Passive monitoring
Encyclopedia
Passive monitoring is a technique used to capture traffic from a network by generating a copy of that traffic, often from a span port or mirror port or via a network tap
. Once the data (a stream of frames or packets) has been extracted, it can be used in many ways.
Passive monitoring can be very helpful in troubleshooting
performance problems once they have occurred. Passive monitoring differs from synthetic monitoring
in that it relies on actual inbound web traffic
to take measurements, so problems can only be discovered after they have occurred.
While initially viewed as competitive to synthetic monitoring approaches, most networking professionals now recognize that passive and synthetic monitoring are complementary.
Network tap
A network tap is a hardware device which provides a way to access the data flowing across a computer network. In many cases, it is desirable for a third party to monitor the traffic between two points in the network. If the network between points A and B consists of a physical cable, a "network...
. Once the data (a stream of frames or packets) has been extracted, it can be used in many ways.
- It can be analyzed in a snifferSnifferSniffer may refer to:* Packet analyzer , computer software or hardware that can intercept and log traffic passing over a digital network...
such as WiresharkWiresharkWireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education... - It can be examined for flows of traffic, providing information on "top talkers" in a network as well as TCP round-trip time.
- It can be reassembled according to an application's state machine into end-user activity (for example, into database queries, e-mail messages, and so on.) This kind of technology is common in Real User MonitoringReal user monitoringReal user monitoring is a passive web monitoring technology that records all user interaction with a website. Monitoring actual user interaction with a website is important to website operators to determine if users are being served quickly, error free and if not which part of a business process...
when applied to the http protocol in web applications. - In some cases, http reassembly is further analyzed for web analyticsWeb analyticsWeb analytics is the measurement, collection, analysis and reporting of internet data for purposes of understanding and optimizing web usage....
Passive monitoring can be very helpful in troubleshooting
Troubleshooting
Troubleshooting is a form of problem solving, often applied to repair failed products or processes. It is a logical, systematic search for the source of a problem so that it can be solved, and so the product or process can be made operational again. Troubleshooting is needed to develop and...
performance problems once they have occurred. Passive monitoring differs from synthetic monitoring
Synthetic monitoring
Synthetic monitoring is website monitoring that is done using a web browser emulation or scripted real web browsers. Behavioral scripts are created to simulate an action or path that a customer or end-user would take on a site...
in that it relies on actual inbound web traffic
Web traffic
Web traffic is the amount of data sent and received by visitors to a web site. It is a large portion of Internet traffic. This is determined by the number of visitors and the number of pages they visit...
to take measurements, so problems can only be discovered after they have occurred.
While initially viewed as competitive to synthetic monitoring approaches, most networking professionals now recognize that passive and synthetic monitoring are complementary.