Improve the observability of your applications with NetScaler

This post was co-authored by Angela Tripp, NetScaler Principal Product Marketing Manager

In the context of enterprise applications, observability refers to assessing the health, performance, and behavior of applications so that you can quickly identify and resolve issues. By using insights gained through observability, you can improve application performance and security, which in turn improves application end-user experience. 

The need for an integrated observability stack

Enterprises often build observability stacks using self-managed, cloud hosted, or open source solutions. An observability stack allows you to gain actionable insights into applications and APIs, your security posture, and such diverse infrastructure components as networking, storage, compute, and security solutions. 

In addition to providing high-performance application delivery, NetScaler has built-in observability capabilities. The integrated solution is flexible, allowing you to consume metrics in your data visualization tool of choice to surface critical application performance and security insights.

As a key component of your observability stack, NetScaler works the same across on-premises and public cloud for delivering and securing both traditional VM-based applications and modern Kubernetes applications.

Observability insights available in NetScaler

NetScaler provides granular data for three key areas that are crucial to ensuring high-performing and secure applications: application and API insights, application security and API security insights, and network and infrastructure insights.

Application and API insights

NetScaler processes each HTTP, HTTPS, TCP, and UDP request in detail for load balancing, optimizing, and routing traffic to backend applications. For each such request, NetScaler also collects key application and API data points to generate actionable insights for application owners and networking operations teams:

1. Latency: Latency of client network, application servers, ISP (internet service providers), CDN (content delivery networks), and also latency of NetScaler, itself 
2. Traffic: Amount of user traffic or API traffic that backend applications are handling over time; additional insights such as originated source device, IP address, operating system, and location
3. Errors: Detailed information about errors for major protocols such as HTTP (4xx, 5xx response codes, invalid HTTP host headers, incomplete request/responses), SSL (client hello rejections, server certificate revoked, and more), TCP (SYN retransmissions, checksum error, TCP reset)
4. Dependencies: How applications, databases, and east-west microservices are connected to each other and the health of traffic between these dependent services

Application security and API security insights

In addition to providing comprehensive application and API security features such as web application firewall (WAF), IP reputation, TLS termination, AAA, and shadow API discovery. NetScaler also provides rich analytics for application and API security including:

1. Vulnerability insights: Number and type of OWASP top 10 attacks such as buffer overflow, SQL injection, common vulnerabilities such as Log4J or Spring4Shell
2. SSL certificates and traffic analytics: Applications rated SSL A+, SSL certificates expiring soon, strength of ciphers, SSL traffic handshake failures
3. API analytics: API vs. user traffic, shadow APIs, API authentication success/failure rates, frequently accessed APIs

Network and infrastructure insights

NetScaler also provides rich insights about your underlying network infrastructure such as:

• NetScaler telemetry: Health parameters of NetScaler ADCs such as CPU, memory, network interface saturation surge queue buildup
• NetScaler fleet telemetry: Health of NetScaler ADCs that form a high availability (HA), cluster, GSLB parent/child configuration
• Bottlenecks: Which component of network infrastructure (ISP, CDN, client network, NetScaler, web applications, east-west microservices) is or could be the root cause of application failure

The 4 observability pillars

Observability has four core pillars — metrics, events, logs, and traces — commonly referred to as MELT. NetScaler provides rich insights for each of the MELT data types:

1. Metrics: NetScaler provides statistics or counters that you can access via CLI or via REST APIs (called NITRO APIs in NetScaler) and also provides time-series metrics that you can export to time-series databases such as Prometheus
2. Events: NetScaler alerts you when a specific event occurs, such as a CPU or memory threshold breach or an ADC reaches system limits 
3. Logs: NetScaler has a comprehensive set of logs:
   • Transaction logs are generated for each request/response processed by NetScaler. These logs have deep HTTP, SSL, and TCP-level data that generates the “Application and  API insights” and also the “Application and API security insights” referenced above. 
   • Syslogs are generated in standard Syslog format containing information about how each request/response is processed by NetScaler components (such as LB, CS, SSL, and WAF). 
   • Other logs provide a variety of information such as access to a NetScaler ADC and licensing information and logs about the health of internal processes running on NetScaler
4. Traces: NetScaler generates distributed traces that are particularly useful for microservices environments. These distributed traces are generated when a request propagates from upstream ( front-end services, for example) to downstream services (such as databases) and help you identify the exact microservice(s) that could be the root of issues. 

Flexibility to access NetScaler observability insights how you choose

Now that you know the type of insights available from NetScaler, let’s take a look at how you can access these insights. We’ve made it simple to access observability insights from your preferred platform or tool:

• On the NetScaler ADC via command line or GUI for all NetScaler hardware form factors (MPX and SDX) and software form factors (VPX, CPX, and BLX).
• On NetScaler Application Delivery Management (ADM) service and ADM self-managed
• On your choice of application performance management (APM) and network performance management (NPM) tools such as Prometheus, Grafana, Splunk, Elasticsearch, Kafka, SolarWinds, LogicMonitor, and more.
• On your self-managed automation solution via REST-based APIs (called NITRO APIs in NetScaler)

Getting started with the NetScaler observability stack

The NetScaler Community site features articles, webinars, and more about the benefits of using the NetScaler observability stack.

You’ll also find more details in the documentation for NetScaler observability.