• State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 22 subscribers
  • Views 1188 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Is there a way to exclude specific domains from recording or playback?

ahbrook

In the last few weeks, we have seen a noticeable increase in our WPM generated alerts. As far as I can tell by looking at the screenshot errors and waterfall events, this is being caused by timeouts when trying to communicate with URLs from tracking pixels / analytics probes. Our latest one was due to a critical website we monitor starting to have linkedin related tracking pixels.

In our environment, Orion has an outbound NAT restriction in place as fallout from the Sunburst incident. When we originally set it up, all of Orion's interfaces could talk out to the internet without restriction. I think this is the root cause of the timeouts. Over time, we are working to re-IP our Orion instance to one that cannot communicate out to the internet in any circumstance, and any WPM monitors will need to go through proxy servers.

Even after we make that change, though, we find that the analytics trackers are just a bunch of noise that don't give us much benefit. The best answer would be to remove them from the websites, but that is obviously not something we are going to convince big companies to do.

So I was wondering if there was a way to tell our WPM playback servers that if they see a given DNS entry (like google, facebook, or linkedin) that they should just 100% ignore the request or fail it quickly and load the rest of the page properly.

Does anyone have any insights into ways this might be doable?

Parents
  • 0

    That's would be a very tricky thing to do...

    As far as I'm aware I don't believe there's a way within WPM explicitly to do that.

    BUT if inclined to pursue, take a look at the TCP waterfall chart within the transactions in WPM and gather a list of the domains that take a long time to load.

    You could use Windows hosts file edits in C:\Windows\System32\drivers\etc\hosts (see https://www.howtogeek.com/784196/how-to-edit-the-hosts-file-on-windows-10-or-11/).

    There's a section in this WPM troubleshooting guide that shows a way to add custom chromium command line switches to the WPM browser with a link to them. I don't see anything about blocking urls or domains, so unsure if that's useful here. See https://documentation.solarwinds.com/en/success_center/wpm/content/orionseumagtroubleshooting.htm.

    You may see unexpected results in playback as it would completely depend on how the website was developed (something we don't have control of) if that website could still load and function properly without those resources. Blocking them and/or blackholing the domains could yield strange or worse results.

    Good luck

Reply
  • 0

    That's would be a very tricky thing to do...

    As far as I'm aware I don't believe there's a way within WPM explicitly to do that.

    BUT if inclined to pursue, take a look at the TCP waterfall chart within the transactions in WPM and gather a list of the domains that take a long time to load.

    You could use Windows hosts file edits in C:\Windows\System32\drivers\etc\hosts (see https://www.howtogeek.com/784196/how-to-edit-the-hosts-file-on-windows-10-or-11/).

    There's a section in this WPM troubleshooting guide that shows a way to add custom chromium command line switches to the WPM browser with a link to them. I don't see anything about blocking urls or domains, so unsure if that's useful here. See https://documentation.solarwinds.com/en/success_center/wpm/content/orionseumagtroubleshooting.htm.

    You may see unexpected results in playback as it would completely depend on how the website was developed (something we don't have control of) if that website could still load and function properly without those resources. Blocking them and/or blackholing the domains could yield strange or worse results.

    Good luck

Children
No Data

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 200,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification SolarWinds Lab Link Customer Portal
About THWACK Blogs Federal & Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2021 SolarWinds Worldwide, LLC. All Rights Reserved.