Many systems that speak over TCP have simple call-and-response protocols. These lend themselves well to extracting reasonably accurate request and response start and end times. This is a fabulously rich source of data that can be mined for many types of purposes. All that is needed is the first 384 bytes of each packet, containing IP and TCP headers but no payload. This is simple and non-intrusive to capture.
What can we do with this data? Here are some examples:
This analysis technique works for any system, at any layer in the stack, as long as the TCP-based protocol follows call-and-response semantics. Examples of systems that conform to this are most databases, including relational and NoSQL databases; key-value caches such as memcached; and many types of HTTP interactions.
This talk will introduce tools and techniques for capturing and analyzing the network traffic to give deeper insight into system behavior. This knowledge can reveal patterns that can be predictive of emerging problems, such as impending saturation or lock contention in an architectural layer. This overall system performance analysis is a valuable technique for finding problems without needing to analyze each layer independently.
Sign in to add slides, notes or videos to this session