustrates a typical TAP deployment for one Collector.
Figure 1-4 Network Monitoring Using a TAP
Important
Unlike copy ports, in the event of power failure, TAPs continue to allow data to flow between network devices. In addition, copy ports are prone to packet loss when under load. TAP devices are available for copper or fibre-based infrastructures. Moreover, they can be easily deployed when and where required, but without reconfiguration of switches or engineers needing to re-cable a network link. For these reasons, the use of TAPs is strongly recommended over that of copy ports.
Broadly speaking, there are three types of TAPs: network, regeneration, and aggregation TAPs. RUEI supports the use of network and regeneration TAPs. The use of aggregation TAPs is not recommended because they can lose data, and do not provide an acceptable level of accuracy. However, the deployment of multiple Collectors, or the connection of multiple links directly to one Collector, is available for the aggregation of data from multiple streams. In addition, be aware that when capturing data with a network-TAP device, the use of cascaded TAP configurations is not supported.
A RUEI system can be installed to be one of three things: a Reporter, a Collector, or a Processing Engine. Each of these installation options is reviewed in the following sections.
Reporter
A Reporter system processes the data gathered by the Collectors attached to it. After processing, this data is stored in an Oracle database, referred to as the Reporter database. System users can review the collected data through a browser-based interface.
In order for RUEI to be able to accurately monitor network traffic, and report its results, it needs certain information about your network and application infrastructure. This includes how pages, service function calls, and end users will be identified, the scope of monitoring in your network environment, the monitoring of specific KPIs and SLAs, and the roles and permissions assigned to system users. This information is held in a separate Configuration database.
Collector
A Collector monitors network traffic, and submits the data it gathers to a Reporter. Multiple Collectors can be attached to the same Reporter. Note that a direct connection is required between the Collector systems and the Reporter system.
Note that each Reporter installation also contains a local Collector instance. The Reporter can be configured to just process information gathered by this local Collector (this is a single-server configuration), or to receive information from additional Collectors. Note that the local Collector instance on the Reporter system can also be disabled if not required.
Processing Engine
A Processing Engine is an optional component in a RUEI deployment that undertakes the data processing role normally performed by the Reporter. Essentially, it involves offloading the overhead of processing the data gathered by the Collectors to one or more separate systems.
Each Processing Engine has its own (local) database, in which intermediate network traffic monitoring results are stored. Once processed, this data is used to update the Reporter's database. All configuration information is also maintained within this database. Note that each Processing Engine system requires a direct connection between its associated Collector systems and the Reporter system.
As explained earlier, the data available via the Reporter system is stored in an Oracle database, called the Reporter database. The information required by RUEI in order to correctly monitor and report on your web infrastructure, such as information about monitored applications and system users, is held in a separate Configuration part of the database. The database can reside locally on the Reporter system, or on a remote database server (such as a database cluster).
The use of a remote database server provides a number of potential advantages over a locally installed database. In particular, it offers easier integration with existing security and back-up policies, as well as improved performance through the use of dedicated servers.
Currently, RUEI supports the Oracle 11g database. While the configuration procedure for 11gR1 is described, 11gR2 is also supported. Note that the Oracle 10g (or older) database is not supported.
This section highlights the different deployment scenarios available to you. The selection of the most appropriate deployment scenario is primarily determined by the level of monitored network traffic, your reporting requirements, and the hardware specifications of your deployment systems.
Single-Server Deployment
This is the simplest deployment, and is suitable for monitoring web environments with low to medium levels of traffic. An example is shown in Figure 1-5.
In this deployment, a single system servers as both Collector and Reporter. As explained in the previous section, the Reporter database can reside locally on the Reporter system or on a remote database server.
Multiple-Server Deployment
The use of multiple servers may be considered when there is a need to monitor very high levels of traffic. In addition, this deployment also provides the possibility of enhanced security. For example, by placing the Collector(s) outside the office network, while placing the Reporter system within the network. Figure 1-6 shows an example of a multiple-Collector deployment.
This features a deployment in which both data lines are monitored in the same reporting environment. Note that this deployment assumes that the traffic on each line is mutually exclusive. It also illustrates a deployment used for security reasons. While the traffic from web servers A and B are monitored and reported, the traffic from web server C is not. This is also the reason why the Collectors are not placed above the switch. Note that the Collector instance on the Reporter system (system 1) is disabled.
For security reasons, it is recommended that access to the Reporter system is restricted to trusted IP ranges. Similarly, you may want to locate the Reporter system inside the internal network to maximize its security. The Collector's data gathering ports should be within the DMZ.
The application and infrastructure configuration information held in the database is maintained by the Reporter based on information provided by system users through its browser-based interface. Each Collector uses this information to determine how the data it gathers should be reported.
Three-Tier Deployment
As explained earlier, a Processing Engine serves to offload a significant amount of the processing normally performed by the Reporter to a separate system. It is strongly recommended that you consider the use of a Processing Engine within your deployment when CPU utilization on the Reporter system is reaching its upper limit. Figure 1-7 shows an example of a Processing Engine within a multiple-Collector deployment.
It is important to understand that the processing performed on the Reporter system includes not only the processing of the data gather by the attached Collectors, but also the use of the Enriched data export facility. This enables you to combine the data gathered by RUEI with other data sources. Be aware that, when enabled, this facility places a considerable additional load on the Reporter system. The Enriched data export facility is described in the Oracle Real User Experience Insight User's Guide.
The required minimum system specifications for the selected configuration (as explained in Installation Options) are described in the following sections.
It is recommended that you carefully consider the selection of network cards for your infrastructure. Depending on the connection option you selected in Connection Options, both copper and fibre-based network cards may be required. If necessary, consult both your network and systems management teams.
Network Cards Within Bonded Groups
Be aware that monitoring of netwotk traffic using network cards that are part of a bonded group is not supported.
Note: For more information about required and recommended system specifications, please contact Customer Support. |
Table 1-2 Single-Server System Minimum Requirements
Element | Requirements |
---|---|
CPU |
64-bit Intel or AMD dual-CPU, dual-core processor (> 2 G Hz) or equivalent. |
Memory |
16 GB. |
Disk space |
Minimum 700 GB HDD free space.Foot 2 ,Foot 3 |
Network interfaces |
When using a network-TAP deviceFoot 4 , a minimum of three network interfaces are required:
|
GSM modem (optional) |
Optional support for a GSM modem to send text messages. The modem needs to be either GSM07.05 or GSM07.07 compatible. It can be connected through a serial or USB port. If USB is used, RUEI uses the first available port ( |
Footnote 1 To ensure acceptable performance of the RUEI installation, it is recommended to use high performance disk systems, with a minimum supported I/O rate of 70 MB/s. When monitoring high volumes of traffic, more powerful disk systems may be required. (Hardware) RAID-10 or equivalent storage configurations are strongly recommended.
Footnote 2 This may need to be increased if Enriched data exchange is enabled.
Footnote 3 The use of an NFS share for local data (that is, $RUEI_DATA
and $RUEI_HOME
) is not supported. Note that this restriction does not apply to $RUEI_DATA
/processor/data
and $RUEI_DATA
/collector/wg/REPLAY
.
Footnote 4 When capturing data with a network-TAP device, the use of cascaded TAP configurations is not supported.
Table 1-3 Reporter System Minimum Requirements
Element | Requirements |
---|---|
CPU |
64-bit Intel or AMD dual-CPU, dual-core processor (> 2 G Hz) or equivalent. |
Memory |
16 GB. |
Disk space |
Minimum 700 GB HDD free spaceFoot 2 ,Foot 3 . |
Network interfaces |
A minimum of one network interface is required. |
GSM modem (optional) |
Optional support for a GSM modem to send text messages. The modem needs to be either GSM07.05 or GSM07.07 compatible. It can be connected through a serial or USB port. If USB is used, RUEI uses the first available port (ttyUSB0). Alternative methods of sending text messages are available (http/e-mail). |
Footnote 1 To ensure acceptable performance of the RUEI installation, it is recommended to use high performance disk systems, with a minimum supported I/O rate of 70 MB/s. When monitoring high volumes of traffic, more powerful disk systems may be required. (Hardware) RAID-10 or equivalent storage configurations are strongly recommended.
Footnote 2 This may need to be increased if Enriched data exchange is enabled.
Footnote 3 The use of an NFS share for local data (that is, $RUEI_DATA
and $RUEI_HOME
) is not supported. Note that this restriction does not apply to $RUEI_DATA
/processor/data
and $RUEI_DATA
/collector/wg/REPLAY
.
The requirements for Collector systems are shown in Table 1–4.
Table 1-4 Collector System Minimum Requirements
Element | Requirement |
---|---|
CPU |
64-bit Intel or AMD dual-core processor or equivalent. |
Memory |
8 GB. |
Disk space |
Minimum 200 GB HDD free spaceFoot 1 . |
Network interfaces |
When using a network-TAPFoot 2 device, a minimum of three network interfaces are required:
When using a network-copy port, a minimum of two network interfaces are required:
|
Footnote 1 The use of an NFS share for local data (that is, $RUEI_DATA
and $RUEI_HOME
) is not supported. Note that this restriction does not apply to $RUEI_DATA
/processor/data
and $RUEI_DATA
/collector/wg/REPLAY
.
Footnote 2 Capturing data with a network-TAP device prevents the use of a cascaded TAPs configuration.
Footnote 3 For up and down stream traffic. Note that the use of TAPs that integrate up and down stream traffic on one line (that is, link aggregation TAPs) is not recommended.
The requirements for Processing Engine systems are shown in Table 1-5.
Table 1-5 Processing Engine System Minimum Requirements
Element | Requirements |
---|---|
CPU |
64-bit Intel or AMD dual-CPU, dual-core processor (> 2 G Hz) or equivalent. |
Memory |
16 GB. |
Disk space |
Minimum 700 GB HDD free spaceFoot 2 ,Foot 3 . |
Network interfaces |
A minimum of one network interface is required. |
Footnote 1 To ensure acceptable performance of the RUEI installation, it is recommended to use high performance disk systems, with a minimum supported I/O rate of 70 MB/s. When monitoring high volumes of traffic, more powerful disk systems may be required. (Hardware) RAID-10 or equivalent storage configurations are strongly recommended.
Footnote 2 This may need to be increased if Enriched data exchange is enabled.
Footnote 3 The use of an NFS share for local data (that is, $RUEI_DATA
and $RUEI_HOME
) is not supported. Note that this restriction does not apply to $RUEI_DATA
/processor/data
and $RUEI_DATA
/collector/wg/REPLAY
.
Important: Please note that an Intel (or compatible) 64-bit platform is a strict requirement for both the hardware and the operating system in all deployment scenarios. |
This section presents a best practices framework within which to optimize your RUEI deployment. It is recommended that you carefully review the following information.
Planning Your Deployment
It is important that the nature of the monitored network environment is clearly understood before deciding upon your RUEI deployment strategy. This includes not only the basic network connectivity, ports, addressing, and physical device requirements, but also a sound understanding of the monitored applications.
Moreover, before deploying RUEI, the basic traffic flows within the network must have been identified. This should include information about average and peak volumes of traffic. Any physical deployment requirements (such as space limitations, distances, power planning, rack space and layout, or cabling) should also have been identified.
You can use the checklist presented in Appendix H, "Installation Checklist" to capture much of this information.
Forms-Based Traffic
If you are planning to monitor Forms-based traffic, be aware that the memory requirements may be higher than those outlined in Server Requirements. This is especially the case in deployments with heavy levels of Forms traffic. In this case, you should consider a split-server deployment.
Full Session Replay
If you are planning to make use of the Full Session Replay (FSR) facility, you may need to configure additional storage capacity. This is explained in Full Session Replay Storage Requirements.
Encrypted Traffic
If a significant level of the monitored traffic is encrypted, this can increase the CPU overhead. In this case, it is recommended that you consider configuring additional CPUs or, alternatively, a split-server deployment.
Very High Levels of Traffic
When very high levels of traffic are being monitored (that is, more than 10 million page views per day), it is strongly recommended that you consider a split-server deployment. Alternatively, consider the use of a remote database server. The latter has the effect of significantly reducing (by up to 30%) the CPU overhead on the Reporter system. Monitored environments with more than 20 million page views per day should consider the use of both a split-server deployment and a remote database server.
As explained in the Oracle Real User Experience Insight User's Guide, the availability of specific data within the Data Browser, as well as reports based on that data, depends on the Reporter data retention policies defined for your RUEI installation. By default, RUEI retains information on daily, monthly, and yearly levels for 32 days, 13 months, and 5 years, respectively. In addition, information about failed pages, URLs, and services is retained for 15 days. The maximum amount of database storage required to maintain the default data retention policies is shown in Table 1-6.
Table 1-6 Default Required Database Storage
Type of data retained | Default retention policy | DB space required per period (GB) | Total DB space required (GB) |
---|---|---|---|
Failed pages/URLs/services |
15 |
1.5 |
22.5 |
DailyFoot 1 |
32 |
1 |
32 |
Monthly |
13 |
1 |
13 |
Yearly |
5 |
1 |
5 |
SuitesFoot 2 |
32 |
1Foot 3 |
32 |
Additional overhead |
10 | ||
Total required DB space |
114,5 |
Footnote 1 This includes the All pages, All sessions, All functions, All transactions, Key pages, and URL diagnostics groups.
Footnote 2 Suites use the Daily retention policy setting.
Footnote 3 1 GB is required per day for each configured suite type.
Be aware that, in addition to the database storage required for each retained type of data, appropriately 10 GB of database storage is also required for other purposes. This includes KPIs, SLAs, and processing requirements. In Table 1-6, it is assumed that one suite type is configured.
If you modify the default Reporter data retention policies, it is recommended that you use the Calculate facility to see the effect your new retention policy would have on required database storage. Note that the projected database utilization is based on previous database utilization, rather than maximum database usage.
The default amount of database storage available to the Reporter is 500 GB, and for most deployments, this will meet your operational requirements.
Example - Increasing the Number of Groups
Consider the following situation. You have decided to retain information on daily, monthly, and yearly levels for 90 days, 24 months, and 5 years, respectively, and failed pages, URLs, and services information should be retained for 90 days. For the purposes of this example, it is assumed that only one suite type is configured. The maximum amount of database storage required to maintain this data is shown in Table 1-7.
If you are planning to make use of the Full Session Replay (FSR) facility, you may need to configure additional storage capacity available to the Collector system. This should be a separate device (not a partition of the Collector server's existing hard drive), and made accessible to the RUEI file system. The procedure to do this, together with guidance on storage requirements, is described in the rest of this section. Note that this procedure must be repeated for each Collector for which full session replay information is required.
Configuring Additional Storage for Full Session Replay
The procedure described below assumes that you have a fully operational system, and that FSR has been enabled. To configure the additional required storage, do the following:
Mount the device. For example, under /mnt/external_storage
.
Temporarily stop the Collector by issuing the following command:
appsensor stop wg
Move the $APPSENSOR_HOME/wg/REPLAY
directory to the new device. In the above example, this is /mnt/external_storage
, and the result is that the replay files are now located in the /mnt/external_storage/REPLAY
directory.
Create a symbolic link from /mnt/external_storage/REPLAY
to $APPSENSOR_HOME/wg/REPLAY
.
Restart the Collector by issuing the following command:
appsensor start wg
Calculate the required storage capacity. To do so, multiple the average number of daily page views by the average page size. Then, multiple this number by the number of days you wish full session replay data to be retained. Use Table 1-8 as guidance.
Table 1-8 Full Session Replay Storage Estimates
Low page weight (~10 Kb) | Medium page weight (~50 Kb) | High page weight (~100 Kb) | ||||
---|---|---|---|---|---|---|
Page views per day (millions) |
Size per day (GB) |
Disk I/O (MB/sec) |
Size per day (GB) |
Disk I/O (MB/sec) |
Size per day (GB) |
Disk I/O (MB/sec) |
0.5 |
5 |
0.1 |
25 |
0.3 |
50 |
0.6 |
2 |
20 |
0.2 |
100 |
1.2 |
200 |
2.3 |
5 |
50 |
0.6 |
250 |
2.9 |
500 |
5.8 |
10 |
100 |
1.2 |
500 |
5.8 |
1000 |
11.6 |
20 |
200 |
2.3 |
1000 |
11.6 |
2000 |
23.1 |
50 |
500 |
5.8 |
2500 |
28.9 |
5000 |
57.9 |
Important: Table 1-8 is intended for guidance only. It is strongly recommended that you regularly review average page sizes and daily page views, and adjust the required storage size as necessary. |
Note: Be aware that FSR functionality uses a significant number of non-sequential read operations. Please consult your hardware vendor for information on how to optimize your I/O performance. |
Select Configuration, then General, then Advanced settings, and then Collector data retention policy. Click the Full session replay storage size (GB) setting. Specify (in gigabytes) the required storage size. Note that the maximum that can be specified is 100 TB. When ready, click Save.
When calculating the amount of RAM required by your RUEI installation, it is recommended that you consider the following:
For a Reporter system without configured Processing Engines, or a Processing Engine system itself, each million visitor sessions per day requires 256 MB. Hence, 3 million visitor sessions per day would require 768 MB. In addition, each million page views requires 100 MB - 256 MB. Note that exact amount depends the length of monitored URLs, average session duration, and the number of events (such as custom dimensions).
For each Collector system, each 100 concurrent hits require 2 MB, and each 1000 SSL connections require 1 MB. In addition, up to 600 MBps of network traffic can be buffered before individual TCP sessions start to be dropped. Up to 600 MBps should also be assumed for content checks (such as XPath queries and error strings). Note that if you define a large number of content checks, or specify that they contain NLS character sets, the memory required may increase.
The following GNU/Linux distributions are supported:
Oracle Linux 5.x 64-bit Intel or AMD compatible.
RedHat Enterprise Linux 5.x 64-bit Intel or AMD compatible.
Encrypting Sensitive Data
If sensitive data needs to be encrypted, you have the opportunity to encrypt your entire disk configuration during the disk partitioning phase of the Linux installation procedure. For more information, see .
All server system clocks should be synchronized via NTP using UDP port 123.
Support DNS information requests over TCP and UDP port 53.
Support reports and e-mail alerts using TCP port 25.
Support SNMP traps on request from an SNMP Manager using UDP port 161/162.
The RUEI user interface is accessible over HTTPS port 443.
In the case of a remote database setup, access to TCP port 1521 is required between the Reporter and remote database server.
Each remote Collector system should be accessible by the Reporter system over TCP port 22. It is recommended all other ports be blocked.
If you are configuring a; failover Reporter system (described in Chapter 8, "Configuring a Failover Reporter System"), the primary and secondary Reporter systems need to be able to contact each other using ICMP.
If you are configuring a failover Collector system (described in Chapter 9, "Configuring a Failover Collector System"), the primary and secondary Collector systems need to be able to contact each other using ICMP.
Collector-Reporter and Collector-Processing Engine Bandwidths
The amount of data transferred between a remote Collector and the Reporter system largely depends on the type and level of network application traffic monitored by RUEI. In addition, the configuration of RUEI (such as defined functional errors, content checks, and page naming schemes) also influences the size of Collector files that need to be transferred to the Reporter system.
At peak times, the amount of data that needs to be transferred will be higher than during low traffic periods. Note that the exact amount of the data transmission from a remote Collector to the Reporter system can only be determined after the actual RUEI deployment.
For an initial deployment, the following simple rule can be used: each 5 million daily page views will result in a peak transfer of approximately 125 MB at peak time, and approximately 1 GB per day. Hence, typically only a few percent of the actual monitored traffic will be stored by a Collector and transferred to the Reporter. When you want or need to minimize this data transfer, it is recommended that you minimize the amount of monitored HTTP traffic which is not required by RUEI. For example, by using a subnet or VLAN-filtered network.
In the case of deployments that make use of Processing Engines, the above also applies to Collector-Processing Engine connections.
Firewall Requirements
Table 1-9 shows the firewall requirements for your RUEI deployment.
Table 1-9 RUEI Firewall Rules
From | To | Port(s) | Socket type | Required | Description |
---|---|---|---|---|---|
Reporter |
Collector |
22 (SSH) |
TCP |
Y |
Each remote Collector system must be accessible by the Reporter system over TCP port 22. |
Reporter |
Processing Engine |
22 (SSH) |
TCP |
Y |
Each Processing Engine system must be accessible by the Reporter system over TCP port 22. |
Reporter |
Processing Engine |
1521Foot 1 (NET8) |
TCP |
Y |
Each Processing Engine system must be accessible by a database connection (by default, over port 1521). |
Reporter |
NTP server |
123 (NTP) |
UDP |
Y |
All server system clocks must be synchronized via NTP. |
Processing Engine |
NTP server |
123 (NTP) |
UDP |
Y |
All server system clocks must be synchronized via NTP. |
Processing Engine |
Collector |
22 (SSH) |
TCP |
Y |
Each Collector system must be accessible by the Processing Engine system over TCP port 22. |
Processing Engine |
Reporter |
1521 (NET8) |
TCP |
Y |
Each Processing Engine system must be accessible by a database connection (by default, over port 1521). |
Collector |
NTP server |
123 (NTP) |
UDP |
Y |
All server system clocks must be synchronized via NTP. |
Remote DB server |
NTP server |
123 (NTP) |
UDP |
Y |
All server system clocks must be synchronized via NTP. |
Reporter |
DNS server |
53 (DNS) |
TCP/UDP |
NFoot 2 |
Support DNS information requests. |
Collector |
DNS server |
53 (DNS) |
TCP/UDP |
NFootref 2 |
Support DNS information requests. |
Remote DB server |
DNS server |
53 (DNS) |
TCP/UDP |
NFootref 2 |
Support DNS information requests. |
Reporter |
Mail server |
25 (SMTP) |
TCP |
N |
Support reports and E-mail requests. |
Reporter |
SNMP Manager server |
161, 162 (SNMP) |
UDP |
N |
Support SNMP traps on request from an SNMP Manager. |
Client browsers |
Reporter |
443 (HTTPS) |
TCP |
Y |
The RUEI user interface is accessible over HTTPS. |
Footnote 1 Note that this port is configurable.
Footnote 2 Optional, but strongly recommended.
The workstations that will access the RUEI user interface must have one of the following browsers installed:
Mozilla Firefox 3.6 (or above).
Internet Explorer 7, 8, or 9.
Safari 4 and 5.
Google Chrome 17 (or above).
Note that JavaScript must be enabled. No other browser plug-ins are required.
In addition, the workstation should have a screen resolution of 1024 * 768 (or higher).
Important: Ensure that any pop-up blocker within the browser has been disabled. |
AJAX Support
RUEI uses AJAX to enhance its user interaction. Internet Explorer relies on the MSXML control to facilitate AJAX. The AJAX dependencies can trigger a security warning when using strict security settings.
Internet Explorer 6 does not properly support transparent images in the PNG format. RUEI uses a well know fix (AlphaImageLoader
) for this problem which relies on DirectX. If you are experiencing browser crashes with IE 6, you may need to update your version of DirectX. The PNG fix can trigger a security warning when using strict security settings.
Footnote Legend
Footnote 1: Copy ports are also known as Switched Port Analyzer (SPAN) ports which is a feature of Cisco switches.This appendix describes how you can set up a connection to the Oracle Enterprise Manager Repository. This is necessary when you want KPIs defined for the applications, suites, and services that comprise your business applications to be reported as events in Incident Manager. The use of Incident Manager is described in Oracle Enterprise Manager Cloud Control Administrator's Guide. The use of the business application facility is described in Oracle Enterprise Manager Cloud Control Getting Started with Oracle Fusion Middleware Management.
Oracle Enterprise Manager supports the monitoring of business applications. These represent logical services or applications, and unify the dedicated performance monitoring, diagnostics, and reporting capabilities available through RUEI with that available through Oracle Enterprise Manager. The alerts generated by KPIs defined for the applications, suites, and services that comprise your business applications are reported as events in Incident Manager.
The required procedure consists of two parts: establishing a connection to the Oracle Enterprise Manager repository, and setting up the authentication to this repository. These are described in the following sections.
Two files, sqlnet.ora
and tnsnames.ora
, require to be set up in the RUEI data directory (RUEI_DATA
) on the Reporter system. Do the following:
Ensure that the sqlnet.ora
file contains the following:
NAMES.DIRECTORY_PATH = (TNSNAMES)
SQLNET.WALLET_OVERRIDE = TRUE
WALLET_LOCATION = (SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=RUEI_DATA)))
DIAG_SIGHANDLER_ENABLED = FALSE
where RUEI_DATA
specifies the RUEI data files directory (see Table 2-2).
Edit the tnsnames.ora
files on the Reporter and Processing Engine systems. You should add the following:
RUEI_DB_TNSNAME_EM
=(DESCRIPTION= (ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=EM_database_server
) (PORT=1521))) (CONNECT_DATA=(SERVICE_NAME=RUEI_DB_INST_EM
)))
where:
EM_database_server
specifies the network address (host name or IP address) of the Enterprise Manager database server.
RUEI_DB_TNSNAME_EM
specifies the Enterprise Manager database connect string. For more information, see The RUEI Configuration File.
RUEI_DB_INST_EM
specifies the Enterprise Manager database instance name.
Ensure that the HOST
setting specifies the Enterprise Manager database. If you use a host name, ensure that it is also specified in the /etc/hosts
setup. However, you can also specify an IP address.
The Reporter system requires non-interactive access to the Enterprise Manager database. In order to achieve this, the Oracle autologin wallet is used to store passwords securely. A wallet should already exist to connect to the Reporter database. Do the following:
Use the following command to add the new credentials to the existing wallet files ewallet.p12
and cwallet.sso
files:
mkstore -wrlRUEI_DATA
-createCredentialRUEI_DB_TNSNAME_EM
RUEI_DB_USER_EM
where:
RUEI_DB_TNSNAME_EM
specifies the Enterprise Manager database connect string.
RUEI_DB_USER_EM
specifies the user of the Enterprise Manager database.
Note that you are prompted for the wallet password and the database password for RUEI_DB_USER_EM
.
Use the following command to change the permissions of the cwallet.sso
wallet file:
chmod 640 cwallet.sso
Ensure that the permissions for these files are set correctly. Both files should have the ownership of RUEI_USER
and RUEI_GROUP
. The ewallet.p12
file only needs to be readable by the RUEI_USER
, but both files need to be readable by RUEI_GROUP
.
If the database connection has been set up correctly, it should now be possible to access the Enterprise Manager database without being prompted for the password. Issue the following command as the RUEI_USER
on the Reporter system:
sqlplus /@RUEI_DB_TNSNAME_EM
This appendix describes the procedure for uninstalling RUEI from Reporter, Collector, and Processing Engine systems.
Do the following for each Reporter, Collector, and Processing Engine system unless indicated otherwise:
Logon to required system as the RUEI_USER
user, and clear all crontab
entries by issuing the following command:
echo "" | crontab
Stop all processing on the Reporter and Processing Engine systems by issuing the following command as the RUEI_USER
user:
project -stop wg
In the case of Collector systems, stop data collection by issuing the following command:
appsensor stop wg
Remove the installed RUEI RPMs by issuing the following command as the root
user:
rpm -qa | grep ^ux- | xargs rpm -e
If parts of the installed RPMs were removed manually or corrupted, errors might be encountered in the above step. In this case, you should issue the following command:
rpm -qa | grep ^ux- | xargs rpm -e --noscripts
Note that part of the installation may remain after issuing the above command.
On the Reporter system, unistall the php-oci8
module, Oracle database Instant client, PHP configuration, and SQLplus extension by issuing the following commands as the root
user:
rm /etc/php.d/ruei.ini rpm -e php-oci8-11gR2 rpm -e oracle-instantclient11.2-sqlplus rpm -e oracle-instantclient11.2-basic
Ensure that all RUEI daemons are deactivated by executing the following commands as the root
user:
. /etc/ruei.conf killall -u $RUEI_USER
Remove all RUEI data files by executing the following commands at the root
user:
rm -rf $RUEI_HOME rm -rf $RUEI_DATA
Remove each database instance by logging onto the required database server(s) as the oracle
user, and executing the following commands:
. /etc/ruei.conf . oraenv dbca -silent -deleteDatabase -sourceDB ${RUEI_DB_INST}
Note that when prompted for the Oracle SID, you should specify the same value as that for the RUEI_DB_INST
setting in the /etc/ruei.conf
file.
For Reporter and Collector systems, remove the Java Runtime Environment (JRE) by executing the following commands as the root
user:
rpm -e jre-1.5.0_22-fcs rm /usr/java/jre
On the Reporter system, edit the /etc/sysconfig/httpd
file, and remove the following line that loads the RUEI environment:
source /etc/ruei.conf
On the Reporter system, restore the original Zend Optimizer configuration file /etc/php.ini
by executing the following commands as the root
user:
cd /etc/ cp php.ini-zend_optimizer.bak php.ini
Remove the Zend Optimizer installation directory by executing the following command:
rm -rf /usr/local/Zend
Restart the Apache web server using the following command:
/etc/init.d/httpd restart
Revert the changes made to user and group settings by executing the following commands as the root
user:
. /etc/ruei.conf userdel $RUEI_USER groupdel $RUEI_GROUP usermod -G apache apache
Remove the RUEI configuration file /etc/ruei.conf
using the following command as the root
user:
rm /etc/ruei.conf
Note that during the installation procedure, you may have installed several additional RPMs. Which of these can safely be removed depends on the original Linux installation.
Be aware that a database installation will remain on each database server. The procedure for uninstalling the Oracle database is fully described in the product documentation.
This appendix describes how you can set up an alternative Oracle database instance for use by the Enriched data export facility. The use of this facility is fully described in the Oracle Real User Experience Insight User's Guide.
Note: Before proceeding with the configuration of the alternative database, it is recommended that you make a backup of your configuration. Select Configuration, then System, then Maintenance, and then Backup and restore. |
By default, when using the Enriched data export facility, the data is exported to the same database instance as used by the Reporter. However, it is strongly recommended that you configure an alternative database instance for enriched data export. This is due to the following reasons:
The SQL queries used to access the exported data can place a significant performance overhead on the database. Be aware that if large amounts of data need to be handled, complex SQL queries need to be executed, or a number of queries need to be run against the exported data within a particular period, the use of a separate database will provide a significant performance improvement.
The use of a separate export database instance will minimize the impact on your RUEI deployment, as well as provide for easier management of it. Particularly in the case of database sizing and backup.
If you intend to use an alternative export database, this must be an Oracle database version 11gR1 or 11gR2, and installation of the Oracle database software should have been completed before starting the setup procedure described in the rest of this appendix. Be aware that advanced knowledge of Oracle database administration is assumed.
The setup procedure described in this appendix refers to a number of settings (such as RUEI_DB_TNSNAME_BI
). These are explained in Table 2-2.
Migration to an Alternative Enriched Data Export Database
Be aware that when migrating enriched data export from one database to another, the export data currently stored in the previous database is not automatically migrated to the new database. Because the defined data retention policy is no longer enforced on the previous database, any historical data will remain on the previous database. If required, the necessary tables can be manually purged from the previous database.
Accessing the Export Data
Access to the data in the export database is available via SQL. Be aware that the SQL queries used to access exported data can place a significant performance overhead on the export database. Therefore, it is recommended that you carefully review the design of your SQL queries to minimize their overhead. In particular, you should ensure that table columns not required for external analysis are dropped from the returned data. In addition, you should try to minimize the number of SQL queries run during a particular period. In particular, try to avoid querying the same data more than once.
This section describes the procedure that must be followed in order to setup the database instance on the alternative database server.
The following discussion assumes that the Oracle database instance is created on the command line. However, you are free to use any suitable utility to specify the required parameters. Do the following:
Logon to the alternative database system as the oracle
user, and issue the following command:
dbca -silent -createDatabase -gdbNameEXPORT_DATABASE_NAME
\ -sidEXPORT_DATABASE_NAME
-characterSet AL32UTF8 \ -templateName Data_Warehouse.dbc -databaseType DATA_WAREHOUSING \ -redoLogFileSize 500 -initParams recyclebin=off -initParams audit_trail=none
where:
EXPORT_DATABASE_NAME
specifies the literal export database instance name.
For performance reasons, it is recommended that the recyclebin
and audit_trail
features are disabled.
The character set instance should be specified as ALT32UTF8
.
For performance reasons, it is strongly recommended that you use compressed tablespaces. Do the following:
Issue the following SQL command as the System Administrator on the alternative database server to enable compression on the USERS
tablespace:
alter tablespace USERS default compress;
By default, a single 32 GB datafile is created for the USERS
tablespace. For most deployments, you will need to add additional table space by using the following SQL command:
alter tablespace USERS add datafile 'user02.dbf' size 5M autoextend on;
Note that in the command shown above, the default datafile location is specified. You are free to specify an alternative location.
By default, Oracle database maintenance tasks are schedule to run at 22:00. These can have a significant impact on the overall database performance. Therefore, depending on traffic levels within the monitored environment, and the scheduled processes reading the export database tables, you may need to reschedule these maintenance tasks to a period with low traffic/load levels (for example, 03:00). Information on how to reschedule planned maintenance tasks is provided in the Oracle Database Administrator's Guide available at following location:
http://docs.oracle.com/cd/E11882_01/server.112/e25494/tasks.htm#ADMIN0235
Access to the alternative database requires the creation of an authorized user. Do the following:
Issue the following commands on the alternative database server to create the RUEI database user with the minimum required privileges:
create userRUEI_DB_USER_BI
identified by "password
" default tablespace USERS temporary tablespace TEMP profile DEFAULT quota 50G on USERS; alter profile DEFAULT limit PASSWORD_LIFE_TIME unlimited; grant create session, create table toRUEI_DB_USER_BI
;
where:
RUEI_DB_USER_BI
specifies the export database user name.
password
specifies the required password variable.
For performance reasons, you may want to use a shared pool for all connections to the database. Do the following:
Within Oracle Database Resident Connection Pooling (DRCP), use the following SQL command as the sysdba
user to enable shared pooling:
exec dbms_connection_pool.start_pool; exec dbms_connection_pool.configure_pool(inactivity_timeout=>3600, max_think_time=>3600);
This section describes the procedure that must be followed in order for the Reporter and Processing Engine systems to connect to the alternative database server. Note that this procedure must be followed on the Reporter and each Processing Engine system.
After the alternative Oracle database instance has been defined, the connection data needs to be set up. This requires two files, sqlnet.ora
and tnsnames.ora
, in the RUEI data directory (RUEI_DATA
) on the Reporter and Processing Engine systems. Do the following:
Ensure that the sqlnet.ora
file contains the following:
NAMES.DIRECTORY_PATH = (TNSNAMES)
SQLNET.WALLET_OVERRIDE = TRUE
WALLET_LOCATION = (SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=RUEI_DATA
)))
DIAG_SIGHANDLER_ENABLED = FALSE
Ensure that the DIRECTORY
setting points to the directory for RUEI data (RUEI_DATA
) specified in the /etc/ruei.conf
file.
Edit the tnsnames.ora
files on the Reporter and Processing Engine systems. You should add the following:
RUEI_DB_TNSNAME_BI
=(DESCRIPTION= (ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=BI_database_server
) (PORT=1521))) (CONNECT_DATA=(SERVICE_NAME=RUEI_DB_INST_BI
)))
where:
BI_database_server
specifies the network address (hostname or IP address) of the alternative Enriched data export database server.
RUEI_DB_TNSNAME_BI
specifies the export database connect string.
RUEI_DB_INST_BI
specifies the export database instance name.
Ensure that the HOST
setting specifies your database. If you use a host name, ensure that it is also specified in the /etc/hosts
setup. However, you can also specify an IP address.
The Reporter and Processing Engines require non-interactive access to the alternative Enriched data export database. In order to achieve this, the Oracle autologin wallet is used to store passwords securely. A wallet should already exist to connect to the Reporter database. Do the following:
Use the following command to add the new credentials to the existing wallet files ewallet.p12
and cwallet.sso
:
mkstore -wrlRUEI_DATA
-createCredentialRUEI_DB_TNSNAME_BI
RUEI_DB_USER_BI
where:
RUEI_DB_TNSNAME_BI
specifies the export database connect string.
RUEI_DB_USER_BI
specifies the user of the remote database.
Note that you are prompted for the wallet password and the database password for RUEI_DB_USER_BI
.
Use the following command to change the permissions of the cwallet.sso
wallet file:
chmod 640 cwallet.sso
Ensure that the permissions for these files are set correctly. Both files should have the ownership of RUEI_USER
and RUEI_GROUP
. The ewallet.p12
file only needs to be readable by the RUEI_USER
, but both files need to be readable by RUEI_GROUP
.
If the database instance has been set up correctly, it should now be possible to access the export database without being prompted for the password. The RUEI_USER
on the Reporter system can access the database instance as follows:
sqlplus /@RUEI_DB_TNSNAME_BI
If this step fails, you should carefully review the procedure described so far before proceeding.
Edit the /etc/ruei.conf
configuration file on the Reporter and each Processing Engine system from which you intend to export enriched data. Use the RUEI_DB_TNSNAME_BI
setting to specify the export database connect string. For more information, see The RUEI Configuration File.
Important: Other than the modification described above, do not make any other changes to theruei.conf file. |
Logout and logon again as the moniforce
user.
Restart processing on the Reporter system by issuing the following command:
project -restart wg
This chapter describes the procedure for initially configuring RUEI. This task is performed by the individual within your organization who has been assigned the role of RUEI Super Administrator (this is, the admin
user). For more information about roles, see the Oracle Real User Experience User's Guide.
Important
It is strongly recommended that a network engineer within your organization validates collected network traffic after configuring RUEI. The procedure to do this is described in Appendix F, "Verifying Monitored Network Traffic".
In order to get RUEI up and running, you will need to have prepared the server systems for RUEI, and installed the RUEI software. This is described in Chapter 2, "Installing the RUEI Software". After that, you are required to specify the installation type and mail setup (described in Performing Initial RUEI Configuration), and then perform some post-installation configuration (described in Performing Post-Installation Configuration). This is necessary in order to start reporting. It includes deciding how pages and users will be identified, and specifying the scope of monitoring in your network environment. Finally, you will need to define the system's initial users, as described in Authorizing Initial Users. Note that if you are installing a split-server configuration, you will need to configure each Collector system. This is described in Configuring Collector Systems.
Important
The configuration of RUEI should be discussed with someone with a detailed knowledge of your organization's network topology.
In order for RUEI to start data monitoring and reporting, it must be configured with some information about your network infrastructure. Once completed, user traffic reporting is available. Note that this initial configuration can be changed later, as necessary. It is only intended to provide RUEI with sufficient information to start real-user monitoring and reporting.
To perform the initial RUEI configuration, do the following:
Start the Initial setup wizard by pointing your browser at the following URL: https://
Reporter
/ruei
.
where Reporter
specifies the host name or IP address of your RUEI installation. The dialog shown in Figure 4-1 appears.
Specify the admin
user, and the password defined with the set-admin-password
script (defined in Installation of the Reporter Software). When ready, click Login. The dialog shown in Figure 4-2 appears.
Note that the first time a user logs on, they receive a warning that the web server was unable to verify the identify of the site's certificate. Depending on your security policies, you can either choose to accept this certificate permanently, temporarily for this session, or reject the certificate. Alternatively, you can purchase a certificate from a Certificate Authority (CA). You can also create an SSL certificate. More information is available at the following location:
http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#realcert
Click Next to proceed with configuration. The dialog shown in Figure 4-3 appears.
Specify the requested information as explained in Table 4-1.
Table 4-1 E-mail Setup Fields
Field | Description |
---|---|
Return address |
Specifies the e-mail address to which failed or problem e-mails are reported. It is strongly recommended that this an address that is regularly checked. |
From address |
Specifies the address the recipient sees in their mail client. |
Reply-to address |
Specifies the address that users can click within an e-mail to reply to an e-mail. If this is not specified, the From address setting is used. |
Mail size limit |
Specifies the maximum message size (in kilobytes) allowed for e-mails. Note that if an e-mail contains reports that exceed this limit, the system will try to split up the reports into individuals e-mails to overcome this limitation. Reports that are too large to be sent individually are not sent, and the user is informed of the problem. The default mail size limit is 5000 Kb. |
Reporter URL |
Specifies the exact URL required for e-mail recipients to connect to the Reporter system. Typically, this is the same URL used by RUEI users to access the Reporter system. |
The e-mail information is used to configure RUEI's interface to your internal network, and will be used for reporting problems. When you have entered the required information, click Next. The dialog shown in Figure 4-4 appears.
Check that the information specified in the settings overview is correct. You can use Back and Next to move between dialogs as necessary. When ready, click Next. The dialog shown in Figure 4-5 appears.
This dialog indicates how far the system has got in applying your specified settings. Typically, this process takes a maximum of 15 minutes. When finished, click Finish to close the dialog.
To register Collectors to a Reporter system, do the following:
Install the Collector software on the required systems. This is described in Chapter 2, "Installing the RUEI Software".
Register the Collector systems with the Reporter. The procedure to do this is described in the Oracle Real User Experience Insight User's Guide.
If for any reason you need to register a Collector system with a different Reporter system than earlier configured, do the following:
Logon to the Collector system as the moniforce
user, and remove the Collector's currently defined Reporter assignment by issuing the following commands:
su - moniforce appsensor delete wg
Follow the procedure described in the Oracle Real User Experience Insight User's Guide to register the Collector with the required Reporter.
In order to start reporting, the RUEI needs certain information about the monitored network environment. It is important to understand that RUEI is designed to work within a wide range of network environments. Therefore, the configuration choices you make will affect the accuracy and usability of the reported data. It is strongly recommended that you carefully review the settings described in this section.
Within RUEI, session information is based on cookies. Therefore, RUEI needs to know and understand the cookie technology (or technologies) your organization is using. The procedure to configure this, together with the structure of supported cookie technologies, is described in the Oracle Real User Experience Insight User's Guide.
If cookie information is not available, user tracking is based on visitor IP address. This can lead to unreliable session information. For example, in the case of users behind a proxy server, all users coming from that network would be identified as the same user.
Uploading SSL keys to the system is extremely important if most of your HTTP traffic is based on SSL sessions. Without the SSL keys being available to the system, the Collector will not be able to decrypt the SSL session traffic. In these circumstances, further configuration of cookies, user identification, and application pages would make little sense. Ensure that you upload and activate your HTTPS SSL keys as early on as possible in the configuration process. The management of SSL keys is fully described in the Oracle Real User Experience Insight User's Guide.
Within RUEI, user identification is first based on the HTTP Authorization field. After that, it is derived from the supplied GET/POST argument within URLs. Therefore, if you are using arguments within URLs, the item within these used for user identification must be specified in order to provide reliable results. This is fully described in the Oracle Real User Experience Insight User's Guide.
Page identification within RUEI is based on defined applications. Essentially, an application is a collection of web pages. This is because pages on a website are typically bound to a particular application. For each page that the system detects, it uses the available application definitions to assign a name to it. Note that information about any pages that could not be identified using these definitions is discarded, and, therefore, not available through reports and the data browser. This is fully described in the Oracle Real User Experience User's Guide.
Suites
In addition to generic applications, dedicated support is available for the monitoring of certain Oracle Enterprise architectures (such as Oracle E-Business suite, Siebel, and WebLogic Portal). If you are using any of the currently supported architectures within your monitored environment, it is strongly recommended that you make use of this facility. It not only saves you time in defining your applications, and makes applications within suites more compatible, but also ensures that these architectures are monitored correctly.
Within RUEI, you control the scope of traffic monitoring by specifying which TCP ports the SYSTEM should monitor. Obviously, no information is available for non-monitored ports. In addition, you can restrict monitoring to specific servers and subnets. This is fully described in the Oracle Real User Experience Insight User's Guide.
In order for users to start working with RUEI, you will need to authorize the required users. Only one user, admin
, is available after installation. The procedure to set the initial admin
user password is described in Installation of the Reporter Software. All other required users must be created and assigned the necessary roles and access permissions through the Reporter GUI. In particular, it is recommended that you create a dedicated Security Officer account to finalize the security-related configuration. User roles, and the creation and management of user accounts are described in the Oracle Real User Experience Insight User's Guide.
Note that user names and passwords are case sensitive. For ease of entry, it is recommended that you do not include any diacritic characters, such as umlauts, within passwords.
To ensure the quality and quantity of data being collected and analyzed by your RUEI system, it is strongly advised that you verify the system's configuration using some core metrics. These are described in the following sections.
You can open an overview of the monitored network traffic by selecting System, then Status, and then Data processing. This provides you with immediate information about hits, pages, and session processing, as well as the system load. An example is shown in Figure 4-6.
The precise number of percentage of identified sessions, page views, and hits relies heavily on your exact configuration. If you intend to measure all traffic, it is recommended that at least 80% of sessions, page views, and hits are reported as "identified". It is also recommended that you regularly review the reported numbers and percentages to ensure the quality and quantity of reported data.
Important: After initial configuration of cookies, user identification, and application page structure, the system will take at least 5 - 10 minutes before the Sessions/Hits/Page views tabs are updated with green bars. If, after 20 - 30 minutes after initial configuration, there are no green bars showing on any of the tabs, please review your initial RUEI configuration. If the bars do not indicate any activity at all, please review your system's network card configuration as outlined in Server Requirements |
At this point, RUEI should be collecting data from each of its associated Collectors. You can easily check the status of these Collectors by selecting System, then Status, and then Collector status. This opens the Network data collectors window. This is fully described in the Oracle Real User Experience Insight User's Guide.
It is important to understand that the data being collected by Collector system(s) is offered to the RUEI data processing module for further analysis. If no data is collected, there is no means by which it can be processed.
This appendix provides a checklist of actions that should be complete, and information gathered, before starting to install the RUEI software. These include server and infrastructure readiness and configuration, as well as HTTPS encrypted traffic and alerting issues.
Server Readiness | |
---|---|
Base hardware and operating system requirements. | |
Intel/AMD 64-bit platform (minimum 2 dual-core CPUs). | |
Network connectivity:
| |
Disk space: at least 400 GB (on high-performance RAID-5, RAID-10, or similar). | |
Memory: at least 16 GB RAM for single server. | |
OS: Oracle Linux 64-bit or RedHat Enterprise Linux 64-bit 5.x.
Oracle Database 11g Enterprise Edition. The The EBS, JD Edwards, FLEXCUBE, and PeopleSoft configuration zip files are available. |
Infrastructure Readiness | |
---|---|
Ensure easy placement and accessibility of the system. | |
Prepare rackspace in the Data Center cabinet with power sockets. | |
The server is accessible through remote ports:
| |
Access to the Data Center on the appropriate day and time is arranged. | |
Network preparation for TAP/copy port is done and cables available in cabinet. | |
Server configuration completed (see below). | |
Main topology with proxies, load balancers, routers, switches, and so on, is known. | |
Main traffic flows throughout the infrastructure are known. | |
VLAN topology, VLAD IDs, and IP addresses are known. | |
The monitoring position for the RUEI server is located as close as possible to the firewall. | |
The domains, applications, server farm(s), and/or VLANs to be monitored are identified. |
Server Configuration | |
---|---|
Complete the details below to for reference during server configuration. | |
Host name and domain name (optional). | |
Data Center name. | |
Placement date and time. | |
Server IP, netmask, and default gateway. | |
Server type (Collector/Reporter). | |
NTP server IP and backup. | |
DNS server IP and backup. | |
Mail server and sender mail. | |
Socket 0: collection port to TAP/switch name. | |
Socket 1: collection port to TAP/switch name. | |
Socket 2: rescue/maintenance interface. | <reserved> |
Socket 3: Office network to switch name. | |
Socket 4: collection port to TAP/switch name. | |
Socket 5: collection port to TAP/switch name. |
Data Collection Configuration | |
---|---|
Once in place, the server will start collecting data. Specify how much data is expected, and the technologies used. | |
HTTP traffic (in MB, pageviews, or hits per hour). | |
Base technology for web applications. | |
Limits on amount of traffic to be captured:
| |
Cookie technology. | |
Page-labelling technology. | |
Blind POST field names (such as passwd ). | |
User identification in URL (if other than login). | |
Web service domains or networks. | |
XML/SOAP envelopes (max 10). | |
Chronos/EUM URL (for EBS and Forms). |
HTTPS Enablement | |||
---|---|---|---|
Specify the contact(s) for the required SSL keys to monitor encrypted traffic. | |||
Name: | Name: | ||
Function: | Function: | ||
E-mail: | E-mail: | ||
Phone/Mobile: | Phone/Mobile: | ||
Keys (if not all): | Keys (if not all): | ||
System Health Notifications | |||
---|---|---|---|
The system can trigger and send alerts for various components. Specify the users, notification methods, and details for each component. | |||
Name: | Name: | ||
Function: | Function: | ||
E-mail: | E-mail: | ||
Mobile: | Mobile: | ||
Text message: | Text message: |
Alerting via SNMP (Optional)Foot 1 | |
---|---|
SNMP management server. | |
SNMP community name. | |
SNMP version. |
Footnote 1 RUEI provides a standard MIB to be imported into the SNMP manager.
Oracle Real User Experience Insight (RUEI) provides you with powerful analysis of your network and business infrastructure. You can monitor the real-user experience, define Key Performance Indicators (KPIs) and Service Level Agreements (SLAs), and trigger alert notifications for incidents that violate them.
This document is intended for the following people:
System administrators responsible for the installation of RUEI. This assumes a sound understanding of the Linux operating system.
The person within your organization designated as RUEI Super Administrator (that is, the admin
user). They are responsible for post-installation configuration, and system maintenance.
Some familiarity with network and web technology is assumed. In particular, you should have a sound understanding of network topology, and a good operational knowledge of your organization's network and application environment.
This guide is organized as follows:
Chapter 1, "Getting Started," describes how RUEI monitors data traffic, the operational requirements, and the available deployment options. Information is also provided about how you can increase the amount of information available within the RUEI database.
Chapter 2, "Installing the RUEI Software" describes the procedure for preparing the server system(s) for RUEI, and installing the RUEI software.
Chapter 3, "Upgrading to RUEI 12.1.0.3" describes the procedure for upgrading an existing RUEI 11.1 installation to release 12.1.
Chapter 4, "Configuring RUEI" describes the procedure for initially configuring RUEI. This procedure is performed by the person within the organization who has been assigned the role of RUEI Super Administrator.
Chapter 5, "Installing and Configuring SSO Authentication Integration" describes the procedure for installing and configuring the Oracle HTTP server. This is an optional part of the RUEI installation process, and is only required if you intend to use the Oracle Single Sign-Off (SSO) service to authenticate RUEI users.
Chapter 6, "Configuring the Oracle Access Manager (OAM)" describes the procedure for configuring OAM. This is an optional part of the RUEI installation process, and is only required if you intend to identify users within OAM-based network traffic.
Chapter 7, "Installing Processing Engines" describes the procedure for preparing a server system for use as a Processing Engine.
Chapter 8, "Configuring a Failover Reporter System" describes the procedure for configuring a failover Reporter system that will immediately take over processing of network traffic in the event that the primary Reporter system becomes unavailable.
Chapter 9, "Configuring a Failover Collector System" describes the procedure for configuring a failover Collector system that will immediately take over monitoring network traffic in the event that the primary Collector system becomes unavailable.
Chapter 10, "Configuring a Failover Processing Engine System" describes the procedure for configuring a failover Processing Engine that will immediately take over processing network traffic in the event that the primary Processing Engine system becomes unavailable.
Appendix A, "Installing the Oracle Database Software" presents a summary of the procedure for installing the Oracle database.
Appendix B, "Generic Database Instance Setup" describes how you can setup an Oracle database instance for use by the Reporter that is running on a platform other than Oracle Linux 5.x or RedHat Enterprise Linux 5.x. RUEI supports Oracle database version 11gR1 and 11gR2.
Appendix C, "Setting up an Alternative Enriched Data Export Database Instance" describes how you can set up an alternative Oracle database instance for use by the Enriched data export facility.
Appendix D, "Setting up a Connection to the Enterprise Manager Repository" describes how you can set up a connection to the Oracle Enterprise Manager Repository. This is necessary when you want to integrate your RUEI deployment with Oracle Enterprise Manager's business application monitoring facility.
Appendix E, "The ruei-check.sh Script" provides a detailed explanation of the ruei-check.sh
script. This script verifies that a system meets the requirements for a selected RUEI component. It is strongly that you use this script to verify successful installation, and to troubleshoot any issues that occur during the installation process.
Appendix F, "Verifying Monitored Network Traffic" describes how you can use the TCP diagnostic facility to verify that RUEI "sees" all required network traffic. It is strongly recommended that a network engineer within your organization validates collected network traffic after installation and configuration of RUEI.
Appendix G, "Troubleshooting" highlights the most common issues encountered when installing RUEI, and offers solutions to quickly locate and correct them. It should be reviewed before contacting Customer Service.
Appendix H, "Installation Checklist" provides a checklist of actions that should be completed, and the information gathered, before starting to install the RUEI software.
Appendix I, "Removing RUEI From Systems" describes the procedure for uninstalling RUEI from Reporter, Collector, and Processing Engine systems.
Appendix J, "Third-Party Licenses" contains licensing information about certain third-party products included with RUEI.
For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website at http://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacc
.
Access to Oracle Support
Oracle customers have access to electronic support through My Oracle Support. For information, visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=info
or visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=trs
if you are hearing impaired.
For more information, see the following documents in the Oracle Real User Experience Insight (RUEI) documentation set:
Oracle Real User Experience Insight Release Notes.
Oracle Real User Experience Insight User's Guide.
Oracle Real User Experience Insight Administrator's Guide.
The latest version of this and other RUEI books can be found at the following location:
http://www.oracle.com/technetwork/documentation/realuserei-091455.html
The following text conventions are used in this document:
Convention | Meaning |
---|---|
boldface | Boldface type indicates graphical user interface elements associated with an action, or terms defined in text or the glossary. |
italic | Italic type indicates book titles, emphasis, or placeholder variables for which you supply particular values. |
monospace | Monospace type indicates commands within a paragraph, URLs, code in examples, text that appears on the screen, or text that you enter. |