Context
We wish to use "replay" web server access logs to generate load tests. JMeter had come to mind as I'd recently read blog posts about using jmeter in the cloud (e.g. firing up a number of Amazon EC2 instances to generate the load)
For years I had heard of JMeter's ability to replay access logs, but in reviewing this feature I found the following.
Access Log Sampler
DOES:
recreate sessions, i.e. handle the jsessionId token (thought it tries to approximate sessions by IP address);
DOES NOT:
handle POST data (even if you could configure apache/tomcat to write out post data to the access log, jmeter access log sampler only handles 'common' log format).
Post data would go a long way toward recreating actual load.
Additionally, the documentation describes the Access Log Sampler as "alpha code" even though it's 8 years old. It doesn't seem actively maintained. (That's longer than Gmail's beta.)
HttpPerf
Another blog post pointed me to the httpperf tool. I've started to read up on it:
blog: http://www.igvita.com/2008/09/30/load-testing-with-log-replay/
httpperf: http://code.google.com/p/httperf/
Summary
What's the best way to generate load testing 'scripts' from real user data?
What has worked best for you?
Pros and cons of various tools?
JMeter + HTTP Raw Request + Raw Data Source for me works well
I will describe how do we solve this problem using our own LT tool called Yandex Tank
It can handle simple access.log but only 'GET' requests, too. When there's a need to make other types of requests, we use other ammo formats (ammo is a file containing all the requests that we gonna send to our server). Example:
342
POST / HTTP/1.1^M
Host: xxx.xxx.xxx.xxx:8080^M
Connection: keep-alive^M
Keep-Alive: 300^M
Content-Type: multipart/form-data; boundary=AGHTUNG^M
Content-Length: 1400^M
Connection: Close^M
^M
--AGHTUNG^M
Content-Disposition: form-data; name="fp"; filename="fp_tank"^M
Content-Type: application/octet-stream^M
Content-Transfer-Encoding: binary^M
...
--AGHTUNG--^M
A number ('342') on the first line is the size of a following request. Request is in it's raw format. You could write a simple script in your favourite language that generates such ammo files from your access.log and then use it for load testing.
Such ammo format makes it really flexible. For example, this code generates ammo from FCGI logs (POST bodies are encoded in Base64). But on the other hand you will need to handle sessions manually.
You can easily replay access logs with POST data using ZebraTester. It has many plugins similar to JMeter and also ability to add inline scripts using which you can easily target POST payload, URLs, timestamps, etc. from the access logs. You can run load tests directly from the tool locally or copy the recorded script to the SaaS portal to run massive million virtual user load tests
Related
I am trying to run performance test using Jmeter for my client application which uses Signicat, a third part identity verification site for SSO login. I cannot get through with jmeter execution for login. There is a dynamic token appended in one of the http requests related to login but I cannot find it in any of the previous responses to correlate.
Has anybody tried Performance tests with Signicat or any other SSO login ? I appreciate any suggestions or leads. Thank you.
PS: I tried to monitor the traffic in fiddler while accessing the site . I don't see the token source there as well.
Unfortunately your question doesn't contain sufficient level of details.
If you're seeing the dynamic token there are following possible options:
It needs to be correlated (extracted from the previous response), the possible sources are:
URL (as a part of a redirect)
response headers
response body
It needs to be generated, if the dynamic value is being generated by client-side JavaScript JMeter won't be able to execute the JavaScript, you will have to replicate the code using JSR223 PreProcessor and preferably Groovy as the language in order to generate the same value as the real browser does
Looking into Connecting your application chapter there are several possible protocols/options and it will require rather a story than a chapter to provide comprehensive instructions on each of them:
for some of them like "Other third party software" it is not even possible doing this remotely without knowing the infrastructure and the authentication/authorization processes.
I am trying to do some basic performance testing on an app I look after.
I am using Jmeter and done the steps recorder and the same as following Jmeter tutorials on youtube, but I am getting stuck when I need put the variable into the X-CSRF-Token
The issue is I cant find X-CSRF-Token in the captured steps. Is it using some other form of authentication? Any suggestions for me as to other methods would be great.
If the post doesn't make much sense, I don't really have an in-depth knowledge of Jmeter or testing.
To find where the token appeared:
clear browser history
record your scenario using jmeter recording template
then in the view result tree located un HTTP(s) Test Script recorder, use the search field to find the first response in which it appears. You’ll need to add an extractor in the corresponding sampler
you ‘ll then be able to inject it using ${varName}
Depending on your server configuration this X-CSRF-Token can come in:
In the response HTML body
In the response headers, inspect HTTP Header Manager for any hard-coded values
As a HTTP Cookie (which is basically a header as well, however it will be much more convenient to get it from the HTTP Cookie Manager rather than from response headers)
So make sure to inspect all the tabs of the first request in the View Results Tree listener as this X-CSRF-Token guy can hide anywhere.
You can try an alternative way of recording a JMeter test, it can export test in "SmartJMX" mode with automatic detection and correlation of any dynamic parameters including but not limited to CSRF tokens so theoretically it can make your life easier, check out How to Cut Your JMeter Scripting Time by 80% guide for more information and technical details.
If you need further help you will have to provide more details, like full dump of 2 requests along with responses. You can use a sniffer tool like Wireshark or Fiddler to capture it.
I'm new to using Jmeter tool.
I have recorded my application using blazemeter (v3.1) and then trying to run that .jmx file in Jmeter, however I am running into an authorization issue and the script fails to run.
I have also tried setting my "HTTP Authorization Manager" with username, url, password but it does not help. If anyone can, please guide me on this Issue. Thanks.
As per 4 Things You Should Never Do with Your JMeter Script article:
Don’t run the script exactly as you recorded it
After recording your script, there is still some work to do before you run it. It’s necessary to correlate variables, parameterize and add elements, to faithfully simulate users.
There are too many ways of possible authentication implementation in your application, most probably you need to send some dynamic value along with credentials which can be fetched from the previous request.
Record your test scenario 2 times and compare recorded requests. Be careful as differences might be in response headers and URL, not only in response data. It makes sense to add View Results Tree listener directly to HTTP(S) Test Script Recorder - this way you will be able to see what data is captured by JMeter and amend its configuration so simulated request would look exactly like the request from the real browser.
I'm working on a simple web browser project that uses QtWebEngine.
What I want to is to log out the httpRequest and httpResponse data that transit in my browser. I only interest in http POST transitions.
In chrome's developer's tool, I can do this by go to Network tab, turn on Preserve log. What I need is
Headers>General>Request URL
>From Data (params of POST)
Response (the raw response data)
Since QtWebEngine uses Chromium, I suppose that most things that chrome can do can also be done in QtWebEngine.
How can I get the above three things using QtWebEngine?
If there is no obvious way to do that, can I write an extension to log them out and make QtWebEngine use this extension? I think in extension I can log out http request header but I have no idea of how to log out the response data.
Edit: I don't want to an external debug tool (like port the log to localhost:myport). I need to use those three pieces of data in my browser application.
Edit2:
chrome.devtools.network.onRequestFinished.addListener
Yes somehow I need this but how can I call this or receive a similar event with Qt5.7?
I'm serving up tiny little chunks of minimized javascript through Google App Engine, and I think the GZIP-unGZIP process is slowing me down unnecessarily. (To clarify, I'm sending them quickly to many different websites who request them and I've optimized most of the other parts of the process).
For reference the files are so small that the GZIP savings can be less then the "Content-Encoding: gzip" header.
However, from the documentation
If the client sends HTTP headers with the request indicating that the client can accept compressed (gzipped) content, App Engine compresses the response data automatically and attaches the appropriate response headers.
Is there a setting in app.yaml or somewhere that I can disable GZIP-ing? It must be possible since some files are served unzipped.
It's not currently possible to change this behavior from the server side (although, if you control the client, you can remove gzip from its Accept-Encoding header to accomplish the same thing)
There's an open bug about this with Google, and a team member has marked it "Acknowledged", but it doesn't look like there's been any action on it in the last year or so. You should probably add your voice to that ticket and star it for future notifications.