Passive monitoring
Passive monitoring is a technique used to capture traffic from a network by generating a copy of that traffic, often from a span port or mirror port or via a network tap. This low risk implementation provides one of the highest values within Application Performance Management in terms of application visibility for the business. In general, this can be up and running providing details of the application performance in less than two days. It helps lay the foundation for performance trending and predictive analysis.[1]
- It can be analyzed in a sniffer such as Wireshark
- It can be examined for flows of traffic, providing information on "top talkers" in a network as well as TCP round-trip time.
- It can be reassembled according to an application's state machine into end-user activity (for example, into database queries, e-mail messages, and so on.) This kind of technology is common in Real User Monitoring and now supports multiple protocol analytics (e.g. XML, SAP Fat Client, Oracle Forms, SQL, etc.).
- In some cases, http reassembly is further analyzed for web analytics with advanced diagnostics engines.
Passive monitoring can be very helpful in troubleshooting performance problems once they have occurred. Passive monitoring differs from synthetic monitoring in that it relies on actual inbound web traffic to take measurements, so problems can only be discovered after they have occurred. Synthetic monitoring is also referred to as Active monitoring, which helps report on system availability and predefined business transactions using synthetic probes and web robots. This is a good complement when used with passive monitoring that together will help provide visibility on application health during off peak hours when transaction volume is low.)[2]
While initially viewed as competitive to synthetic monitoring approaches, most networking professionals now recognize that passive and synthetic monitoring are complementary. When considering an agentless solution, a key feature to look for is the ability to support multiple protocol analytics (e.g. XML, SAP Fat Client, Oracle Forms, SQL, etc.) since most companies have more than just web-based applications to support.
References
- ↑ "The Anatomy of APM - 4 Foundational Elements to a Successful Strategy". APM Digest. 4 April 2012.
- ↑ "Prioritizing Gartner's APM Model". APM Digest. 15 March 2012.