View
1.304
Download
2
Category
Tags:
Preview:
DESCRIPTION
Since 1996 Identify Software has been leading the software industry for supporting applications and optimizing the support chain process throughout the organization. Every person can identify the potential of the recorded information, after seeing the first traced log from AppSight, for troubleshooting problems faster and in more efficient methods, but it is extremely important to understand how this powerful Black Box technology should be used in order to exploit its full potential in the most efficient way for your organization. This book attempts to bridge that gap in knowledge by providing solid advice, backed up with experience. This advice is what we at Identify like to call “best practices”.
Citation preview
I D E N T I F Y S O F T W A R E
AppSight 5.0AppSight 5.0Advanced Concepts Training
Damian RochmanSr. Software Engineer and Consultantdrochman@us.identify.com
I D E N T I F Y S O F T W A R E
The Application
What is an Application?
The term application is a shorter form of application program.
An application program is a program designed to perform a specific function directly for the user or, in some cases, for another application program.
Applications use the services of the computer's operating system and other supporting applications.
The formal requests and means of communicating with other programs that an application program uses is called the application program interface (API).
Source: www.whatis.com
The Application Layers
User InterfaceUser Interface
Application ConfigurationApplication Configuration
System OperationsSystem Operations
COM CallsCOM Calls
CodeCode
User Interface Layer for Client Applications
Visual Playback
User Interface Layer for Client Applications
GUI Operations
“User Interface Layer” for Server Applications
Performance Counters
“User Interface Layer” for Server Applications
IIS Sessions ViewClient IP
ASP Session ID
Pages visited in the session
Application Configuration
System Configuration (static snapshot)
Application Configuration
File Configuration (dynamic scan)
Application Configuration
Registry Configuration (dynamic scan)
Application Configuration
Modules Configuration (dynamic scan)
Application Configuration
COM/COM+ Configuration (dynamic scan)
Application Configuration
IIS Configuration (static snapshot)
Application Configuration
.NET Configuration (dynamic scan)
Application Configuration
Internet Explorer Configuration (static snapshot)
System Operations Layer
myApp.exe
Files
Registry
Database
IIS
LibraryNetworking
Notifications
Web Services
.NET Remoting
Process Operations
COM Calls Layer
myApp.exe
myCOMObject
WriteFile
ExecuteQuery
SendMessage
EncryptData
Code Layer
Cal
c.ex
e
Add(int a, int b)
Subtract(int a, int b)
Divide(int a, int b)
Multiply(int a, int b)
Int Add (int a, int b){ return a+b;}
I D E N T I F Y S O F T W A R E
The Recording Profile
What is a Good Recording Profile?
A good recording profile is designed to capture all the requiredrequired information with an acceptableacceptable performance impact
Think Like a Black Box
Three questions the Black Box needs to know:
1.1. WhoWho do I need to trace?
2.2. WhatWhat information should I capture?
3.3. HowHow should I operate?
Who?
• Add the required process (es) to the list
• ADD the process do not ATTACH (!)
Who? (cont.)
• What if you do not have the process in your computer?
• The Black Box only checks for a process name.
• Take any process in your computer and rename it to the name of the process you wish to trace on the target computer.
• Add the “dummy” application to the list.
What?
• Select the Operations to trace.
• Select the Performance counters to trace.
• Select the COM/COM+ functions to trace.
• Define Alerts to process.
What? (cont.)
Select to modify operations for all processes
Select a process to modify the operations for that process only
This process has different settings than the default
To Trace Or Not To Trace?
Full TraceFull TraceFull TraceFull Trace
Operation Operation Called?Called?
Operation Operation Called?Called?
Remove From Remove From Recording ProfileRecording Profile
Remove From Remove From Recording ProfileRecording Profile
Repetitive?Repetitive?Repetitive?Repetitive?
Information Information Useful?Useful?
Information Information Useful?Useful?
Can I get the Can I get the Information in a Information in a different way?different way?
Can I get the Can I get the Information in a Information in a different way?different way?
Yes
Yes
No
No
No
Yes
NoYes
Include in Recording Include in Recording ProfileProfile
Include in Recording Include in Recording ProfileProfile
What? : Creating Alerts
Right Click on the operation Add Alert
Select the operation Add Alert
What? : Creating Alerts (cont.)
Operation includes/excludes substring
Operation result
•Record Alert•Stack Dump•Add Comment•Send Mail•Net Send•Run Application•Create New Session•Set Recording Profile•Call Function
What? : Creating Alerts (cont.)
• Record Alert– Useful for sending traced information to the AppSight Server
• Stack Dump– Escalation to code level
• Add Comment– Add your comments into the execution log
• Send Mail– Send e-mail with alert information
• Net Send– Send a network message to another computer
• Run Application– Rerun application if crashes– Trigger your custom application on event
• Create New Session– Archive/manage your sessions with meaningful definitions
• Set Recording Profile– Change recording profile automatically on any event
• Call Function– Execute a function in the address space of your application
What? : User & Resources
What? : File Attachments
How? : General Recording Settings
How? : Process Attachment Settings
I D E N T I F Y S O F T W A R E
Troubleshooting Applications
AppSight Architecture
What is the most important component in the AppSight Solution? (and why?)
AppSight Server
AppSight Black Box
AppSight Console
AppSight Architecture
1. The Black Box does not have any artificial intelligence.
2. The Black Box will not fix your problem.
The Optimistic vs. The Pessimistic
What is wrong?
Faster resolutionSlower resolution
Methodology Experience
OptimisticOptimistic PessimisticPessimistic
What is right?
Troubleshooting Process
• Analyze the different Application Layers.
– Always from the top one down.
• Divide and conquer
– Use the synchronization between the different layers.
– Use the filters to divide and trim down the execution activity of the application.
Typical Troubleshooting ScenarioC
od
eS
yste
mU
ser
Level 1 Level 2 Level 3
DefectTrackingSystem
User
Get AppSight
Log
Check Compatibility
Visual Log Analysis
View / Compare
Configuration
Advanced System
Troubleshooting
Escalation to Code Level
Advanced Code Level
Troubleshooting
The Three Troubleshooting Qs
• Questions that need to be answered to identify the root cause of a problem:
– What?What?Understand what is the problem that you need to troubleshoot.
– Where?Where?Narrow down to the tier/module where the problem occurs (or does not).
– Why?Why?Understand why the problem occurs in order to fix it.
90% of the effort
What?
• Watch Visual Playback
• Look for Performance problems
– Use Performance Counters
– Use the Application Performance
– Use the Performance Timeline
– Use the start time of each operation
• Look for failures
– Use the Summary tab
– Use the IIS Sessions view
Where?
• Filter the system log using the synchronization of the:
– Visual playback
– Performance graph
– IIS sessions view
– Summary tab
– Advanced filters
Why?
• Exception/Crash in your application/module?– Escalate to code level
• DB problem?– Wrong connection string?– Database is down?– Malformed SP?
• Network problem?– Network “busy”?
• Etc.
I D E N T I F Y S O F T W A R E
Analyzing AppSight Log Files
Visual Playback Analysis
Jump to next GUI OperationJump to previous
GUI Operation
Play the visual playback
Stop the visual playback
Jump to next frame
Jump to previous frame
Rewind visual playback
Zoom in/out visual playback
System Tab
Summary Tab Analysis
Summary Definitions
Modules Tab Analysis
Select process instance
Statically loaded module
Dynamically loaded module
Connections Tab Analysis
Process name
PID
IP + Port + Socket
XML Viewer
Filtering the Log File
Canceling the Filters
Cancel advanced filters
Filter in processes / threads
Filter in operations
Recommended