Glossary Release 9.5

CA Application Performance Management

This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation) is for your informational purposes only and is subject to change or withdrawal by CA at any time.

This Documentation may not be copied, transferred, reproduced, disclosed, modified or duplicated, in whole or in part, without the prior written consent of CA. This Documentation is confidential and proprietary information of CA and may not be disclosed by you or used for any purpose other than as may be permitted in (i) a separate agreement between you and CA governing your use of the CA software to which the Documentation relates; or (ii) a separate confidentiality agreement between you and CA.

Notwithstanding the foregoing, if you are a licensed user of the software product(s) addressed in the Documentation, you may print or otherwise make available a reasonable number of copies of the Documentation for internal use by you and your employees in connection with that software, provided that all CA copyright notices and legends are affixed to each reproduced copy.

The right to print or otherwise make available copies of the Documentation is limited to the period during which the applicable license for such software remains in full force and effect. Should the license terminate for any reason, it is your responsibility to certify in writing to CA that all copies and partial copies of the Documentation have been returned to CA or destroyed.

TO THE EXTENT PERMITTED BY APPLICABLE LAW, CA PROVIDES THIS DOCUMENTATION AS IS WITHOUT WARRANTY OF ANY KIND, INCLUDING WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT. IN NO EVENT WILL CA BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY LOSS OR DAMAGE, DIRECT OR INDIRECT, FROM THE USE OF THIS DOCUMENTATION, INCLUDING WITHOUT LIMITATION, LOST PROFITS, LOST INVESTMENT, BUSINESS INTERRUPTION, GOODWILL, OR LOST DATA, EVEN IF CA IS EXPRESSLY ADVISED IN ADVANCE OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE.

The use of any software product referenced in the Documentation is governed by the applicable license agreement and such license agreement is not modified in any way by the terms of this notice.

The manufacturer of this Documentation is CA.

Provided with Restricted Rights. Use, duplication or disclosure by the United States Government is subject to the restrictions set forth in FAR Sections 12.212, 52.227-14, and 52.227-19(c)(1) - (2) and DFARS Section 252.227-7014(b)(3), as applicable, or their successors.

Copyright 2013 CA. All rights reserved. All trademarks, trade names, service marks, and logos referenced herein belong to their respective companies.

CA Technologies Product References

This document references the following CA Technologies products and features:

CA Application Performance Management (CA APM)

CA Application Performance Management ChangeDetector (CA APM ChangeDetector)

CA Application Performance Management ErrorDetector (CA APM ErrorDetector)

CA Application Performance Management for CA Database Performance (CA APM for CA Database Performance)

CA Application Performance Management for CA SiteMinder (CA APM for CA SiteMinder)

CA Application Performance Management for CA SiteMinder Application Server Agents (CA APM for CA SiteMinder ASA)

CA Application Performance Management for IBM CICS Transaction Gateway (CA APM for IBM CICS Transaction Gateway)

CA Application Performance Management for IBM WebSphere Application Server (CA APM for IBM WebSphere Application Server)

CA Application Performance Management for IBM WebSphere Distributed Environments (CA APM for IBM WebSphere Distributed Environments)

CA Application Performance Management for IBM WebSphere MQ (CA APM for IBM WebSphere MQ)

CA Application Performance Management for IBM WebSphere Portal (CA APM for IBM WebSphere Portal)

CA Application Performance Management for IBM WebSphere Process Server (CA APM for IBM WebSphere Process Server)

CA Application Performance Management for IBM z/OS (CA APM for IBM z/OS)

CA Application Performance Management for Microsoft SharePoint (CA APM for Microsoft SharePoint)

CA Application Performance Management for Oracle Databases (CA APM for Oracle Databases)

CA Application Performance Management for Oracle Service Bus (CA APM for Oracle Service Bus)

CA Application Performance Management for Oracle WebLogic Portal (CA APM for Oracle WebLogic Portal)

CA Application Performance Management for Oracle WebLogic Server (CA APM for Oracle WebLogic Server)

CA Application Performance Management for SOA (CA APM for SOA)

CA Application Performance Management for TIBCO BusinessWorks (CA APM for TIBCO BusinessWorks)

CA Application Performance Management for TIBCO Enterprise Message Service (CA APM for TIBCO Enterprise Message Service)

CA Application Performance Management for Web Servers (CA APM for Web Servers)

CA Application Performance Management for webMethods Broker (CA APM for webMethods Broker)

CA Application Performance Management for webMethods Integration Server (CA APM for webMethods Integration Server)

CA Application Performance Management Integration for CA CMDB (CA APM Integration for CA CMDB)

CA Application Performance Management Integration for CA NSM (CA APM Integration for CA NSM)

CA Application Performance Management LeakHunter (CA APM LeakHunter)

CA Application Performance Management Transaction Generator (CA APM TG)

CA Cross-Enterprise Application Performance Management

CA Customer Experience Manager (CA CEM)

CA Embedded Entitlements Manager (CA EEM)

CA eHealth Performance Manager (CA eHealth)

CA Insight Database Performance Monitor for DB2 for z/OS

CA Introscope

CA SiteMinder

CA Spectrum Infrastructure Manager (CA Spectrum)

CA SYSVIEW Performance Management (CA SYSVIEW)

Contact CA Technologies

Contact CA Support

For your convenience, CA Technologies provides one site where you can access the information that you need for your Home Office, Small Business, and Enterprise CA Technologies products. At http://ca.com/support, you can access the following resources:

Online and telephone contact information for technical assistance and customer services

Information about user communities and forums

Product and documentation downloads

CA Support policies and guidelines

Other helpful resources appropriate for your product

Providing Feedback About Product Documentation

If you have comments or questions about CA Technologies product documentation, you can send a message to techpubs@ca.com.

To provide feedback about CA Technologies product documentation, complete our short customer survey which is available on the CA Support website at http://ca.com/docs.

Contents 7

Contents

Glossary 9

Glossary 9

Glossary

.NET agent The.NET agent collects metrics in Microsoft .NET environments. See also: C# (see page 16), Common Language Runtime (CLR) (see page 19), .NET Framework (see page 9)

.NET Framework The Microsoft .NET Framework is a development and execution environment that allows different programming languages and libraries to work together. The .NET Framework is based on a runtime environment known as the Common Language (CLR), which uses programming languages such as C#. See also: C# (see page 16), Common Language Runtime (CLR) (see page 19), Java platform (see page 33), .NET agent (see page 9)

Action Message Format (AMF) Action Message Format (AMF) is a binary format used to pass Adobe Flex application data in HTTP request and response transactions. See also: Flex parameters (see page 26)

agent In an Introscope deployment, the agent collects web application and environmental metrics and relays them to the Enterprise Manager. A web application that reports metrics to an agent is referred to as being instrumented. See also: instrumented (see page 30), Java agent (see page 32), .NET agent (see page 9)

agent Enterprise Manager network topology The agent - Enterprise Manager network topology is the CA APM environment network structure. This topology specifies which agents or groups of agents can connect to specific standalone Enterprise Managers, Collectors, and groups of Collectors.

agent extension An agent extension is program code (JAR or DLL and related PBD file) that extends the basic functionality of the agent. BizTrxHttpTracer and ServletHeaderDecorator or HTTPHeaderDecorator are agent extensions that are required for the integration of CA CEM and Introscope. See also: BizTrxHttpTracer (see page 13), HTTPHeaderDecorator (see page 27), ServletHeaderDecorator (see page 44)

agent load balancing Agent load balancing balances the metric load between Collectors in a clustered environment. Specific agents, assigned to the MOM, equalize the metric count among the Collectors by directing the agents to send their metric data to the least burdened Collector in the cluster. See also: agent (see page 9), cluster (clustering) (see page 18), Collector (see page 19), Manager of Managers (MOM) (see page 35)

10 Glossary

alert An alert is a saved set of threshold values for "Caution" and "Danger," with accompanying other properties. In Introscope, an alert is one of the base objects in a Management Module, which saves collections of these objects for reuse. An alert commonly has actions associated with it, but actions are themselves separate Management Module objects. Be sure to distinguish between the alert itself (for example, the name of the alert associated with saved threshold values) and the:

alert indicator, which is a graphical display of alert status

alert notification, which is one of the actions possible to associate with an alert.

Apache Ant Apache Ant is a software tool for automating software build processes. It is similar to make, but is written in the Java language, requires the Java platform, and is best suited to building Java projects. The most immediately noticeable difference between Ant and make is that Ant uses XML to describe the build process and its dependencies, whereas make has its Makefile format. By default the XML file is named build.xml. Ant is an Apache project. It is open source software, and is released under the Apache Software License.

API Application Programming Interface. See also: SDK (see page 43)

APM See Application Performance Management (APM) (see page 11).

APM database The APM database includes business service and business transaction data, which is used in the Introscope Investigator application triage map and for CA CEM incidents and defects. It also stores all CA CEM-related configuration data. See also: Baselines database (see page 13), SmartStor database (see page 46), Transaction Events database (see page 51)

APM Status console The APM Status console is an Introscope Workstation user interface for monitoring and addressing Enterprise Manager runtime health issues. CA APM administrators can view important status and events for a stand-alone or clustered Enterprise Manager. This functionality provides out-of-the-box monitoring capabilities that would otherwise require the administrator to configure alerts on Enterprise Manager supportability metrics.

APM transaction time See CEM transaction time (see page 17).

Glossary 11

applet An applet is a program written in the Java programming language that can be included in an HTML page, much in the same way an image is included in a page. When you use a Java technology-enabled browser to view a page containing an applet, the applet code is transferred to your system. The browser Java Virtual Machine (JVM) executes the applet code. See also: Java Virtual Machine (JVM) (see page 33), metric, Introscope (see page 36)

application health See application supportability (see page 11).

Application Performance Management (APM) CA Application Performance Management (APM) product. CA APM provides an effective and comprehensive application performance management strategy that enables you to understand the end-user experience and measure service level agreements (SLAs). You can map all transactions to the end-to-end infrastructure, as well as conduct incident triage and root-cause diagnoses in a complete and integrated solution. See also: Introscope (see page 30), CA CEM (see page 16)

application server An application server is a program in a network that provides the business logic for an application program; it often refers to a J2EE (Java 2 Platform, Enterprise Edition) application server such as IBM WebSphere or BEA WebLogic. See also: Java platform (see page 33)

application server time The application server time is the measure of time that it takes the application server to process the transaction, as reported by Introscope. Introscope reports the response time from the first Blamed component that was involved in serving the response.

application supportability Introscope measures application supportability by measuring the performance of various application components. Metrics provide information about JVM/CLR, web application, and backend systems. CA APM provides supportability metrics so you can answer questions about the health of your applications.

application triage map The application triage map presents a graphical view of your managed application, showing application health and errors. This map is automatically generated from the performance and analysis of Introscope metrics, errors, and events. The application triage map allows you to see your applications from these perspectives: as frontend applications and their dependencies, and as business services and their dependencies. You can customize the default view of your application by configuring the instrumentation (PBD) files. See also: business transaction component (see page 16), managed application (see page 34)

12 Glossary

ASP.NET ASP.NET is a set of web application development technologies that Microsoft markets. Programmers can use ASP.NET to build dynamic web sites, web applications, and XML web services. ASP.NET is part of the Microsoft .NET platform and is the successor to the Microsoft Active Server Pages (ASP) technology. See also: .NET Framework (see page 9)

AutoProbe Introscope AutoProbe automates the application instrumentation process by dynamically adding probes to the application at start-up time. Introscope probes provide the source data for Introscope metrics. See also: instrumented (see page 30), ProbeBuilder (see page 41)

average value The average value is a single number used to represent a distribution of data, which can include thousands of data points. This metric is used in performance calculations. CA CEM Calculation: average value = sum of values / count of values

Note: This is not the same as median value (see page 35).

backend An Introscope backend is an external system that a web application relies on for some portion of its processing. For example, a backend might be a database, a mail server, a transaction processing system, or a messaging system. Introscope automatically identifies databases as backend systems by the name of the database. For other external systems, Introscope analyzes the socket activity of the application and names the backend based on the IP address and port that the application is communicating over. See also: Enterprise JavaBeans (EJBs) (see page 24), frontend (see page 26)

backend time The backend time is the measure of time that the suspected Blame component (for example, a database component) of the backend system takes to complete, based on Introscope reporting. CA CEM is configurable as to which set of components represents backends. By default, CA CEM depends on the Introscope definition of a backend. The Introscope backend time is measured from the Java component that invokes the backend; therefore the time includes both the backend processing time and any network time spent communicating with the backend. See also: backend (see page 12), suspected Blame component (see page 48)

bandwidth, metric See metric, Introscope (see page 36).

baseline The baseline is an initial set of data that is used as a comparison or control. Both Introscope and CA CEM employ baseline algorithms to monitor web applications.

Glossary 13

Introscope determines the color of an alert indicator in the Overview tab by evaluating current metrics against a baseline for those metrics. With an agent node selected in the agent-centric tree, the Heuristics node shows the metric values related to these indicators. For a given metric, the Introscope baseline algorithm determines the next expected value, as well as the expected deviation from that value. If the actual deviation exceeds (2x), or significantly exceeds (4x), the expected deviation, the baseliner indicates a moderate or severe violation, and an associated heuristic turns yellow or red. Internally, the baseliner evaluates the slope of the time series, and determines the expected value of the slope. Recent data is given more weight than older data. CA CEM calculates a defect specification baseline based on 28 days of historical data for behavioral defects. After enough data have been collected, then you have the option of changing the defect specification value, or setting the baseline. For example, the slow time defect specification has a default value of 5 seconds. If you gather actual transaction data, then set the baseline for the slow time defect, it will change from the default of 5 seconds, to the suggested defect specification value (say 7.2 seconds). See also: Baselines database (see page 13), heuristic metrics (see page 27), specification (see page 46)

Baselines database The Introscope Baselines database contains the most common, normal range of values for each metric in your system. The Introscope heuristic logic uses the values to determine whether there is an abnormal condition that requires administrator attention, or special event processing such as Transaction Tracer. See also: APM database (see page 10), baseline (see page 12), heuristic metrics (see page 27), SmartStor database (see page 46), Transaction Events database (see page 51)

behavioral defect A behavioral defect is a defect that can be detected by analyzing the behavior of a transaction. Behavioral defects include defects related to measurements of the time, size, and throughput (size / time) of a transaction. See also: defect (see page 20), response defect (see page 42)

BizTrxHttpTracer BizTrxHttpTracer is an agent extension that uses CA CEM business transaction definitions (the rule set) to identify and monitor transactions. BizTrxHttpTracer enables Introscope Transaction Tracer functionality so that metrics appear in the Investigator with CA CEM names. BizTrxHttpTracer requires the current transaction and tracing information to initiate transaction traces. BizTrxHttpTracer replaces CEMTracer functionality. See also: business transaction (see page 15), CEMTracer (see page 17), Transaction Tracer (see page 54), rule set (see page 43)

Blame Introscope Blame is the technology used to instrument an application. Introscope tracks component interactions and resource usage by marking application frontends and backends, and by providing metrics for problem investigations.

14 Glossary

See also: backend (see page 12), frontend (see page 26), instrumented (see page 30), Transaction Tracer (see page 54)

box-whisker graph A box-whisker graph represents a distribution of data points. The whiskers represent the maximum and minimum range. The box represents the 75th and 25th percentile. The white dash represents the 50th percentile, or median. Tick marks represent the 95th and 5th percentiles. Connecting lines between the boxes show trends over time. The dashed (orange, connecting) line is the median trend line and the solid (magenta, connecting) line is the average trend line. Horizontal lines show the upper and lower specification limits (USL and LSL). The data table below the graph shows count (number of transactions), span, average, and data points.

See also: average value (see page 12), lower specification limit (see page 34), median value (see page 35), percentile value (see page 40), range (see page 42), span (see page 46), upper specification limit (see page 54)

business application A business application is a software program that automates a business service. CA APM monitors web transactions, which are the product of web applications. A business application is part of the transaction hierarchy. A CA CEM business application is the name of an object that holds application-specific configuration settings. It can define the way that a web application:

Glossary 15

authenticates users (authentication type, login name parameters)

maintains sessions (session ID parameters)

identifies transactions (application type)

handles case sensitivity of various HTTP parameters (URL paths and login names)

processes user statistics (e-commerce or enterprise)

handles character encoding (multibyte)

See also: transaction hierarchy (see page 51), web application (see page 56)

business impact

The business impact is the measure that a defect or an incident has on the business. The CA CEM product displays business impacts on the Impact Leaders and Incidents pages.

See also: defect business impact (see page 21), impact level (see page 28), incident business impact (see page 29)

business impact, defect See defect business impact (see page 21).

business impact, incident See incident business impact (see page 29).

business process In CA CEM product releases prior to 5.0, a business service was called a business process. See also: business service (see page 15)

business service A CA CEM business service is a group of business transactions. Measurements are aggregated to this level in the transaction hierarchy. In SOA Performance Management, a business service makes outgoing requests to backend systems for the enterprise service bus. See also: group (see page 26), transaction hierarchy (see page 51)

business transaction A CA CEM business transaction is a set of one or more transactions. Measurements are gathered at this level in the transaction hierarchy. For each business transaction, there is one identifying transaction.

Note: This is used only with complex transactions (for example, Siebel or SAP). See also: transaction hierarchy (see page 51), set (see page 45)

16 Glossary

business transaction component In Introscope, a business transaction component represents one HTTP request/response pair that is instrumented and monitored to track the health of a business transaction. Business transaction components are the source of application triage map health metrics. The business transaction component is the single identifying component of the transaction, which is the single identifying transaction of the business transaction. A business transaction component is similar to both of these components:

Transaction (as it is the one identifying transaction of the business transaction).

Transaction component (as it is the one identifying component in the one transaction).

See also: transaction (see page 50), transaction component (see page 51), transaction hierarchy (see page 51)

business value add The business value add is the sum of the per-transaction business values for all revenue-bearing transactions successfully completed for the reporting period. Revenue-bearing transactions can be identified and assigned a per-transaction value, in currency. CA CEM Calculation: business value add = sum of business values for all revenue-bearing transactions Used in CA CEM Calculation: total business value = net IT value add + business value add See also: net IT value add (see page 38), total business value (see page 50)

C# C# (pronounced C sharp) is an object-oriented programming language, developed by Microsoft, for use with the .NET Framework. See also: Common Language Runtime (CLR) (see page 19), .NET agent (see page 9), .NET Framework (see page 9)

CA CEM CA CEM is a product that monitors customer transactions to isolate the causes of data center problems. CA CEM measures the performance and quality of customer transactions, identifies defects and variance, and quantifies the impact on customers and the business. See also: Enterprise Manager (EM) (see page 24), TIM (Transaction Impact Monitor) (see page 50)

cacheable

A cacheable transaction or component is one that has the potential of being cached by the browser client or by a proxy server. The transaction or component therefore might not be observed by the TIM when it was previously cached.

See also: non-cacheable (see page 38)

CDV See Cross-cluster Data Viewer (CDV) (see page 20)

Glossary 17

CEM See CA CEM (see page 16).

CEM transaction time CEM transaction time is the total elapsed time of a transaction, from the first request packet to the last response packet, as monitored by the TIM. See also: transaction time SLA (see page 53)

CEMDefinitionHandler CEMDefinitionHandler is the Release 8.2 CA Introscope EM extension that receives and parses CA CEM business transaction definitions and passes the parsed definitions to registered agents. CEMDefinitionHandler sends transaction-trace requests to the Release 8.2 agents, receives transaction trace data from the agents, and passes that data back to CA CEM. See also: EM extension (see page 23), Enterprise Manager (EM) (see page 24)

CEMTracer CEMTracer is a Release 8.2 CA Introscope agent extension. This extension was replaced in Release 9.0 with BizTrxHttpTracer. See also: BizTrxHttpTracer (see page 13), business transaction (see page 15), rule set (see page 43), Transaction Tracer (see page 54)

character encoding CA CEM supports 16-bit characters in transaction data and definition names. This provides out-of-the-box support for Chinese, Japanese, and Korean character sets. These character encodings are supported:

ISO-8859-1 the default character encoding for CA CEM; the standard defined by ISO, an 8-bit single-byte coded graphic character set - Latin alphabet No. 1 (sometimes called Latin-1); generally intended for Western European languages; the HTTP and MIME text default.

UTF-8 the Unicode Transformation Format 8-bit character set is a variable-length character encoding for Unicode. It can represent any character in the Unicode standard, and is backward compatible with ASCII; the standard for encoding Unicode on UNIX / Linux; the preferred standard for multi-lingual web sites.

EUC-JP a variable-width encoding used to represent the elements of three Japanese character set standards: JIS X 0208, JIS X 0212, and JIS X 0201; based on Extended UNIX Code (EUC), which is a multibyte character encoding system; Japanese character encoding for UNIX / Linux.

Shift-JIS a character encoding for the Japanese language originally developed by a Japanese company called ASCII Corporation in conjunction with Microsoft and standardized as JIS X 0208 (also called SJIS, or by its MIME name Shift_JIS); Japanese character encoding for Microsoft Windows.

18 Glossary

ISO-2022-JP a widely used character encoding for the Japanese language that is based on the ISO-2022 standard (also called JIS); employs a technique for including multiple character sets in a single character encoding; includes ASCII, uses escape sequences to switch to: JIS X 0201-1976 (1 byte per character), JIS X 0208-1978 (2 bytes per character), JIS X 0208-1983 (2 bytes per character); double-byte coded Kanji (Chinese characters used in Japanese writing).

Windows-31J a Microsoft Windows extension to Shift-JIS to accommodate NEC special characters and IBM extensions.

GB2312 the registered name for an official character encoding of the People's Republic of China, used for simplified Chinese characters. GB abbreviates Guojia Biaozhun, which means national standard in Chinese (also GB 2312); Chinese, simplified.

Big5 a character encoding method used in Taiwan, Hong Kong, and Macau for traditional Chinese characters (also Big-5); Chinese, traditional.

EUC-KR a variable-width encoding to represent Korean text using two coded character sets: KS X 1001 and KS X 1003; based on Extended UNIX Code (EUC), which is a multibyte character encoding system; Korean.

clamp A clamp is a configurable limit of the number of metrics returned for a specific function. Used in transaction trace clamping and metric clamping for various CA APM components such as agents and the Enterprise Manager. See also: metric clamp (see page 35), Transaction Tracer (see page 54)

client IP address See IP address (see page 31).

cluster (clustering) Typically, a cluster integrates the resources of two or more computing devices (that could otherwise function separately) together for a common purpose. Clustering allows an Enterprise Manager to manage other Enterprise Managers, or serve as a Manager of Managers (MOM). See also: Enterprise Manager (EM) (see page 24), Manager of Managers (MOM) (see page 35)

CMDB The CA CMDB (Configuration Management Database) is an enterprise IT database product that provides visibility into the relationships between disparate components and processes in an IT infrastructure. CA CMDB helps organizations overcome the complexity of IT management and integrates management across functional silos so that organizations can take a service-focused approach to delivering IT. The integration between CA CEM and CA CMDB enables CA CEM to share its configuration with the CA CMDB implementation. This allows business services and transactions to be visualized within the CMDB relative to other known infrastructure configurations, which enables more complete problem triage.

Glossary 19

Collector An Enterprise Manager Collector is one that is managed by a Manager of Managers (MOM) in a clustered environment. See also: cluster (clustering) (see page 18), Enterprise Manager (EM) (see page 24), Manager of Managers (MOM) (see page 35)

Common Language Runtime (CLR) Common Language Runtime (CLR) is the Microsoft implementation of the Common Language Infrastructure (CLI). The purpose of the CLI is to provide a language-independent platform for application development and execution. The .NET CLR is roughly equivalent to the Java platform JVM. See also: C# (see page 16), .NET agent (see page 9), .NET Framework (see page 9)

component, business transaction See business transaction component (see page 16).

component, missing See missing component (see page 37).

component, transaction See transaction component (see page 51).

concurrency, metric See metric, Introscope (see page 36).

Console, Workstation The Console is the default view when you start the Introscope Workstation; it contains dashboards that show performance data in graphical views. See also: dashboard (see page 20), Investigator, Workstation (see page 31), Workstation (see page 56), WebView (see page 56)

container A container refers to a Java run-time environment for enterprise beans. A container that runs on an EJB (Enterprise JavaBeans) server manages the life cycles of enterprise bean objects, coordinates distributed transactions, and implements object security. See also: Enterprise JavaBeans (EJBs) (see page 24), transaction (see page 50)

content error A content error means that, after analyzing the full content of the response for the occurrence of error messages or other patterns indicating that an error has occurred, the TIM generates a defect.

correlational SLA A correlational SLA is a multi-dimensional SLA set by user group, by business transaction. Correlational SLAs are a multi-dimensional alternative to the single-dimensional SLAs set only for a business transaction, or only for a user group. For example, you can configure a correlational SLA for a business transaction which is executed by a particular user group.

20 Glossary

You might set a correlational SLA for response time, based on user distance or network complexity. As an example, perhaps the expected response time is 2 seconds for a local user, but 4 seconds is expected for remote users. See also: service level agreement (SLA) (see page 44), user group (see page 54)

count, metric See metric, Introscope (see page 36).

Cross-cluster Data Viewer (CDV) The Cross-cluster Data Viewer (CDV) is a specialized Enterprise Manager that gathers agent and customer experience metrics data from multiple Collectors across multiple clusters. Using the CDV Workstation, CA APM administrators and triagers can create and view dashboards. CDV dashboards show a consolidated view of agent and customer experience metrics provided by the Collectors. Each Collector can connect to multiple CDVs, allowing flexibility in monitoring and viewing applications that are reporting to different CA APM clusters.

dashboard An Introscope dashboard combines and presents application metrics in views to monitor the overall application environment. Dashboards deliver the in-depth performance information needed for rapid problem triage, diagnosis, and resolution for production applications. See also: metric, Introscope (see page 36)

data source A data source is any real work system, such as a relational database, an operating system subsystem (for example, a process table or file system), or another third-party product.

dead metric A dead metric has no new data reported within a given length of time. The amount of time is configurable in Introscope. See also: live metric (see page 34), metric, Introscope (see page 36)

deadlock A deadlock in an application is a situation in which two competing threads are each waiting for the other to finish its work, thus neither finishes. The threads start and then wait for each other, causing the application to slow down or hang. A thread dump can identify when an application is deadlocked. See thread dump (see page 49)

defect A defect is the failure of a transaction to conform to customer expectations and transaction specifications. Defects are categorized as behavioral and response defects. A defect is a single transaction opportunity that failed. If a transaction does not meet multiple specifications, then multiple defects are generated (for example slow time and missing components). Defects can be tracked using the defect Pareto and other graphs.

Glossary 21

Note: This is not the same as defective transaction (see page 21).

See also: behavioral defect (see page 13), defect Pareto graph (see page 21), opportunity (see page 39), response defect (see page 42), specification (see page 46)

defect business impact The defect business impact is calculated based on the impact level of the user affected, impact level of the transaction, and the impact level of the defect type. CA CEM Calculation: defect business impact = business transaction impact level * defect type impact level * user impact level See also: business transaction (see page 15), defect type (see page 21), impact level (see page 28)

defect Pareto graph The defect Pareto graph shows the most frequently occurring defects. This graph was named after the Pareto principle, also known as the 80/20 rule, where 20 percent of problems cause 80 percent of the defects. The left scale corresponds to the number of defects in each business service, as represented in the vertical red bars. The right scale and the blue line correspond to the cumulative percentage of defects in all the red bars (which represent for example, business services, business transactions, and defect types). See also: defect (see page 20)

defect time to first response See time to first response (see page 50).

defect type CA CEM defect types include: slow/fast time, low/high throughput, small/large size, HTTP status code, missing transaction/component, content error, missing response, partial response. The CA CEM administrator can configure the transaction defects and their specification limits. For example, a transaction time greater than 5 seconds might be considered to be too slow. See also: defect (see page 20)

defective transaction A defective transaction is a transaction with one or more defects.

Note: This is a different concept from a defect (see page 20).

See also: good transaction (see page 26)

defects per million opportunities (DPMO) Defects per million opportunities, or DPMO, is used to compare one service to another. DPMO allows a fair comparison of services with widely varied opportunity costs. CA CEM Calculation: DPMO = (total defects / total opportunities) * 1,000,000 See also: business service (see page 15), defect (see page 20), opportunity (see page 39)

22 Glossary

definition, transaction See transaction definition (see page 51).

DHCPv6 DHCPv6 is the Dynamic Host Configuration Protocol for IPv6. DHCP manages network parameter assignment, making it easy to add new computers to your local network. Although the IPv6 stateless address auto-configuration removes the primary motivation for DHCP in IPv4, DHCPv6 can still be used to assign statefully addresses if you want more control over addressing. DHCPv6 can also be used to distribute information which is not otherwise discoverable, for example, the DNS server. See also: IP address (see page 31), IPv6 (see page 31)

dimension See report type (see page 42).

distribution graph See box-whisker graph (see page 14).

DMZ DMZ, which is short for demilitarized zone, is a computer or small sub-network that is placed between a trusted internal network, such as a corporate private LAN, and a non-trusted external network, such as the public Internet.

domain An Introscope domain is a way to partition agents and management logic, to define which users can see what information. The CA CEM domain provides a way for the administrator to establish system-wide default values and settings for expected transaction behavior, user and business impacts, as well as system-wide data retention. As you create user groups, business services, and transactions, you have the choice of inheriting CA CEM domain default values, or creating specific values (for example, SLA settings for users).

domain configuration information The domain configuration information contains business service and transaction information, which have two purposes:

The internal CA CEM domain configuration (transactions and defect definitions), which is synchronized between CA CEM and the TIMs, and instructs TIM monitoring.

The domain configuration (transaction hierarchy), which is synchronized between CA CEM and Introscope, and is then passed to registered agents.

See also: Enterprise Manager (EM) (see page 24), synchronize all monitors (see page 49)

domainconfig.xml In Release 8.2, the domainconfig.xml file is used as the method to integrate CA CEM and CA Introscope. Used in CA APM 9.0 only with older agents with CEMTracer installed. See also: domain configuration (see page 22)

Glossary 23

DPMO See defects per million opportunities (DPMO) (see page 21).

dual-stack network In a dual-stack network, both IPv4 and IPv6 services and applications are supported. This requires hosts and routers to implement both IPv4 and IPv6 protocols. The dual-stack approach is a common way to introduce IPv6 into an existing IPv4 architecture. This enables networks to support both IPv4 and IPv6 during the transition period, waiting for IPv6 services and applications to become more readily available. See also: IP address (see page 31), IPv6 (see page 31)

dynamic instrumentation Introscope dynamic instrumentation (also called dynamic ProbeBuilding) is used to implement new and changed PBDs without restarting instrumented applications for the Introscope agent. See also: agent (see page 9), instrumented (see page 30), ProbeBuilder Directive (PBD) (see page 41)

dynamic ProbeBuilding See dynamic instrumentation (see page 23).

dynamic property A dynamic property in the Introscope configuration files (for example, the IntroscopeAgent.profile file) is deployed as soon as the configuration file is saved. You do not need to restart the application or application servers for the change to take effect.

EEM CA Embedded Entitlements Manager (CA EEM) product. CA EEM is a CA Technologies application that allows other applications to share common access policy management, authentication, and authorization services.

EITM Enterprise Information Technology Management.

EM See Enterprise Manager (EM) (see page 24).

EM Collector See Collector (see page 19).

EM extension An CA Introscope EM extension is program code (JAR file) that extends the basic functionality of the Enterprise Manager. CEMDefinitionHandler is the EM extension that was required in Release 8.2 for the integration between CA CEM and CA Introscope. See also: CEMDefinitionHandler (see page 17), Enterprise Manager (EM) (see page 24)

encoding, character See character encoding (see page 17).

24 Glossary

Enterprise JavaBeans (EJBs) Enterprise JavaBeans (EJBs) are managed server-side components used for modular construction of enterprise applications. EJBs encapsulate the business logic of an application. The Enterprise JavaBeans specification is one of several Java APIs in the Java Platform Enterprise Edition (J2EE). See also: Java (see page 32)

Enterprise Manager (EM) The Enterprise Manager (EM) stores and aggregates application performance metrics such as response time, bandwidth, and memory allocation. Multiple agents, spread throughout the enterprise, collect, and relay application and environmental metrics and report them to the Enterprise Manager. See also: Collector (see page 19), Manager of Managers (MOM) (see page 35)

Environmental Performance Agent (EPAgent, EPA) The Environmental Performance Agent (EPAgent, EPA) is a modified version of the agent that helps integrate metric data from generic and non-Java sources into Introscope. EPA uses simple scripts that allow Introscope to monitor virtually any type of application subsystem that has an impact on performance (for example, directory servers, operating systems, messaging middleware, and transaction servers). See also: agent (see page 9), stateful plug-ins (see page 47), stateless plug-ins (see page 47)

EPA See Environmental Performance Agent (EPAgent, EPA) (see page 24).

EPAgent See Environmental Performance Agent (EPAgent, EPA) (see page 24).

error snapshot CA APM ErrorDetector generates an error snapshot, which displays detailed information about what was happening when an error occurred. Error snapshot data are stored in the Transaction Event database. See also: CA APM ErrorDetector (see page 24)

ErrorDetector CA APM ErrorDetector allows application support personnel to detect and diagnose the cause of serious errors, which can prevent users from completing web transactions. Predefined "serious" errors that are based on information contained in the J2EE and .NET specifications include these errors:

Glossary 25

HTTP errors (for example, 404 and 500)

SQL statement errors

Network connectivity errors (time out errors)

Backend errors (for example, cannot send a message through JMS, cannot write a message to the message queue).

See also: error snapshot (see page 24)

event An Introscope event is any action for which agents capture metrics. Examples include transaction traces, errors, and stalls. See also: CA APM ErrorDetector (see page 24), metric, Introscope (see page 36), stall (see page 47), transaction trace (see page 53)

Event Manager The CA CEM Event Manager captures and logs system events such as communication failures or database space warnings.

evidence collection An evidence collection process can be initiated when an incident is opened, and when the business impact thresholds are exceeded on an incident. The evidence collection process might include initiating system statistics gathering, data collection, script execution, etc. Evidence collected might include performance, availability, utilization, and configuration information useful in identifying and resolving the cause of an incident. See also: business impact (see page 15), impact threshold (see page 29), incident (see page 29)

exception, metric See metric, Introscope (see page 36).

extension Extensions are CA APM applications that extend the data monitoring capabilities of Introscope. Extensions easily integrate with the core Introscope components, allowing for ease of use and integration into an already established Introscope environment.

failover See MOM failover (see page 37)

FIPS FIPS (Federal Information Processing Standards) are publicly announced standards. The U.S. Federal government developed these standards for use by all nonmilitary government agencies and by government contractors. Many FIPS standards are modified versions of standards used in the wider software industry.

26 Glossary

The FIPS 140-2 publication, "Security Requirements for Cryptographic Modules," specifies the security standard for the cryptographic libraries. This publication specifies the algorithms that software products should use for encryption. Encryption affects the storage and verification of passwords, and the communication of all sensitive data between components of a product and between products. CA CEM is FIPS 140-2 compatible. CA CEM uses FIPS-compliant cryptographic libraries and algorithms to encrypt and decrypt sensitive data, such as passwords, HTTP defect information, and user session IDs.

Flex parameters CA CEM extracts Flex parameters from the AMF messages in an HTTP request or response transaction body. Flex parameters contain data used by an Adobe Flex application. See also: Action Message Format (AMF) (see page 9)

frontend

A frontend is the component of an application that first handles an incoming transaction. In most typical J2EE applications, this is a servlet or a JSP. In some Java instances, it can be an EJB or some other component. Introscope automatically identifies servlets and JSPs as frontends, but not any other component. To explicitly mark a component as a frontend, use the FrontendMarker tracer.

See also: backend (see page 12), backend time (see page 12), Enterprise JavaBeans (EJBs) (see page 24), Java Server Page (JSP) (see page 33), servlet (see page 44)

garbage collection Automatic memory management, or garbage collection, is the process of reclaiming the memory of objects no longer in use.

good transaction A good transaction is a transaction with zero defects. See also: defective transaction (see page 21)

group A group, in CA CEM, is used to describe multiple users and multiple services. Measurements are aggregated in a group; measurements are calculated on a set. See also: business service (see page 15), business transaction (see page 15), set (see page 45)

GUID The GUID (globally unique identifier) is a unique key that is produced by ServletHeaderDecorator to identify a transaction in the monitored business application. The GUID is the key information that correlates transactions between CA CEM and Introscope. GUIDs can be created in a number of ways, but usually they are a combination of a few unique settings based on specific point in time (for example, an IP address, network MAC address, date and time). See also: MAC address (see page 34), ServletHeaderDecorator (see page 44)

Glossary 27

health, application See application supportability (see page 11).

heartbeat A heartbeat is the time interval when metrics are checked, usually in seconds.

heuristic metrics Introscope heuristic metrics are used to evaluate and report status. They are integers, but the integers are symbols of status and do not measure anything. The value of a heuristic metric is determined by evaluating current metrics against a baseline for those metrics. By defining alerts in terms of the heuristic metrics rather than fixed thresholds, the work of determining normal values for key performance indicators shifts from the Introscope administrator to Introscope itself. See also: baseline (see page 12), Baselines database (see page 13), metric, Introscope (see page 36)

hidden property A hidden property in the configuration files (for example, the IntroscopeAgent.properties file, or the IntroscopeEnterpriseManager.properties file) that is not available for use unless you add the property to the configuration files.

hierarchy, transaction See transaction hierarchy (see page 51).

histogram A histogram is a rich model of a distribution of data, which can include thousands of data points. It is used to graphically summarize and display the distribution of a process data set.

hot configuration See dynamic property (see page 23).

hot deploy See dynamic property (see page 23).

HTTP HTTP (Hypertext Transfer Protocol) is the underlying protocol used by the World Wide Web. HTTP defines how messages are formatted and transmitted, and what actions web servers and browsers should take in response to commands.

HTTPHeaderDecorator The Introscope HTTPHeaderDecorator augments HTTP response headers for .NET agents. This capability allows CA CEM to display application server details for defective transactions and to present hyperlinks from defect and incident detail pages to transaction traces in the Workstation Investigator.

28 Glossary

The GUID is used as the transaction identifier, matching transactions monitored in CA CEM with transactions that the Introscope Transaction Tracer has captured. HTTPHeaderDecorator is an Introscope agent extension. See also: GUID (see page 26), ServletHeaderDecorator (see page 44), Transaction Tracer (see page 54)

HTTPS HTTPS (Hypertext Transfer Protocol Secured) is a standard URL convention that indicates the HTTP session is communicating using the SSL (secure sockets layer) protocol. See also: SSL (see page 47)

identifying component The identifying component is the first transaction component in the transaction component set. The identifying component uniquely identifies the start of a transaction. An identifying component must not be a component of any other transaction.

Note: A redirect can appear as the first component in a transaction recording, yet it is not the identifying component. See also: transaction hierarchy (see page 51)

identifying transaction The identifying transaction is the first transaction in a business transaction set. The identifying transaction uniquely identifies the start of a business transaction. An identifying transaction must not be a transaction of any other business transaction. See also: transaction hierarchy (see page 51)

impact level The impact level, or cost to the business, can be set in CA CEM at several levels. The business impact of a defect depends on the impact level of these factors:

Transaction that is associated with the defect.

Defect type.

User that executed the defective transaction.

Each impact level has a corresponding value, or weight, which is used in calculating business impacts. These numerals are the weights:

0 ignore

1 minimum

2 very low

3 low

4 medium (the default)

5 high

Glossary 29

6 critical

7 trigger immediately (forces a moderate incident immediately) The business impact weights appear on the Impact Leaders and Defects pages.

By default, the user impact level setting is inherited from the user-group setting for the user the executed the transaction. By default, the transaction impact level setting is inherited from the business service setting for the transaction, which in turn is inherited from the CA CEM domain setting. See also: business impact (see page 15), impact threshold (see page 29), incident (see page 29)

impact threshold The impact threshold is a trigger point for incidents and for evidence collection. Values, or weights, are set at the CA CEM domain level for three thresholds:

Moderate (default = 1000)

Severe (default = 2500)

Critical (default = 5000) When an impact threshold is exceeded for an incident, then the severity state changes. Escalating impact thresholds can also initiate evidence collection, or automated actions such as the creation of a trouble ticket. See also: evidence collection (see page 25), impact level (see page 28), incident business impact (see page 29), incident severity (see page 30)

incident A CA CEM incident represents a group of defects that are correlated based on transaction type and defect type. Incidents represent business-affecting problems that have affected enough end users that the business must act to correct the problem.

incident business impact The incident business impact is calculated by adding all the business impacts of the defects that are included in the incident. CA CEM Calculation: incident business impact = defect1 business impact + defect2 business impact ... + defectn business impact See also: defect business impact (see page 21), impact threshold (see page 29)

incident cost The CA CEM administrator sets an incident cost (in currency) that is applied to all open (active) incidents. For example, if an incident affects 10 users for 45 minutes and the incident cost is set to $1, the total cost of the incident is calculated as 10 * 45 * 1 or $450. Incident cost is used to estimate the cost of poor quality on the business. Incident cost can include direct costs such as lost productivity and indirect costs such as loss of reputation and goodwill. The incident cost does not include any user activity that has been assigned to the group of unspecified users. The incident cost can be used to calculate lost value (or revenue) for each incident. CA CEM Calculation: incident cost = cost-per-user-per-minute * number of users * incident duration in minutes

30 Glossary

Used in CA CEM Calculation: net IT value add = IT value - incident cost See also: IT value (see page 32), net IT value add (see page 38)

incident severity The incident severity reflects the seriousness of the incident and its related defects. The possible incident severity states are:

low the incident has been generated but no threshold has been exceeded

moderate the moderate threshold has been exceeded

severe the severe threshold has been exceeded

critical the critical threshold has been exceeded

See also: defect (see page 20), impact threshold (see page 29), incident business impact (see page 29)

incident state The incident state reflects the status of the incident and its related defects. These incident states are possible:

Pending has at least one defect; the moderate threshold is not yet exceeded, or incident generating rules have not yet been met.

Open the moderate threshold has been exceeded and it is not closed.

Closed the CA CEM operator has closed this incident.

Aged out the incident age-out rules have been met. See also: incident severity (see page 30), pending incident (see page 39)

incident threshold See impact threshold (see page 29).

incident, pending See pending incident (see page 39).

instrumented Application code is instrumented when ProbeBuilder inserts probes, within the byte code, to send metrics to the agent. See also: agent (see page 9), AutoProbe (see page 12), managed application (see page 34), ProbeBuilder (see page 41)

Introscope Introscope product. Introscope is an enterprise application performance management solution that enables you to monitor complex web applications in production environments 24x7, detect problems before they affect your customers, and resolve these issues quickly and collaboratively. See also: agent (see page 9), Enterprise Manager (EM) (see page 24), metric, Introscope (see page 36)

Glossary 31

Introscope-enabled See instrumented (see page 30), managed application (see page 34).

Investigator, Workstation The Workstation Investigator allows you to view application and system status, to search, and to browse metric data using a tree structure. You can have more than one Investigator window open at the same time. See also: Console, Workstation (see page 19); Workstation (see page 56)

IP address The IP address (Internet protocol address) is an identifier for a computer or device on a TCP/IP network. Networks using the TCP/IP protocol route messages based on the IP address of the destination. CA CEM reports the IP address of the client computer and the IP address of the server for all defects. This information can be useful during the problem resolution process where the cause of a problem can be isolated to a single server or a single network location. If the client computer is behind a proxy server, the client IP address reported is the proxy server address. You can use the TIM setting called ProxyForwardHeader to change this, if the actual client IP address is contained in the request. The ProxyForwardHeader setting specifies the header that contains the client IP address. See also: IP subnet (see page 31), MAC address (see page 34)

IP subnet An IP subnet is a portion of a TCP/IP network where all devices have the same IP address prefix. For example, all devices with IP addresses that start with 111.222.333.nnn would be part of the same subnet. See also: IP address (see page 31)

IPv4 IPv4 (Internet Protocol version 4) is the fourth iteration of the Internet Protocol (IP) and it is the first version of the protocol to be widely deployed. IPv4 is a data-oriented protocol to be used on a packet switched network (for example, Ethernet). IPv4 addresses are most commonly represented in dot-decimal notation, for example, 172.16.10.1. See also: IP address (see page 31), IPv6 (see page 31)

IPv6 IPv6 (Internet Protocol version 6) is a network layer that is designated to be the successor of IPv4, the current version of the Internet Protocol, for general use on the Internet. IPv6 addresses are often written as eight groups of four hexadecimal digits, for example, 3fff:ffff:0ed5:0000:0000:0000:2448:78eb. The IPv6 extended address length provides these capabilities:

32 Glossary

Allows greater flexibility in assigning addresses.

Eliminates the need to use network address translation to avoid address exhaustion.

Simplifies aspects of address assignment and renumbering when changing providers.

Here are the two aspects to IPv6 support in CA CEM:

Monitoring IPv6 network traffic.

Configuring the CA CEM and TIM to operate in an IPv6 network. See also: IP address (see page 31), IPv4 (see page 31)

IT value The CA CEM administrator can set an IT value per business transaction in currency (for example, $.010 per transaction) that is used to calculate the value that IT provides to the business by successfully delivering the transaction. The IT value quantifies the business value of successfully delivering transactions to customers on behalf of the business. CA CEM Calculation: IT Value = IT-value-per-business-transaction * number of business transactions Used in CA CEM Calculation: net IT value add = IT value - incident cost See also: incident cost (see page 29), net IT value add (see page 38)

IT value per business transaction See IT value (see page 32).

ITIL Information Technology Infrastructure Library.

J2EE See Java platform (see page 33).

Java Java is a programming language that Sun Microsystems originally developed. Java is a core component of the Sun Microsystems Java platform. Java applications are generally compiled to byte code that can run on any Java virtual machine (JVM) regardless of computer architecture. In other words, Java is not tied to any one processor or operating system. See also: Java agent (see page 32), Java platform (see page 33), Java Virtual Machine (JVM) (see page 33)

Java 2 Platform, Enterprise Edition (J2EE) See Java platform (see page 33).

Java agent The Java agent collects metrics in Java environments. See also: Java (see page 32), Java platform (see page 33), Java Virtual Machine (JVM) (see page 33)

Glossary 33

Java Database Connectivity (JDBC) Java Database Connectivity (JDBC) is a Java API that enables Java programs to execute SQL statements, allowing Java programs to interact with any SQL-compliant database. Because most relational database management systems support SQL, and because Java runs on most platforms, JDBC makes it possible to write a single database application that can run on different platforms and interact with different database management systems. See also: Java (see page 32)

Java Management Extension (JMX) Java Management Extension (JMX) is a universal, open extension of the Java language for management that can be deployed across all industries. JMX provides a way to manage and monitor applications, system objects, devices, and service-oriented networks. See also: Java (see page 32)

Java Messaging Service (JMS) Java Messaging Service (JMS) is a Java Message Oriented Middleware API for sending messages between two or more clients. JMS is a specification developed under the Java Community Process as JSR 914. See also: Java (see page 32)

Java platform The Java platform is the name of the development and runtime environment for programs written in the Java programming language, originally developed by Sun Microsystems. The Java platform is based on an execution engine called a Java virtual machine (JVM). See also: Java (see page 32), Java agent (see page 32), Java Virtual Machine (JVM) (see page 33), .NET Framework (see page 9)

Java Server Page (JSP) A Java Server Page (JSP) is a Java technology that allows software developers to dynamically generate HTML, XML, or other types of documents in response to a Web client request. The technology, originally developed by Sun Microsystems, allows Java code and certain pre-defined actions to be embedded into static content. The JSP syntax adds additional XML tags, called JSP actions, to be used to invoke built-in functionality. Additionally, the technology allows for the creation of JSP tag libraries that act as extensions to the standard HTML or XML tags. Tag libraries provide a platform independent way of extending the capabilities of a web server. JSPs are compiled into servlets by a JSP compiler. A JSP compiler may generate a servlet in Java code that is then compiled by the Java compiler, or it may generate byte code for the servlet directly. See also: Java (see page 32), servlet (see page 44), web server (see page 56)

Java Virtual Machine (JVM) A Java Virtual Machine (JVM) is a set of software programs and data structures that operate in a virtual environment that executes Java byte code. Originally developed by Sun Microsystems, the JVM is a critical component of the Java platform. See also: Java (see page 32), Java agent (see page 32), Java platform (see page 33)

34 Glossary

LeakHunter CA APM LeakHunter allows application support personnel to detect and diagnose the cause of memory leaks. See also: memory leak (see page 35)

listener port A listener port is used to simplify administration of the association between a connection factory, destination, and deployed message-driven bean.

live metric A live metric has actively reporting data from a specific agent. See also: dead metric (see page 20), metric, Introscope (see page 36)

logic time The logic time is the measure of time that the suspected Blame component program code takes to complete, based on Introscope reporting. See also: suspected Blame component (see page 48)

lower specification limit The lower specification limit, or LSL, is a numerical value defining the lowest acceptable value for the characteristic (for example, the lowest acceptable transaction throughput). See also: box-whisker graph (see page 14)

LSL See lower specification limit (see page 34).

MAC address The MAC address (Media Access Control address) is a hardware address that uniquely identifies each node of a network. CA CEM returns the MAC address in the response of the server for every defective transaction (when available). The MAC address can be useful during the problem resolution process when web servers are located behind a load balancer that masks the true identity of the web server at the IP level. For example, in Resonate load balancing environments, all web servers appear to have the same IP address. However, the MAC address sent in the response can uniquely identify the servers. See also: IP address (see page 31)

managed application When an instrumented web application is running, it is called a managed application. See also: instrumented (see page 30)

Management Module An Introscope Management Module contains a set of monitoring configuration information. Management Modules are listed for each domain, and contain elements. Elements are objects that contain and organize data with monitoring logic such as alerts, actions, and dashboards. See also: dashboard (see page 20), WebView (see page 56), Workstation (see page 56)

Glossary 35

Manager of Managers (MOM) The Introscope Manager of Managers (MOM) stores metrics as reported by multiple Enterprise Managers. Enterprise Manager clustering allows one Enterprise Managerthe MOMto manage other Enterprise Managers. Each of the managed Enterprise Managers, called Collectors, collects agent metrics and, in turn, relays those metrics to the MOM. See also: cluster (clustering) (see page 18), Collector (see page 19), Enterprise Manager (EM) (see page 24)

mean See average value (see page 12).

median value The median value is a single value representing a data distribution. The median value is preferred to the average value as a single-number representation of a distribution when the distribution is not a normal (bell curve) distribution. CA CEM Calculation: The middle point of a data set, where 50 percent of values are below, and 50 percent above this point.

Note: This is not the same as average value (see page 12).

memory leak A memory leak occurs when an application allocates increasing amounts of memory over time, and never frees it (or does not free all of it). For example, an application might repeatedly instantiate objects but never remove references to them, thereby preventing them from being removed through garbage collection. See also: garbage collection (see page 26), CA APM LeakHunter (see page 34)

memory, metric See metric, Introscope (see page 36).

metric clamp A metric clamp is a limit, or clamp, on the number of metrics on the agent and the Enterprise Manager that helps to prevent spikes in the number of reported metrics (metric explosions) on the Enterprise Manager. See also: agent (see page 9), clamp (see page 18), metric, Introscope (see page 36)

metric explosion A metric explosion occurs when new metrics appear in large numbers over a short time. Misconfigured metric definitions can cause metric metadata to change with metric value changes, and appear as new metrics. For example, variable strings in a SQL metric. Misconfigured agent connection properties for a set of new agents can cause thousands of new metrics to overload the Enterprise Manager. These situations can reduce performance. See also: metric leak (see page 36), agent (see page 9), clamp (see page 18), metric, Introscope (see page 36)

36 Glossary

metric grouping

Metric groupings are Management Module objects that save this information:

The agent expression -- a regular expression in Perl 5 that filters input to the metric by specifying the data up to and including the agent name.

The metric expression -- a regular expression in Perl 5 that specifies the resource (the chain of folders leading to the metric) and the metric.

The Management Module to which the metric grouping belongs.

metric leak A metric leak occurs when an Introscope misconfiguration results in agents reporting metrics for a limited time. This results in a gradual build-up of metric metadata without associated metric data. See also: metric explosion (see page 35), agent (see page 9), clamp (see page 18), metric, Introscope (see page 36)

metric throttle A metric throttle stops an agent when its metric output becomes excessive. See also: agent (see page 9), clamp (see page 18), metric, Introscope (see page 36)

metric, Introscope An Introscope metric is a measurement of application performance. Introscope metric types are:

bandwidth JVM and CLR-level file and socket activity

concurrency number of method invocations started but not yet finished

count number of method invocations to date

exception captures exceptions

memory memory allocated to the JVM or CLR in use, as related to garbage collection

rate number of method executions per second or time interval

response time average method execution time in milliseconds

stalled methods number of methods started but whose invocation times have exceeded a threshold

system logs monitors system out and system error output

threads number of instrumented threads

See also: metric clamp (see page 35), metric explosion (see page 35), metric throttle (see page 36)

Microsoft .NET agent See .NET agent (see page 9).

Glossary 37

mirrored port A mirrored port is a software feature of network routers and switches. See also: network tap (see page 38)

missing component A missing component defect is generated when a non-cacheable component of a transaction is missing. This means that a request for this component was not observed within the expected configurable time period (the default is 10 seconds). See also: cacheable (see page 16), missing transaction (see page 37), non-cacheable (see page 38)

missing response A missing response means that a request for a particular component was observed, but no response was observed within the expected configurable time period. The default time period is 60 seconds. See also: partial response (see page 39)

missing transaction A missing transaction defect is generated when a non-cacheable transaction of a business transaction is missing. This means that a request for this transaction was not observed within the expected configurable time period (the default is 10 seconds). See also: cacheable (see page 16), missing component (see page 37), non-cacheable (see page 38)

MOM failover Introscope MOM failover occurs when the MOM Enterprise Manager gets disconnected or goes down due to a hardware or network failure. The failover occurs when you have configured a second MOM Enterprise Manager to take over the first MOM Enterprise Manager. See also: Collector (see page 19), Enterprise Manager (EM) (see page 24), Manager of Managers (MOM) (see page 35)

monitor Agents monitor end-to-end web performance, Java components and their dependencies, CLR components and their dependencies, connections to backend systems, and resource levels (including third-party software) and application server resources. A CA CEM monitor is a Transaction Impact Monitor (TIM). TIMs monitor transactions and report defects and statistics to CA CEM. See also: agent (see page 9), synchronize all monitors (see page 49), TIM (Transaction Impact Monitor) (see page 50)

monitor, synchronize See synchronize all monitors (see page 49).

multibyte See character encoding (see page 17).

38 Glossary

net IT value add The net IT value add is the sum of the IT value for a time period minus the sum of the incident cost for the same time period. The net IT value add represents all the benefit IT delivered to the business by delivering good transactions minus all the cost to the business resulting from customer-affecting incidents. For example, if 100,000 transactions with an IT value of $.010 were successfully delivered in a day and a single incident with an IT cost of $450 occurred during that day the net IT value add would be (100,000 * $.010) - $450 = $550.00. CA CEM Calculation: net IT value add = IT value - incident cost Used in CA CEM Calculation: total business value = net IT value add + business value add See also: business value add (see page 16), incident cost (see page 29), IT value (see page 32), total business value (see page 50)

network tap A network tap is a hardware device that taps directly into the infrastructure cabling, creating copies of packets and forwarding them on to one or more destinations. See also: mirrored port (see page 37)

Network Time Protocol (NTP) Network Time Protocol (NTP) is one of the original Internet protocols, which is used for synchronizing computer system clocks via networks. NTP uses a hierarchical system of clock strata levels which define the distance from the reference clock and the associated accuracy.

node A node is where specific metric information is gathered together and displayed in the tree view of the Introscope Investigator (for example, the backends node or the CPU usage node). When the node is expanded, more detailed metric information can be viewed and searched. See also: Investigator, Workstation (see page 31), metric, Introscope (see page 36), Workstation (see page 56)

non-cacheable A non-cacheable transaction or component is one that the browser client or proxy server cannot cache. The TIM must observe the transaction or component when it is marked as non-cacheable. When it is missing, a missing component or missing transaction defect is generated and the transaction is marked as defective. See also: cacheable (see page 16), missing component (see page 37), missing transaction (see page 37)

NSM (Network and Systems Management) CA Network and Systems Management (CA NSM) product.

operating level agreement (OLA) An operating level agreement (OLA) is a contract between an IT organization and the internal groups for which it is managing one or more applications. The terms of the contract depend on the needs of the parties involved. OLAs are used to manage service commitments by IT groups for compliance.

Glossary 39

See also: service level agreement (SLA) (see page 44), service level objective (SLO) (see page 44)

opportunity An opportunity is any area within a product, process, service, or other system where a defect might occur. In general, more complex products mean more opportunities for defects. In CA CEM, an opportunity occurs every time a transaction or component must pass or fail a defect test. Depending on how many specifications are configured, this could be up to six opportunities per component (slow time fast time, low throughput, high throughput, content error, server error). Transactions could have up to seven opportunities since they also can have a missing component. See also: defect (see page 20), specification (see page 46)

parameter name pattern CA CEM includes several private parameters with the default configuration. The following are examples of parameter name patterns: pin, *ssn, *password, *passcode. (The asterisk "*" is a wildcard character.) See also: private parameter (see page 40)

parameter, transaction See transaction parameter (see page 52).

Pareto graph See defect Pareto graph (see page 21).

partial response A partial response means that a complete response was not observed for a particular component within the expected configurable time period (the default is 60 seconds). See also: missing response (see page 37)

pattern See parameter name pattern (see page 39) or transaction recorder (see page 52).

pending incident A pending incident has at least one defect, where incident generating rules have not yet been met, nor has an impact threshold been met. The CA CEM administrator provides system-wide settings and values that establish when an incident changes state from pending to open, or to aged-out. For example, an incident changes state when the number of defects within a period rises above a certain threshold, or if the combined business impact of its defects is above a certain threshold. See also: impact threshold (see page 29), incident state (see page 30)

per user per minute incident cost See incident cost (see page 29).

40 Glossary

percentile value The percentile value of a distribution is a number where a percentage of the distribution is less than or equal to that percentile value. For example, the 25th percentile (also referred to as the lower quartile) is where, at most, 25 percent of the data values fall below it. In another example, for a response time graph, the number at the 95th percentile means 95 percent of the transactions in that time period had a response time at that level or less. See also: box-whisker graph (see page 14)

performance metrics CA CEM performance metrics are measurements in terms of success rate, total, good, and defective. Performance metrics should be familiar to IT professionals and are calculated on transactions and business transactions. Performance metrics represent distributions as averages. See also: defective transaction (see page 21), good transaction (see page 26), success rate (see page 48), total business transactions (see page 50)

persistence Persistence refers to the characteristic of data that outlives the execution of the program that created it. Without this capability, data only exists in memory, and is lost when the memory loses power, such as on computer shutdown.

persistent collection A persistent collection is a way to save metrics for use with external tools such as Oracle; you can write persistent collections to flat CSV files or to a database.

platform A platform is a framework and collection of features that allows software to run and that can be used by different applicationsfor example, J2EE (Java 2 Platform, Enterprise Edition) is a platform. See also: Java platform (see page 33), .NET Framework (see page 9)

plug-in See extension (see page 25)

PowerPack See extension (see page 25)

private parameter A private parameter is a transaction parameter that the CA CEM administrator identifies as private for security or privacy reasons. The values for the identified parameters are masked with asterisks when observed in a transaction. CA CEM includes several private parameters with the default configuration, for example: pin, *ssn, *password, *passcode. (The asterisk "*" is a wildcard character.) CA CEM administrators can add to the list of private parameters. See also: transaction parameter (see page 52)

Glossary 41

probe A probe measures specific pieces of information about a web application without changing the business logic of the application. An agent is installed on the same computer as the instrumented web application. See also: agent (see page 9), instrumented (see page 30), ProbeBuilder (see page 41)

ProbeBuilder Introscope ProbeBuilder performs the instrumenting process, in which tracers, defined in ProbeBuilder Directives (PBD) files, identify the metrics an agent will gather from web applications and the virtual machines at run-time. See also: agent (see page 9), AutoProbe (see page 12), ProbeBuilder Directive (PBD) (see page 41)

ProbeBuilder Directive (PBD) ProbeBuilder Directive (PBD) files tell ProbeBuilder how to add probes, such as timers and counters, to .NET or Java components to instrument the web application. ProbeBuilder Directive files govern the specific metrics that agents report to the Enterprise Manager. Custom Directives can also be created to track classes and methods unique to specific web applications. See also: AutoProbe (see page 12), Enterprise Manager (EM) (see page 24), ProbeBuilder (see page 41), ProbeBuilder Lists (PBL) (see page 41)

ProbeBuilder Lists (PBL) A ProbeBuilder List (PBL) file contains a list of multiple ProbeBuilder Directive files. Multiple PBL files can refer to the same PBD files. See also: AutoProbe (see page 12), ProbeBuilder (see page 41), ProbeBuilder Directive (PBD) (see page 41)

ProbeBuilding, dynamic See dynamic instrumentation (see page 23).

promotion, transaction See transaction signature (see page 52).

quality metrics CA CEM quality metrics are measurements in terms of defects, opportunities, yield, Sigma, and DPMO. Quality metrics should be familiar to Quality professionals, whether within IT or without, and are calculated principally on opportunities. Quality metrics represent distributions as medians. See also: defect (see page 20), defects per million opportunities (DPMO) (see page 21), opportunity (see page 39), Sigma (see page 45), yield (see page 56)

RADV RADV is an acronym for Router Advertisement. In IPv6, router discovery can be accomplished via routers sending router advertisement messages, both on a regular basis, and in response to prompting of hosts with router solicitation messages. RADV can be used to announce IPv6 to the LAN (local area network).

42 Glossary

See also: IP address (see page 31), IPv6 (see page 31)

range In a box-whisker graph, the range is the interval between the minimum and maximum values. See also: box-whisker graph (see page 14)

rate, metric See metric, Introscope (see page 36).

realm See security realm (see page 44).

recorder The recorder tracks all web browser activity from a particular client computer (IP address) and is used to identify examples of the transaction to be monitored. The resulting transaction recording is used in the transaction definition process to simplify the process of creating transaction recognition and demarcation rules. See also: transaction recorder (see page 52), transaction signature (see page 52)

recorder, transaction See transaction recorder (see page 52).

report type In the CA CEM graphical analyses, the report type shows either a comparison of values (for example comparing defect types), or a time series, which compares transactions on a per-hour basis.

request-based transaction A request-based transaction is a business transaction that CA CEM identifies based on the HTTP request parameters. Response-based transactions extend from a request-based transaction. See also: response-based transaction (see page 43)

resource In the Java programming language, a resource is a piece of data that can be accessed by the code of an application. A web application can access its resources through Uniform Resource Locators, like web resources, but the resources are usually contained within the JAR file(s) of the web application. All metric information reporting through a single agent is organized under Resources. Resources can also contain sub-resources that further group metrics. See also: Workstation (see page 56)

response defect A response defect is a defect that can be identified by analyzing the responses of a transaction. Response defects are measured in terms of success rate, total, good, and defective.

Glossary 43

Response defects are detected by analyzing the HTTP header for the occurrence of an HTTP response code that indicates a defect has occurred. Response defects are also detected by analyzing the full content of the response for the occurrence of error messages or other content patterns indicating that a defect has occurred. See also: defect (see page 20)

response time, metric See metric, Introscope (see page 36).

response, missing See missing response (see page 37).

response, partial See partial response (see page 39).

response-based transaction A response-based transaction is a business transaction that CA CEM identifies based on the HTTP response parameters. A response-based transaction definition is extended from a request-based transaction definition. When you create a request-based transaction definition, it is independent of other definitions. However, the response-based transaction definition is dependent on and is built from the request-based transaction definition. See also: request-based transaction (see page 42)

rule set A rule set is regular expression patterns for parameter names/values that identify CA CEM transactions. The rule set is used to enable Introscope transaction traces. Each agent extension creates its own rule set based on parsed domain configuration information (CA CEM business transaction definitions), which it receives from the Enterprise Manager. See also: domain configuration (see page 22), Enterprise Manager (EM) (see page 24)

SARM Siebel SARM (Siebel Application Response Measurement) allows for response-time measurement of Siebel applications within a Siebel environment. CA CEM captures Siebel SARM correlation data, which can be used to query Siebel to gather evidence related to a specific user and transaction.

script recorder The script recorder is used to convert packet capture (pcap) files or HP LoadRunner VuGen log files into transaction recordings. See also: transaction recorder (see page 52)

SDK Software Developer Kit. See also: API (see page 10)

44 Glossary

security realm A security realm defines a source of users, security user groups, and access policies responsible for authenticating, authorizing, or authenticating and authorizing users. See also: EEM (see page 23)

security user group See user group, security (see page 55).

Service Desk CA Service Desk product.

service level agreement (SLA) The service level agreement (SLA) is a current and historical measure of an agreement between the service provider (for example, IT) and the customers (for example, a business unit or e-commerce customers). The SLA might be based on IT capabilities rather than customer expectations. See also: operating level agreement (OLA) (see page 38), service level objective (SLO) (see page 44)

service level objective (SLO) A service level objective is a mutually agreeable understanding between the business users of a system and the IT organization that manages the system. An SLO defines the measurable conditions that determine whether the service level agreement is being met. The categories of SLO measurements include:

Availabilitywhether the system is up and running or not.

Performancehow well the system is responding to, and keeping up with, user requests.

IT effectivenesshow well the IT organization responds when there is a problem. See also: operating level agreement (OLA) (see page 38), service level agreement (SLA) (see page 44)

servlet A servlet is a server-side Java program that provides additional features to the server. A servlet is a Java application that is different from applets, which runs on the server and generates HTML-pages that are sent to the client. Servlets can run on browsers that are not Java-enabled. See also: HTTP (see page 27), Java (see page 32), web server (see page 56)

ServletHeaderDecorator The Introscope ServletHeaderDecorator augments HTTP response headers from servlets for Java agents. This capability allows CA CEM to display application server details for defective transactions and to present hyperlinks from defect and incident detail pages to transaction traces in the Workstation Investigator. The GUID is used as the transaction identifier, matching transactions monitored in CA CEM with transactions that the Introscope Transaction Tracer captures. ServletHeaderDecorator is an agent extension.

Glossary 45

See also: GUID (see page 26), HTTPHeaderDecorator (see page 27), Transaction Tracer (see page 54)

set A