Extraction Rules in Web Application Transaction Monitoring

Extraction Rules can be useful when creating a synthetic transactions for a web request. If the page you need to monitor is using a unique session id that need to be passed on from the login request to the following request.

In this example the login form uses a unique identifier to prevent Cross-site request forgery (CSRF). This needs to be passed on to the following request.

Click the Add Monitoring Wizard from the Authoring pane.

new

Set a Name and select a Management Pack to save it in.

name

Enter an URL to proceed to the next step.

url

Choose one or more Watcher Nodes.

watcher

Click on Start Capture to start a recording.

Notice, there are some fulfilments to be met for the Internet Explorer window to be able to load the add-on running the web recorder. For example, IE10 is not support, you might need to run the IE window in 64-bit mode and enable third-party browser extensions (find out more here).

capture

Browsing to a page will record the address as seen in the Web Recorder explorer bar.

url1

I’ll create two recordings one for the login page and a second actually making the login. In the latter the form post variables will be displayed directly in the Web Recorder.

url2

Now there are two recordings in the editor.

editor

Pressing Run Test will display an error.

Test

Taking a look at the source of the login page reveals the hidden csrf variable.

source

In the code a new session variable will be generated whenever entering the login page.

code2

Now it’s time to use the Extraction Rules. You can locate the tab under Properties for the request in question.

extractionRule

Click the Add button to open the Add Extraction Rule window. From the source code we know that the variable entry starts with csrf” value=” and ends with a .

rule

Now it is time to add that variable to the next request. Click Insert Parameter at the General tab to insert it to the Response Body.

insert

Select the previously created parameter and insert it to the Response Body.

insert2

The test will is now successful.

OK

In the Monitoring pane under the view Web Application State the state is Healthy.

OK2

For another example see the TechNet page: http://technet.microsoft.com/en-us/library/gg494976.aspx

 

SCOM 2007 R2, SCOM 2012, Web Application Monitoring

5 responses to Extraction Rules in Web Application Transaction Monitoring


Leave a Reply

Your email address will not be published.

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.