F5 BIG-IP
Monitor F5 BIG-IP Physical and Virtual BIG-IP hardware and software solutions
Data Collection Setup
Metrics are collected via the iControl REST API.
Network Requirements
Port: 443 (TCP) HTTPS to the iControl F5 REST API.
Least Privileged User
F5 BIG-IP username/password with a minimum of Auditor user role with iControl REST API access.
To create a user with permissions to read REST, you must first create an Auditor user, then give the user REST permissions.
Associating a role with a user account
BIG-IP 11.x
-
To create a user account, use tmsh as shown in the following example
(tmos)# create iCR-user01 partition-access add { all-partitions { role manager } } password p4ssw0r6
-
To get the properties of the user account, make a GET request for all users, as shown in the following example.
GET https://localhost/mgmt/shared/authz/users
-
To get the reference to add, locate the user account in the response data and copy the value of the selfLink property.
"selfLink" : "https://localhost/mgmt/shared/authz/users/iCR-user01"
-
To add the user account to the role, use the PATCH method and specify the userReferences property with the link to the user account in the JSON body.
PATCH https://localhost/mgmt/shared/authz/roles/iControl_REST_API_User
{ "userReferences":[{"link":"https://localhost/mgmt/shared/authz/users/iCR-user01"}] }
The results of the previous operation show the changes to the userReferences array.
{
"name": "iControl_REST_API_User",
"userReferences": [
{
"link": "https://localhost/mgmt/shared/authz/users/iCR-user01"
} ],
"resources": [
{
"resourceMask": "/mgmt/tm/gtm/*/*/*/*",
"restMethod": "GET"
},
{
"resourceMask": "/mgmt/tm/auth/*/*/*",
"restMethod": "PUT"
}, ...
],
"generation": 3,
"lastUpdateMicros": 1.4049301550701e+15,
"kind": "shared:authz:roles:rolesworkerstate",
"selfLink": "https://localhost/mgmt/shared/authz/roles/iControl_REST_API_User"
}
Requesting a token for iControl REST authentication
BIG-IP 12.x-13.x
We do not have support for the API Key method of REST authentication. However, administrators of a BIG-IP system can still make REST requests using basic authentication.
Please note: F5 Administrator user required to collect all available metrics
System:
- CPU Idle Ticks
- CPU Usage Ticks: System
- CPU Usage Ticks: User
- Chassis Serial Number
- Memory Total
- Memory Used
- Platform
- Product
Device:
- syncState
Device Group:
- All metrics and resources (i.e., Device Groups will not exist without Administrator role)
LDAP Support (Optional)
LDAP is support as an authentication source. To Configured LDAP use the following instructions:
In the F5 Administration
-
Click System.
-
Click on Users.
-
Click Authentication.
-
Configure the values as necessary to support your domain.
Supported Versions
F5 BIG-IP: 11.6.0+
Connection Parameters
Name | Required? | Description |
---|---|---|
Host | Required | The F5 host to connect to. |
Port | The port for communication to the F5 Host. Default | |
Username | Required | |
Password | Required | |
SSL Configuration | The SSL mode to use when connecting to the target. Can be configured to not use SSL (No SSL), use SSL but do not verify the target's certificate (No Verify), and use SSL and verify the target's certificate (Verify). | |
Exclude Nodes and Pool Members | ||
Exclude Relationships | ||
Connection Timeout (s) | The number of seconds to allow for connecting to the target. |
Metrics
Application
Name | Description |
---|---|
Device Group | Device group running Application Service |
Full Path | BIG-IP defined unique full path |
Kind | BIG-IP defined type |
Name | User defined name |
Pool to Use | Server side pool load balancing requests |
Self Link | BIG-IP unique link and full path |
Template | Template applied to Application including security and monitoring rules |
Template Modified | Indicator of modifications made to out of the box template |
Traffic Group | Current traffic group service is applied to |
Device
Name | Description |
---|---|
Chassis ID | Chassis ID |
Edition | Edition type |
Failover State | Failover state |
Full Path | BIG-IP System full path of the device |
Host Name | Hostname used for dns |
Kind | Kind of Device |
Management IP | IP to access the Management Console |
Marketing Name | Marketing name defined for the device |
Name | Name of the Device |
Platform ID | Unique ID for the Type of Platform |
Product | Product Name of the device |
Self Device | Identifier of the Self Device |
Self Link | Internal Link defining the Device object in BIG-IP |
Short Name | Short name of device |
Sync State | Synchronization state of the BIG-IP Device to the cluster |
Version | Version of the BIG-IP System device |
Device Group
Name | Description |
---|---|
Auto Sync | Auto Sync Setting |
Description | User defined Description |
Full Path | BIG-IP System full path |
Kind | Kind of Group |
Name | User defined Name |
Network Failover | Network Failover Type |
Self Link | Internal Link defining the Device Group object in BIG-IP |
Sync State | Current Sync State |
Type | Type of Group |
Disk
Name | Description |
---|---|
Free Space (Mebibytes) | Free space for the active disk |
Full Path | BIG-IP System path for the disk |
Kind | Type of Disk |
Mode | Current Usage mode of the disk |
Name | Name of the Disk |
Self Link | Internal Link defining the Disk object in BIG-IP |
Size (Mebibytes) | Size of the Disk |
Space In-Use (Mebibytes) | Used space for the active disk |
Space Reserved (Mebibytes) | Reserved space for the active disk |
GTM Pool
Name | Description |
---|---|
Alternate | Alternate |
Alternate Mode | Specifies the load balancing mode that the system uses to load balance name resolution requests among the members of this pool, if the preferred method is unsuccessful in picking a pool. Note that you can set the preferred method using the command sequence / gtm create pool [name] mode [name]. |
Application Service | The application service that the object belongs to. |
Availability State | Availability State |
Description | User defined description. |
Dropped | Dropped |
Dynamic Ratio | Enables or disables a dynamic ratio load balancing algorithm for this pool. This option is applicable only when you also configure the mode option for the pool with one of these dynamic load balancing modes: completion-rate, fewest-hops, kilobytes-per-second, least-connections, lowest-round-trip-times, quality-of-service, virtual-server-capacity, or virtual-server-score. When this option is disabled (the default} the system uses only the server or virtual server with the best metrics, or highest quality of service (QOS) score, for load balancing. When dynamic-ratio is enabled, the system treats QOS scores as ratios, and it uses each server or virtual server in proportion to the ratio determined by the QOS calculation. |
Enabled State | Enabled State |
Fallback | Fallback |
Fallback IP | Specifies the IP V6 address of the server to which the system directs requests in the event that the load balancing methods configured for this pool fail => return a valid virtual server. |
Fallback Mode | Specifies the load balancing mode that the system uses to load balance name resolution requests among the members of this pool, if the preferred and alternate modes are unsuccessful in picking a pool. Note that you can set the preferred mode using the command sequence / gtm create pool [name] mode [option], and the alternate-mode option using the command sequence: / gtm create pool [name] alternate-mode [option]. |
Limit Maximum Connections (Connections) | Specifies the number of current connections allowed for the virtual servers in the pool. If the current connections exceed this value, the system marks the pool as unavailable. |
Limit Maximum Connections Status | Enables or disables the limit-max-connections option for this pool. The default value is disabled. |
Limit Maximum Data (Bits per Second) | Specifies the maximum allowable data throughput rate, in bits per second, for the virtual servers in the pool. If the network traffic volume exceeds this value, the system marks the pool as unavailable. |
Limit Maximum Data Status | Enables or disables the limit-max-bps option for this pool. The default value is disabled. |
Limit Maximum Packets (Packets per Second) | Specifies the maximum allowable data transfer rate, in packets per second, for the virtual servers in the pool. If the network traffic volume exceeds this value, the system marks the pool as unavailable. |
Limit Maximum Packets Status | Enables or disables the limit-maximum-pps option for this pool. The default value is disabled. |
Load Balancing Disabled | Specifies that this pool is not available for load balancing. |
Load Balancing Enabled | Specifies that this pool is available for load balancing. |
Load Balancing Mode | Specifies the preferred load balancing mode that the system uses to load balance name resolution requests among the members of this pool. |
Manual Resume | Enables or disables manual-resume for this pool. If you leave this option disabled (the default} then a member of this pool automatically becomes available for load balancing when its status changes from down => up. When manual-resume is enabled, if the status of a member of this pool changes from up to down, the pool member remains disabled indefinitely until you manually re-enable it. |
Maximum Answers Returned | Specifies the maximum number of available pool members added to a DNS response. |
Metadata | User defined generic data for the pool. It is a name and value pair. |
Monitor | Specifies the health monitors that the system uses to determine whether it can use this pool for load balancing. |
Name | Name |
Partition | Specifies the partition within which this object resides. |
Pool Type | Type of Pool |
Preferred | Preferred |
QOS Hit Ratio | Assigns a weight to the Hit Ratio performance factor for the Quality of Service dynamic load balancing mode. to use this option, you must set the load-balancing-mode option to quality-of-service. |
QOS Hops | Assigns a weight to the Hops performance factor for the Quality of Service dynamic load balancing mode. to use this option, you must set the load-balancing-mode option to quality-of-service. |
QOS Link Capacity | Assigns a weight to the Link Capacity performance factor for the Quality of Service dynamic load balancing mode. to use this option, you must set the load-balancing-mode option to quality-of-service. |
QOS Packet Rate | Assigns a weight to the Packet Rate performance factor for the Quality of Service dynamic load balancing mode. to use this option, you must set the load-balancing-mode option to quality-of-service. |
QOS Round Trip Time | Assigns a weight to the Round Trip Time performance factor for the Quality of Service dynamic load balancing mode. to use this option, you must set the load-balancing-mode option to quality-of-service. |
QOS Throughput Weight (Kilobytes per Second) | Assigns a weight to the Kilobytes per Second performance factor for the Quality of Service dynamic load balancing mode. to use this option, you must set the load-balancing-mode option to quality-of-service. |
QOS Topology | Assigns a weight to the Topology performance factor for the Quality of Service dynamic load balancing mode. to use this option, you must set the load-balancing-mode option to quality-of-service. |
QOS Virtual Server Capacity | Assigns a weight to the Virtual Server performance factor for the Quality of Service dynamic load balancing mode. to use this option, you must set the load-balancing-mode option to quality-of-service. |
QOS Virtual Server Score | Assigns a weight to the Virtual Server Score performance factor for the Quality of Service dynamic load balancing mode. to use this option, you must set the load-balancing-mode option to quality-of-service. |
Return From DNS | Return From DNS |
Return To DNS | Return To DNS |
Self Link | The endpoint => the resource. |
Status Reason | Status Reason |
Time to Live | Specifies the number of seconds that the IP address, once found, is valid. Once the time-to-live (TTL) expires, the client has to request the IP address resolution again. The valid values are 0 through 4294967295; the default value is 30. |
tmName | tmName |
Type | The Type of the Gtm Pool |
Verify Member Availability | Specifies that the system verifies the availability of the members before sending a connection to those resources. The default value is enabled. |
GTM Pool Member
Name | Description |
---|---|
Alternate | Alternate |
Application Service | The application service that the object belongs to. |
Availability State | Current availability from the BIG-IP System |
Depends On | Depends On |
Description | User defined description. |
Enabled State | Current enabled state from the BIG-IP System |
Fallback | Fallback |
Flags | Specifies the resource record flags. Valid values are "a" or "s". |
Limit Maximum Connections (Connections) | Specifies the number of current connections allowed for this pool member. If the current connections exceed this value, the system marks this pool member as unavailable. |
Limit Maximum Connections Status | Enables or disables the limit-max-connection option for this pool member. The default value is disabled. |
Limit Maximum Data (Bits per Second) | Specifies the maximum allowable data throughput rate, in bits per second, for the pool member. If the network traffic volume exceeds this value, the system marks the pool member as unavailable. |
Limit Maximum Data Status | Enables or disables the limit-max-bps option for this pool member. The default value is disabled. |
Limit Maximum Packets (Packets per Second) | Specifies the maximum allowable data transfer rate, in packets per second, for this pool member. If the network traffic volume exceeds this value, the system marks this pool member as unavailable. |
Limit Maximum Packets Status | Enables or disables the limit-max-pps option for this pool member. The default value is disabled. |
Load Balancing Disabled | Specifies that this pool member is not available for load balancing |
Load Balancing Enabled | Specifies that this pool member is available for load balancing. |
Member Order | Specifies the order number of the pool member. The system uses this number with load balancing methods that involve prioritizing pool members, such as the Ratio load balancing method. |
Monitor | Enables or disables the monitor assigned to this pool member. |
Name | Name |
Order | Specifies the resource record order |
Pool Name | Pool Name |
Pool Type | Pool Type |
Port | Specifies the resource record port number |
Preference | Specifies the resource record preference |
Preferred | Preferred |
Priority | Specifies the resource record priority |
Ratio | Specifies the weight of the pool member for load balancing purposes. |
Self Link | Internal Link defining the Pool Member object in BIG-IP |
Server Name | Server Name |
Service | Specifies the resource record service |
Static Target | Specifies whether this member points to a wide IP or is a static dname |
Status Reason | Status Reason |
Type | The Type of the Gtm Pool Member. |
Virtual Server Name | Virtual Server Name |
Weight | Specifies the resource record weight |
Module
Name | Description |
---|---|
CPU Provisioned (%) | The amount of CPU provisioned for the module |
Disk Provisioned (Mebibytes) | The amount of disk space provisioned for the module |
Full Path | The Full path of the Module on the BIG-IP System |
Host Memory Provisioned (Mebibytes) | The amount of Host memory provisioned for the module |
Kind | The Type of Module |
Memory Provisioned (Mebibytes) | The amount of Memory provisioned for the module |
Name | The Name of the Module |
Provisioning Level | The provisioning Level of the Module on the BIG-IP System |
Self Link | Internal Link defining the Module object in BIG-IP |
Node
Name | Description |
---|---|
Availability State | Current BIG-IP availability state to the Node |
Current Connections (Connections) | Current number of network connections from BIG-IP |
Current Sessions (Sessions) | Current number of sessions |
Data In (Bits) | The amount of data received from the BIG-IP Node |
Data Out (Bits) | The amount of data sent to the BIG-IP Node |
Enabled State | Current BIG-IP enabled state |
FQDN | FQDN of node |
Full Path | BIG-IP full path identification |
IP Address | BIG-IP network address to send to the node |
Kind | Type of Node in BIG-IP |
Maximum Connections (Connections) | Current highest number of network connections reported from BIG-IP |
Monitor Rule | BIG-IP Health Monitor rule |
Monitor Status | Current Health Monitor rule status |
Name | User defined name |
Packets In (Packets) | The number of packets received from the BIG-IP Node |
Packets Out (Packets) | The number of packets sent to the BIG-IP Node |
Requests (Requests) | Current number of requests over the last collection from BIG-IP |
Self Link | BIG-IP System internal link and full path for the Node |
Session Status | Current status of the session |
Short Name | Short name of node |
State | Current BIG-IP State |
Status Reason | BIG-IP reason for the current status |
Pool
Name | Description |
---|---|
Active Member Count | Number of active pool members |
Availability State | Current availability state |
Current Connections (Connections) | Current number of connections |
Data In (Bits) | The amount of data received from the BIG-IP Pool |
Data Out (Bits) | The amount of data sent to the BIG-IP Pool |
Description | User defined Description |
Enabled State | Current enabled state, can be user defined |
Full Path | BIG-IP System full path |
Kind | Kind of Pool |
Load Balancing Mode | Current Load Balancing Mode |
Maximum Connections (Connections) | Current max number of connections seen at one point |
Monitor Rule | Current Health Monitoring Rule applied |
Name | User defined name |
Packets In (Packets) | The number of packets received from the BIG-IP Pool |
Packets Out (Packets) | The number of packets sent to the BIG-IP Pool |
Requests (Requests) | The total number of requests to the Pool |
Self Link | Internal Link defining the Pool object in BIG-IP |
Status Reason | Textual Property explaining the overall health reason |
Pool Member
Name | Description |
---|---|
Availability State | Current availability from the BIG-IP System |
Current Connections (Connections) | Current Connections |
Current Sessions (Sessions) | Current session count |
Data In (Bits) | The amount of data received from the BIG-IP Pool Member |
Data Out (Bits) | The amount of data sent to the BIG-IP Pool Member |
Enabled State | Enabled state of the Pool Member with regards to the parent pool |
Full Path | BIG-IP System full path to the Pool Member |
Kind | Pool Member Kind |
Maximum Connections (Connections) | Maximum Connections |
Monitor Rule | Health Monitoring rule applied to the pool member |
Monitor Status | Montior Status |
Name | Pool Member Name |
Node Name | Name of the node the Pool Member is using |
Packets In (Packets) | The number of packets received from the BIG-IP Pool Member |
Packets Out (Packets) | The number of packets sent to the BIG-IP Pool Member |
Pool Name | Name of the Pool the Pool Member belongs |
Port | Port the Pool Member listens on |
Requests (Requests) | Current number of requests over the last collection interval |
Self Link | Internal Link defining the Pool Member object in BIG-IP |
Session Status | Current session health status |
State | Current state |
Status Reason | Explanation of the current status |
SSL Certificate
Name | Description |
---|---|
Created By | User who created the Certificate |
Expiration Date | Expiration date of the Certificate |
Issuer | Certificate Issuer |
Key Type | Certificate Key Type |
Kind | Type of Certificate |
Name | Certificate Name |
Self Link | Internal Link defining the SSL Certificate object in BIG-IP |
Time Until Expiration (Days) | Time until Certificate will expire |
System
Name | Description |
---|---|
Average CPU Idle Utilization (%) | Average percentage of time the CPU is idle |
Average CPU Interrupt Request Utilization (%) | Average percentage of time the CPU is handling interrupt requests |
Average CPU IO Wait Utilization (%) | Average percentage of time the CPU is waiting on IO |
Average CPU Nice Level Utilization (%) | Average percentage of time the CPU is handling nice level processes |
Average CPU Soft Interrupt Request Utilization (%) | Average percentage of time the CPU is handling soft interrupt requests |
Average CPU Stolen Utilization (%) | Average percentage of time the CPU is handling reclaimed cycles by the hypervisor |
Average CPU System Utilization (%) | Average percentage of time the CPU is used by the kernel |
Average CPU User Utilization (%) | Average percentage of time the CPU is used by user processes |
Chassis Serial Number | Chassis Serial Number for the current device |
CPU Idle Ticks (per Second) | Amount of CPU ticks that the CPU was idle |
CPU Usage Ticks: System (per Second) | Amount of CPU ticks used by the kernel processes |
CPU Usage Ticks: User (per Second) | Amount of CPU ticks used by user processes |
Device Name | Name of the current device |
Host and Port | Host and Port combination we are using to connect to this BIG-IP System |
Memory Total (Mebibytes) | Total amount of Memory available on the current device |
Memory Used (Mebibytes) | Current Memory being used on the current device |
Platform | Platform of the current device |
Product | Product Name for the current device |
Virtual Server
Name | Description |
---|---|
Application Service | Current Application Service assigned |
Availability State | BIG-IP defined availability |
Current Connections (Connections) | Current number of connections from BIG-IP |
Data In (Bits) | The amount of data received from the BIG-IP Virtual Server |
Data Out (Bits) | The amount of data sent to the BIG-IP Virtual Server |
Destination | Destination address picked up by BIG-IP |
Enabled State | Current enabled state (disabled, enabled) |
Full Path | BIG-IP defined full path |
Kind | BIG-IP Type of Virtual Server |
Maximum Connections (Connections) | Highest number of connections from BIG-IP |
Name | User defined name |
Packets In (Packets) | The number of packets received from the BIG-IP Virtual Server |
Packets Out (Packets) | The number of packets sent to the BIG-IP Virtual Server |
Pool | Pool the Virtual Server uses for load balancing |
Requests (Packets) | Number of requests in the last collection interval to BIG-IP |
Self Link | The Self Link of the Virtual Server. |
Status Reason | Explanation of the current status |
Updated about 5 years ago