back caretBlog

Dealing with Application Performance Monitoring (APM) Data Overload, Part 2

Last week, we summarized TRAC Research's Market Insight report, "Improving the Usability of APM Data: Essential Capabilities and Benefits." Read that post here.

This week's post lays out one of ExtraHop's answers to the application performance monitoring (APM) data overload problem. In talking with IT Operation teams, we heard a common complaint: other APM products were leaving them to try to correlate events by sifting through a flood of data. Our team at ExtraHop responded by building Application Inspection Triggers (AI Triggers) technology so IT Operations teams can tailor their performance monitoring and gather the precise data they need.

Need to isolate which specific web server is throwing out errors in a large pool? No problem, just create a trigger. Need to identify the best caching candidates by calculating the total weight of all the SQL queries hitting your database? Yep, you can do that with a trigger too. Need to segment your HTTP performance metrics by mobile OS, or even different versions of the same OS? …You get the idea.

ExtraHop's Answer to APM Data Overload: Application Inspection Triggers

As a companion to its market insight report, TRAC Research also published a solution overview examining AI Triggers technology from ExtraHop, "Application Inspection Triggers: Providing the Right APM Data, to the Right People, at the Right Time." Both reports are available for free with one registration on the ExtraHop Resources page.

Based on a survey of more than 400 IT organizations, the TRAC Research Solution Overview identified the top challenges that organizations face when monitoring transactions. The ExtraHop system with AI Triggers neatly solves the top challenges that survey respondents reported.

data Resources

TRAC Research white papers on APM data usability.

Download the white papers (requires free registration).

Top Challenge #1 - Monitor transaction performance from the point of user interaction to where the transaction is processed

Seventy-one percent of respondents reported this issue as a top challenge when monitoring application transactions. Triggers enable organizations to recognize unique identifiers across tiers, such as embedded tags or session IDs inserted by JSP, PHP, and Microsoft ASP programming languages.

A common example is monitoring ecommerce transactions to determine latency at the network, web, and database tiers. One ExtraHop customer uses triggers to monitor ecommerce transactions in this way across as many as 11 hops. This noninvasive method of transaction tracing is referred to as "recognize and trace," as opposed to the incredibly invasive and cumbersome "tag and trace" methods used by legacy business transaction management (BTM) vendors.

Top Challenge #2 - Management overhead

Sixty-four percent of respondents said that management overhead was a top challenge for monitoring application transactions. One of the key benefits of ExtraHop's approach for monitoring network and application performance is the fact that the company provides deep visibility into application performance without using any monitoring agents.

This noninvasive, network-based approach enables customers to address key monitoring challenges without having to install, configure, and test monitoring agents that tax system resources and can perturb applications. Customers are using the same passive approach when leveraging triggers, as no monitoring agents are required to gain deep, customized visibility into network and application performance.

Top Challenge #3 - Monitor transaction performance without modifying application code

Forty-one percent of organizations responded that the ability to monitor transactions without modifying their application code was a top challenge. AI Triggers technology addresses this concern by enabling organizations to make all or most of the necessary adjustments in the ExtraHop system instead of to the application. In this way, organizations can implement customized analysis in just minutes.

Application Inspection Triggers Example Scenarios

Triggers can address scenarios such as HTTP client segregation, benign error exclusion, security-policy auditing, and multi-tier correlation. However, the possibilities are really only limited by the creativity of the customer.

In the first example, an organization uses a triggers to segment performance metrics by client device type. The ExtraHop system already automatically detects and classifies devices on the network, and combined with AI Triggers, this capability proves useful for organizations that want to analyze user experience or activity for specific operating systems or browsers. Figure 1 below shows HTTP requests for only devices using the iPhone iOS operating system.

Figure 1: Client Segregation Using Application Inspection Triggers

Taking advantage of the NAS monitoring capabilities in the ExtraHop system, organizations can also use triggers to monitor access to sensitive folders and files by user. This capability, shown in Figure 2 below, helps organizations that need to monitor compliance with industry or government security or privacy regulations. Customized reports on folder and file access simplify policy audits, a major benefit for many IT organizations.

Figure 2: Security and Privacy Policy Monitoring Using Application Inspection Triggers

As described in the previous section, IT teams can use triggers to trace transactions across multiple tiers of their application environments. Figure 3 below shows database processing time for specific front-end transactions.

Figure 3: Multi-Tier Correlation Using Application Inspection Triggers

It's hard to overstate the importance of AI Triggers technology for IT Operations teams. Because the ExtraHop system is a fully customizable application-monitoring platform instead of a monolithic and inflexible tool, organizations can solve the variety of problems that arise in the real world.

Recently, Concur wrote a trigger to determine the total weight of all of the SQL queries so it could identify top candidates for caching. (This was no mean feat, either. Concur deals with 2 billion SQL queries each day across more than 1,000 databases.) Concur also uses triggers to quickly investigate specific real-time metrics. The IT Operations team at Concur saw an abnormally high rate of HTTP aborts for a pool of 60 front-end webservers that host three different sites. The team couldn't pinpoint the problem using their user-experience monitoring tool due to high traffic volume, so they instead wrote a trigger in ExtraHop that identified a webserver configured to debugging mode. Once the team turned debugging off, they immediately saw the HTTP aborts fall by 95 percent. Read the full Concur case study.

If you would like to learn more about AI Triggers and the ExtraHop system, please contact us to schedule a live demonstration or watch our online product demo.


ExtraHop Reveal(x) Live Activity Map

Stop Breaches 87% Faster

Investigate a live attack in the full product demo of ExtraHop Reveal(x), network detection and response, to see how it accelerates workflows.

Start Demo

Sign Up to Stay Informed