search cancel

Server Error 401 - root cause analysis email

book

Article ID: 240145

calendar_today

Updated On:

Products

CA App Synthetic Monitor

Issue/Introduction

Symptoms:
CA App Synthetic Monitor 10.1 - "Server Error 401 - Unauthorized: Access is denied due to invalid credentials" instead of browser snapshot in an alert's root cause analysis. When checking the RCA report through the master account after opening the root cause analysis from a mail the following error can be encountered:

The monitor type is (Timeout was reached) / the http
service on '##########' has not been working as specified.

Snapshot of an alert and the error screenshot below. The RCA link from the email itself is working as expected and only its "web snapshot" part would be impacted.

 

Cause

When a monitor starts failing after the first failure after a previous successful check and the monitor is of a particular type, we trigger a few more additional checks from the same monitoring station towards the same host - some DNS checks and also the screenshot. This should help users to find the root cause of the error why the monitor failed. The problem is that in that case, the page requires authentication, and these credentials are not passed to the agent that creates the screenshot. Thus, the screenshot displays the 401 unauthorized error. This is a bug - either the screenshot should not be created if the page requires authentication or the credentials should be provided to create a reasonable/useful screenshot. However, it has no impact on the fact that the monitor failed - these extra checks are generated after the failure - post mortem. There is only no extra screenshot available to help you with the analysis.

Environment

CA App Synthetic Monitor 10.1

Resolution

The authentication issue required to take the impacted screenshot will be fixed in the next release

Additional Information

Screenshots, and videos on OPMS, are being retrieved to our servers for checks from OPMS on-demand. The default storage time on the station is two weeks but if they're accessed within this timeframe, they get cached on our cache server for 30 days and if they're accessed again, the station is not contacted at all. If they're not demanded from the station within 14 days after creation, they get deleted and can never be retrieved. This applies to all files like JTL JMeter check results, WD monitor HAR files, and videos, and FPM (browser) monitors HAR files and screenshots.

Running out of space would render the station defunct also having strange mounts, running out of space only on the partition where these file assets are stored, having enough space on other partitions - that'd be a rare set of consequences. 

Most of the other checks (DNS, ping, etc.) we do only in case an HTTP/S check fails. The screenshot may be very helpful in cases where the monitor has a "match expression" set up and it doesn't match - in this case we also save the whole server response as an asset, but a visible confirmation could also help to identify the problem (the server is serving another page than expected). The match expression is very useful on HTTP monitors because then you get the response data. 

Here it may be confusing because the screenshot lacks any browser UI elements but that's what you get here. The browser we use for this screenshot process on their version of OPMS is just a stripped-down and a very old firefox with no UI. When the browser starts it's just a white canvas. Since the page times out, there's nothing to display. On newer OPMS versions the screenshot would be taken in better resolution, and generally much more useful. The screenshots would also show the browser error pages for timeouts etc. instead of just a white PNG.

DX App Synthetic Monitor SaaS: On-Premise Monitoring Stations (OPMS)
https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/app-synthetic-monitor/SaaS/on-premise-monitoring-stations-opms.html

Attachments