question

IGOR M. avatar image
IGOR M. asked ·

How to define alert based on % of unsuccesful ssl handshakes

Hello!

Can one explain please

How to define alert based on % of unsuccesful ssl handshakes

I see such metric in report designer and composed chart for it, but i do not see such metric in alert wizard. It only provides several ssl error metrics in counted values or connection related in seconds but not handshake errors related in %. And i unable to figure out total ssl handshake metric to compose formula calculation.

Kind thanks and regards, Igor

alertingnam
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Kris Z. avatar image
Kris Z. answered ·

Let's not look at the world through dark shades. Only slightly dimmed:-)

As of today (NAM 2018), you can create an alert based on "availability (transport)" metric. This metric shows percentage of successful operation attempts on e.g. software service level, counting failures when transport layer failure has been spotted. Transport failures are those which occurred on layers of SSL and HTTP. So if you define a software service for which you use SSL non-decrypting decode, your transport failures will equal the number of SSL failures. Handshake failure is one of those SSL failures, abrupt SSL session termination (because of SSL stack fail) is another.

End of it all, there is a way to track percentage of handshake failures by manipulating the decode configuration. It's not elegant, but can be done. Perhaps it could help.

In a short term (upcoming service packs), developers will analyze possibility of adding to alert configuration the metric that reveals number of failed handshakes. This would add possibility of withering availability (transport) alarms by number of failed handshakes >0. Still not a direct %handshake failures, but a bit closer: software service/decode configuration tweaking won't be required.

For the farther horizon, we will look at possibility of extending SSL handshake operation reporting to include number of failures - this could be the ideal solution (if it proved to be technically feasible; we don't know yet). In this case we would report failures, percentage of these, together with an information on which cipher negotiation failed. But we don't know yet if and when would this be doable.

Best regards

1 comment Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

In addition to Kris's comment, let me inform you that metric SSL handshake errors will be available in Dynatrace NAM alert's mechanism in Service Pack 18.0.1

Best Regrads

Jacek

0 Likes 0 · ·
Babar Q. avatar image
Babar Q. answered ·

Hello @Igor M.

Have a look in the below post in case it helps you.

https://answers.dynatrace.com/spaces/160/open-q-a_...

Regards,

Babar

Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

IGOR M. avatar image
IGOR M. answered ·

Thank you, gents!

Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

IGOR M. avatar image
IGOR M. answered ·

Babar, thank you for pointing into related post.

Sad story there ...

Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

IGOR M. avatar image
IGOR M. answered ·

Any ideas regarding this question are greately appreciated!

Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.