Collecting HTTP/HTTPS Traffic with Fiddler

Fiddler is a free tool that acts as a proxy server for debugging web applications. You can find detailed information about the tool on the website http://www.telerik.com/fiddler. For our purposes here, however, we are providing a quick overview of how we typically use the tool for troubleshooting, particularly in regards to Edge Product Integrations, and our Product Integration Modules, or PIMS, specifically.

Using Fiddler

If you do not have fiddler installed, download and follow directions at - http://www.telerik.com/fiddler
Once installed the goal is to capture traffic from the browser to the application twice. First, when accessing the application via enPortal, and again when accessing the application directly. For troubleshooting we compare the results from these two paths to determine where the issue might be.

NOTE: Unlike browser based traffic captures, Fiddler is capable of decrypting HTTPS traffic for further troubleshooting. Please refer to the Fiddler documentation at http://docs.telerik.com/fiddler/configure-fiddler/tasks/DecryptHTTPS to configure Fiddler to decrypt HTTPS traffic if necessary.


Capturing Traffic via enPortal
Launch Fiddler and stop traffic capture by unchecking 'Capture Traffic F12' under 'File' menu
Launch browser
Clear browser cache
In Fiddler, click on 'Filters' tab in the right frame (details) section
In 'Hosts' section choose 'Show only the following hosts' and enter the AppBoard/enPortal IP address/hostname in text box provided (optional)
Click the 'Actions' button and choose 'Save Filterset' (optional)
Click the 'Actions' button and choose 'Run Filterset now' - this also enables traffic capture
NOTE: If 'Run Filterset now' is not clicked, you must use click 'File > Capture Traffic F12', or push F12, to restart traffic capture
In browser, navigate to appBoard/enPortal login page and login
Navigate within AppBoard/enPortal to replicate the issue
Stop the traffic capture using 'File > Capture Traffic F12' menu or F12 on your keyboard
Use 'File > Save > All Sessions' to save the capture file
Save the SAZ file with a unique name and reference information, such as date, support ticket number, etc.
For example “SUP-1234-via-enPortal.saz”


Capturing Traffic direct to application
Launch Fiddler and stop traffic capture by unchecking 'Capture Traffic F12' under 'File' menu
Launch browser
Clear browser cache
In Fiddler, click on 'Filters' tab in the right frame (details) section
In 'Hosts' section choose 'Show only the following hosts' and enter the application’s IP address/hostname in text box provided (optional)
Click the 'Actions' button and choose 'Save Filterset' (optional)
Click the 'Actions' button and choose 'Run Filterset now' - this also enables traffic capture
NOTE: If 'Run Filterset now' is not clicked, you must use click 'File > Capture Traffic F12', or push F12, to restart traffic capture
In browser, navigate to application login page and login
Navigate within the application to the same page/location as you did for the enPortal capture
Stop the traffic capture using 'File > Capture Traffic F12' menu or F12 on your keyboard
Use 'File > Save > All Sessions' to save the capture file
Save the SAZ file with a unique name and reference information, such as date, support ticket number, etc.
For example “SUP-1234-direct-<application name>.saz”


Collect corresponding log files
1) login to server and navigate to log directory
   cd <installation directory>/server/logs
   i.e. cd /opt/appboard/server/logs
     
2) create tar file of relevant log files
   tar cvf /tmp/appboard-logs-< date and ticket number>.tar *log *txt *out
   i.e. tar cvf /tmp/appboard-logs-12262014-SUP-1234.tar *log *txt *out
3) copy the archive file to local machine using scp, ftp, or other tool

Send SAZ file, along with collected AppBoard/enPortal server log files to support@edge-technologies.com

  • 3
  • 04-Aug-2015
  • 1256 Views