This topic describes general techniques when troubleshooting AppDynamics Analytics deployment problems, along with a few specific scenarios you may encounter with workarounds.
If you encounter problems with your Analytics deployment, first check the logs for errors or warnings. The components write log information as follows:
- Analytics Dynamic Service: The Analytics Dynamic Service is built into the Java and .NET App Agents and writes logs to the same file as the App Agent. The logs are in the following location:
The primary log file to use for troubleshooting is the file named
agent.<timestamp>.logfile. Search the file for messages written by the Analytics Dynamic Service. These logs are useful for the following:
- Determining if the Analytics Dynamic Service is enabled or disabled.
- Viewing the configurations used on startup.
- Determining if the Analytics Dynamic Service is encountering errors sending messages to the Analytics Agent. For example, when the Analytics Dynamic Service is not able to communicate with the Analytics Agent due to invalid connection configuration.
- Determining if messages are being dropped by the Analytics Dynamic Service because its internal buffers are full.
- The Analytics Agent writes log messages to files in the following directory:
- The Events Service writes log messages to files in the following directory:
In particular, the
analytics-api-store.logfile can help you with troubleshooting.
Verify your configuration settings, particularly that they are properly configured with the required account name and key. Slashes in account names and key values need to be escaped, with the failure to do so a common source of configuration problems.
Clock Management and Timestamps
AppDynamics recommends maintaining clock-time consistency throughout your monitored environment. If analytics metrics are always reporting zero, confirm that the clocks are synchronized across the application, Controller, and Events Service nodes.
Understanding Analytics Data and Timestamps
There are potentially four time zones involved when dealing with log analytics, which you should be aware of:
- The timestamp and time zone from the log file.
- The event timestamp (and pickup timestamp) time zones can be different from that in the log for a number of reasons, such as the following:
- When the time zone is overridden
- The time zone is not provided correctly in the log
- The timestamp and time zone parsing goes awry
- When no time zone is specified in the log timestamp, then local time is assumed
- The Events Service time zone, the Events Service stores all timestamps in UTC time.
- The browser used to view the analytics data in the Controller UI (such as event timestamp column displayed in the UI search results or the time picker widget) converts all timestamps to the browser's local time.
Limits for Business Transaction Events
The Analytics Dynamic Service sends messages to the Events Service where the request body is an array of event segments. A business transaction event consists of one or more segments that are related to each other by the business transaction
requestGUID. There are ingestion limits related to messages:
Event (segment) size: The maximum size of an individual business transaction segment collected by the Analytics Dynamic Service is .1 MB. This limit is defined by the
appdynamics.analytics.message.maxSizeBytesJava system property. To change this value, pass it on the command line as a system property when the Java Application Agent is started, for example:
Events per request: The maximum number of segments per request is defined by the
appdynamics.analytics.agent.send.batch.items.maxJava system property. The default value of this property is 16. To change this value, pass it on the command line as a system property when the Java Application Agent is started.
- Message Size: This limit refers to the size of a single request body sent to the Events Service, which is usually an array of event segments. Publish requests for all event types are limited to 1 MB. If the limit is exceeded, you will see exceptions in agent log file and messages in Events Service logs.
Issues Starting the Analytics Agent
If an instance of the Analytics Agent terminates and leaves behind its process ID file (PID file), the next agent startup will fail with the following error:
In Controller versions prior to 4.3, you needed to delete the old process id file and restart the agent to work around this issue.
In 4.3 and higher, you can use the
-f option when starting the agent. This option causes a preexisting process id file to be deleted. The flag is not required when you are starting the agent as a Windows service.
-f flag as follows:
- UNIX type OS:
- Windows CLI:
Log Analytics Missing Field Extractions
If you are missing fields in your Log Analytics data that you expect to see based on your source rule configuration, if you are using regex (including grok patterns) in your field extraction, you may be encountering a performance safeguard.
If a regex pattern takes more than five seconds to match against a log line, the attempt to extract the fields is terminated, and no further processing occurs requiring the extracted fields. As a result, some fields may be missing when viewed on the controller for that log line. In this case, the following error message appears in the analytics agent log:
Another reason for missing fields is if the log line doesn't contain the field to be extracted as defined in the pattern.
Custom Analytics Metrics
If you are having issues with metrics created from saved searches or with the alerts performance for those metrics, try increasing the query batch size. You can increase the size using the
analytics.scheduledqueries.batch.size Controller setting in the Controller Administration Console. The default value for this setting is 5.
See Access the Administration Console for information about accessing the setting.
For SaaS-based installations, you configure the Analytics endpoint by modifying the http.event.endpoint setting in the \conf\analytics-agent.properties file (as described in Installing Agent-Side Components). For example:
If your firewall rules require you to use specific IP addresses, rather than hostnames, note the following information. If you are unable to see transaction analytics data collected as expected (even after configuring your firewall rules) and you see repetitive "Connection Reset" messages in the logs similar to the following, your firewall rules may not include the correct IP addresses.
Your firewall rules may not include the correct IP addresses.
In SaaS environments, both
syd-ana-api.saas.appdynamics.com are round-robin DNS aliases and may resolve to multiple DNS (54. vs 52.) such as in the following examples:
Amazon Web Services (AWS) controls the IPs used, so they may change from time to time. AWS publishes its current IP address ranges in JSON format, so if you are unable to open firewalls to hostnames, you can download the AWS IP address ranges. If you want to be notified whenever there is a change to the AWS IP address ranges, you can subscribe to receive notifications using Amazon SNS.
Monitoring Health of the Analytics Agent
The check-health command returns the status of an analytics agent. You can specify the agent to check using a properties file or IP address and port. For example, using a properties file:
You can also use the -hp argument and pass the host IP address and the port number for the analytics agent. For example:
The default analytics agent port for the health check is 9091.
Usage for the check-health command is:
- On Windows, you cannot delete a log file with the "del" command while the analytics agent is collecting log data from the file.
- Avoid using robocopy/move commands to move files in Windows. Instead, it is recommended that you use the "move" command.