Why Siege?

So far, it's the simplest tool I've found to quickly benchmark response times. When I'm developing or tuning web/db servers, I want to quickly get a idea of the performance impact my changes are making. Tools like JMeter offer quite a bit more, but I appreciate the low barrier to entry for a tool like Siege. It's perfect when you just need to know if you're making performance better or worse, and Firebug isn't making it obvious. I should also note that it is very similar to Apache Bench, except that it can handle SSL, which ab cannot.

After running into trouble trying to use ApacheBench over SSL, I went ahead and gave Siege a try. Initially, I was very impressed as it handles SSL well and has some cool features that ab doesn't.

I didn't have any trouble getting it to work as an authenticated user using the -H flag to set the "Cookie" header, but I recently discovered that you can also provide a "login url" in your siegerc. This sounded great since that allows me to take one more bit of logic out of my wrapper script, but I couldn't get it to work.

After playing with the source a bit, I found a couple things.

First, in main.c, I found a hidden flag:

Using the -D flag will print out all request and response headers. Very helpful!

This illuminated that fact that although every response had a Set Cookie, no Cookie header was being sent back in the requests.