Introduction
It has been around a year since I've written a tech tip. Instead I've focused on APM & Community Blogs.
Support has seen a slight rise in the number of APM CE (CEM) recording cases. Why is this?
Contributing Factors to Non-Recording
Here are typical factors impacting recording.
#1 More Complex Networking Environments
o Traffic may not be as clean as needed resulting in packet loss
o Complex environments means it is quite possible to "miss something" in setting up HTTP/HTTPS traffic to the TIM.
o Traffic may not be two way or have round trip server affinity for a transaction
o Customer is using a networking feature (GRE tunnelling) , a network card, or issues with OS/network interface setup (DNS, host file, ifcfg file etc.)
#2 Evolving Server SSL Setups
o Release of cipher suites that may not be supported. See for details:
https://support.ca.com/us/knowledge-base-articles.tec1667615.html -- Which Cipher Suites are supported CEM/TIM for decoding SSL hosted applications and how can I check those against the Ciphers installed on my web servers?
https://support.ca.com/us/knowledge-base-articles.TEC1271109.html -- TIM Unable to decode TLS_RSA_WITH_AES_128_GCM_SHA256 SSL Cipher Suite.
https://support.ca.com/us/knowledge-base-articles.TEC1419466.html -- After disabling Diffie-Hellman and GCM ciphers TIM SSL Server Status page still shows many unsupported cipher suite decode failures with unsupported ECDH and AES GCM ciphers visible in TIM logs.
https://support.ca.com/us/knowledge-base-articles.tec1667615.html -- Which Cipher Suites are supported CEM/TIM for decoding SSL hosted applications and how can I check those against the Ciphers installed on my web servers?
o Evolution of SSL functionality such as TLS Session tickets and Extended Master Secret Plugin
o And the basics
- Using the wrong IP/URL to access application..
- Incorrect browser configuration including proxy, language etc.
- Web server/hardware filters not added to TIM/MTP.
- Transaction already enabled (Transaction Discovery)
#3 Not checking TIM/MOM/TIM Collector status/log while recording
o Wrong script recorder arguments or being sent to wrong EM.
o Time is not synchronized between EMs, database, and TIMs.
o EM in Unknown state due to MOM properties file misconfiguration.
o Recording Service not running or started.
How to resolve
I basically start looking in this order
Switch>Tim (NIC/OS/SSL/Filters)>Tim Logs>Tim Collector Mom Log/Configuration
For TIM, I start with the steps outlined in TIM Readiness Guide
or the TIM Success Guide . If the TIM is seeing two-way unencrypted traffic, then I check it is showing up in the TIM log. If not, I look at SSL, web server/hardware filters etc,
Debug logging an be turned on as well for apmpacket and Transaction discovery
If all the above fails, please consider opening a case.
Other sources
https://communities.ca.com/thread/99969035 -- CA Tuesday Tip: Top APM CE Misconfigurations and Their Impacts
https://communities.ca.com/message/22049399#22049399 --The APM Script Recorder and a 404 Error
https://communities.ca.com/message/67186402#67186402 --CA Tuesday Tip: CEM Recording System Decision Matrix & https://support.ca.com/us/knowledge-base-articles.tec600296.html
https://support.ca.com/us/knowledge-base-articles.TEC1545243.html --Agent Recording
https://docops.ca.com/ca-apm/10-5/en/extending/transaction-definition/recording-transaction-signatures ---Recording Overview
Points for Discussion
1. Do you think these are the major factors impacting successful recording
2. Are there other factors that you have encountered?
3. Are there other TIM topics that you would like to see in future blogs?