F5 BIG-IP

Monitor F5 BIG-IP Physical and Virtual BIG-IP hardware and software solutions

Data Collection Setup

Metrics are collected via the iControl REST API.

Network Requirements

Port: 443 (TCP) HTTPS to the iControl F5 REST API.

Least Privileged User

F5 BIG-IP username/password with a minimum of Auditor user role with iControl REST API access.

To create a user with permissions to read REST, you must first create an Auditor user, then give the user REST permissions.

Associating a role with a user account

BIG-IP 11.x

  1. To create a user account, use tmsh as shown in the following example
    (tmos)# create iCR-user01 partition-access add { all-partitions { role manager } } password p4ssw0r6

  2. To get the properties of the user account, make a GET request for all users, as shown in the following example.
    GET https://localhost/mgmt/shared/authz/users

  3. To get the reference to add, locate the user account in the response data and copy the value of the selfLink property.
    "selfLink" : "https://localhost/mgmt/shared/authz/users/iCR-user01"

  4. To add the user account to the role, use the PATCH method and specify the userReferences property with the link to the user account in the JSON body.

PATCH https://localhost/mgmt/shared/authz/roles/iControl_REST_API_User
{ "userReferences":[{"link":"https://localhost/mgmt/shared/authz/users/iCR-user01"}] }

The results of the previous operation show the changes to the userReferences array.

{
  "name": "iControl_REST_API_User",
  "userReferences": [
    {
      "link": "https://localhost/mgmt/shared/authz/users/iCR-user01"
} ],
  "resources": [
    {
      "resourceMask": "/mgmt/tm/gtm/*/*/*/*",
      "restMethod": "GET"
    },
    {
      "resourceMask": "/mgmt/tm/auth/*/*/*",
      "restMethod": "PUT"
}, ...
],
  "generation": 3,
  "lastUpdateMicros": 1.4049301550701e+15,
  "kind": "shared:authz:roles:rolesworkerstate",
  "selfLink": "https://localhost/mgmt/shared/authz/roles/iControl_REST_API_User"
}

Requesting a token for iControl REST authentication

BIG-IP 12.x-13.x

We do not have support for the API Key method of REST authentication. However, administrators of a BIG-IP system can still make REST requests using basic authentication.

πŸ“˜

Please note: F5 Administrator user required to collect all available metrics

System:

  • CPU Idle Ticks
  • CPU Usage Ticks: System
  • CPU Usage Ticks: User
  • Chassis Serial Number
  • Memory Total
  • Memory Used
  • Platform
  • Product

Device:

  • syncState

Device Group:

  • All metrics and resources (i.e., Device Groups will not exist without Administrator role)

LDAP Support (Optional)

LDAP is support as an authentication source. To Configured LDAP use the following instructions:
In the F5 Administration

  1. Click System.

  2. Click on Users.

  3. Click Authentication.

  4. Configure the values as necessary to support your domain.

1088

F5 Configuration Example

Supported Versions

F5 BIG-IP: 11.6.0+

Connection Parameters

NameRequired?Description
HostRequiredThe F5 host to connect to.
PortThe port for communication to the F5 Host. Default
UsernameRequired
PasswordRequired
SSL ConfigurationThe SSL mode to use when connecting to the target. Can be configured to not use SSL (No SSL), use SSL but do not verify the target's certificate (No Verify), and use SSL and verify the target's certificate (Verify).
Exclude Nodes and Pool Members
Exclude Relationships
Connection Timeout (s)The number of seconds to allow for connecting to the target.

Metrics

Application

NameDescription
Device GroupDevice group running Application Service
Full PathBIG-IP defined unique full path
KindBIG-IP defined type
NameUser defined name
Pool to UseServer side pool load balancing requests
Self LinkBIG-IP unique link and full path
TemplateTemplate applied to Application including security and monitoring rules
Template ModifiedIndicator of modifications made to out of the box template
Traffic GroupCurrent traffic group service is applied to

Device

NameDescription
Chassis IDChassis ID
EditionEdition type
Failover StateFailover state
Full PathBIG-IP System full path of the device
Host NameHostname used for dns
KindKind of Device
Management IPIP to access the Management Console
Marketing NameMarketing name defined for the device
NameName of the Device
Platform IDUnique ID for the Type of Platform
ProductProduct Name of the device
Self DeviceIdentifier of the Self Device
Self LinkInternal Link defining the Device object in BIG-IP
Short NameShort name of device
Sync StateSynchronization state of the BIG-IP Device to the cluster
VersionVersion of the BIG-IP System device

Device Group

NameDescription
Auto SyncAuto Sync Setting
DescriptionUser defined Description
Full PathBIG-IP System full path
KindKind of Group
NameUser defined Name
Network FailoverNetwork Failover Type
Self LinkInternal Link defining the Device Group object in BIG-IP
Sync StateCurrent Sync State
TypeType of Group

Disk

NameDescription
Free Space (Mebibytes)Free space for the active disk
Full PathBIG-IP System path for the disk
KindType of Disk
ModeCurrent Usage mode of the disk
NameName of the Disk
Self LinkInternal Link defining the Disk object in BIG-IP
Size (Mebibytes)Size of the Disk
Space In-Use (Mebibytes)Used space for the active disk
Space Reserved (Mebibytes)Reserved space for the active disk

GTM Pool

NameDescription
AlternateAlternate
Alternate ModeSpecifies the load balancing mode that the system uses to load balance name resolution requests among the members of this pool, if the preferred method is unsuccessful in picking a pool. Note that you can set the preferred method using the command sequence / gtm create pool [name] mode [name].
Application ServiceThe application service that the object belongs to.
Availability StateAvailability State
DescriptionUser defined description.
DroppedDropped
Dynamic RatioEnables or disables a dynamic ratio load balancing algorithm for this pool. This option is applicable only when you also configure the mode option for the pool with one of these dynamic load balancing modes: completion-rate, fewest-hops, kilobytes-per-second, least-connections, lowest-round-trip-times, quality-of-service, virtual-server-capacity, or virtual-server-score. When this option is disabled (the default} the system uses only the server or virtual server with the best metrics, or highest quality of service (QOS) score, for load balancing. When dynamic-ratio is enabled, the system treats QOS scores as ratios, and it uses each server or virtual server in proportion to the ratio determined by the QOS calculation.
Enabled StateEnabled State
FallbackFallback
Fallback IPSpecifies the IP V6 address of the server to which the system directs requests in the event that the load balancing methods configured for this pool fail => return a valid virtual server.
Fallback ModeSpecifies the load balancing mode that the system uses to load balance name resolution requests among the members of this pool, if the preferred and alternate modes are unsuccessful in picking a pool. Note that you can set the preferred mode using the command sequence / gtm create pool [name] mode [option], and the alternate-mode option using the command sequence: / gtm create pool [name] alternate-mode [option].
Limit Maximum Connections (Connections)Specifies the number of current connections allowed for the virtual servers in the pool. If the current connections exceed this value, the system marks the pool as unavailable.
Limit Maximum Connections StatusEnables or disables the limit-max-connections option for this pool. The default value is disabled.
Limit Maximum Data (Bits per Second)Specifies the maximum allowable data throughput rate, in bits per second, for the virtual servers in the pool. If the network traffic volume exceeds this value, the system marks the pool as unavailable.
Limit Maximum Data StatusEnables or disables the limit-max-bps option for this pool. The default value is disabled.
Limit Maximum Packets (Packets per Second)Specifies the maximum allowable data transfer rate, in packets per second, for the virtual servers in the pool. If the network traffic volume exceeds this value, the system marks the pool as unavailable.
Limit Maximum Packets StatusEnables or disables the limit-maximum-pps option for this pool. The default value is disabled.
Load Balancing DisabledSpecifies that this pool is not available for load balancing.
Load Balancing EnabledSpecifies that this pool is available for load balancing.
Load Balancing ModeSpecifies the preferred load balancing mode that the system uses to load balance name resolution requests among the members of this pool.
Manual ResumeEnables or disables manual-resume for this pool. If you leave this option disabled (the default} then a member of this pool automatically becomes available for load balancing when its status changes from down => up. When manual-resume is enabled, if the status of a member of this pool changes from up to down, the pool member remains disabled indefinitely until you manually re-enable it.
Maximum Answers ReturnedSpecifies the maximum number of available pool members added to a DNS response.
MetadataUser defined generic data for the pool. It is a name and value pair.
MonitorSpecifies the health monitors that the system uses to determine whether it can use this pool for load balancing.
NameName
PartitionSpecifies the partition within which this object resides.
Pool TypeType of Pool
PreferredPreferred
QOS Hit RatioAssigns a weight to the Hit Ratio performance factor for the Quality of Service dynamic load balancing mode. to use this option, you must set the load-balancing-mode option to quality-of-service.
QOS HopsAssigns a weight to the Hops performance factor for the Quality of Service dynamic load balancing mode. to use this option, you must set the load-balancing-mode option to quality-of-service.
QOS Link CapacityAssigns a weight to the Link Capacity performance factor for the Quality of Service dynamic load balancing mode. to use this option, you must set the load-balancing-mode option to quality-of-service.
QOS Packet RateAssigns a weight to the Packet Rate performance factor for the Quality of Service dynamic load balancing mode. to use this option, you must set the load-balancing-mode option to quality-of-service.
QOS Round Trip TimeAssigns a weight to the Round Trip Time performance factor for the Quality of Service dynamic load balancing mode. to use this option, you must set the load-balancing-mode option to quality-of-service.
QOS Throughput Weight (Kilobytes per Second)Assigns a weight to the Kilobytes per Second performance factor for the Quality of Service dynamic load balancing mode. to use this option, you must set the load-balancing-mode option to quality-of-service.
QOS TopologyAssigns a weight to the Topology performance factor for the Quality of Service dynamic load balancing mode. to use this option, you must set the load-balancing-mode option to quality-of-service.
QOS Virtual Server CapacityAssigns a weight to the Virtual Server performance factor for the Quality of Service dynamic load balancing mode. to use this option, you must set the load-balancing-mode option to quality-of-service.
QOS Virtual Server ScoreAssigns a weight to the Virtual Server Score performance factor for the Quality of Service dynamic load balancing mode. to use this option, you must set the load-balancing-mode option to quality-of-service.
Return From DNSReturn From DNS
Return To DNSReturn To DNS
Self LinkThe endpoint => the resource.
Status ReasonStatus Reason
Time to LiveSpecifies the number of seconds that the IP address, once found, is valid. Once the time-to-live (TTL) expires, the client has to request the IP address resolution again. The valid values are 0 through 4294967295; the default value is 30.
tmNametmName
TypeThe Type of the Gtm Pool
Verify Member AvailabilitySpecifies that the system verifies the availability of the members before sending a connection to those resources. The default value is enabled.

GTM Pool Member

NameDescription
AlternateAlternate
Application ServiceThe application service that the object belongs to.
Availability StateCurrent availability from the BIG-IP System
Depends OnDepends On
DescriptionUser defined description.
Enabled StateCurrent enabled state from the BIG-IP System
FallbackFallback
FlagsSpecifies the resource record flags. Valid values are "a" or "s".
Limit Maximum Connections (Connections)Specifies the number of current connections allowed for this pool member. If the current connections exceed this value, the system marks this pool member as unavailable.
Limit Maximum Connections StatusEnables or disables the limit-max-connection option for this pool member. The default value is disabled.
Limit Maximum Data (Bits per Second)Specifies the maximum allowable data throughput rate, in bits per second, for the pool member. If the network traffic volume exceeds this value, the system marks the pool member as unavailable.
Limit Maximum Data StatusEnables or disables the limit-max-bps option for this pool member. The default value is disabled.
Limit Maximum Packets (Packets per Second)Specifies the maximum allowable data transfer rate, in packets per second, for this pool member. If the network traffic volume exceeds this value, the system marks this pool member as unavailable.
Limit Maximum Packets StatusEnables or disables the limit-max-pps option for this pool member. The default value is disabled.
Load Balancing DisabledSpecifies that this pool member is not available for load balancing
Load Balancing EnabledSpecifies that this pool member is available for load balancing.
Member OrderSpecifies the order number of the pool member. The system uses this number with load balancing methods that involve prioritizing pool members, such as the Ratio load balancing method.
MonitorEnables or disables the monitor assigned to this pool member.
NameName
OrderSpecifies the resource record order
Pool NamePool Name
Pool TypePool Type
PortSpecifies the resource record port number
PreferenceSpecifies the resource record preference
PreferredPreferred
PrioritySpecifies the resource record priority
RatioSpecifies the weight of the pool member for load balancing purposes.
Self LinkInternal Link defining the Pool Member object in BIG-IP
Server NameServer Name
ServiceSpecifies the resource record service
Static TargetSpecifies whether this member points to a wide IP or is a static dname
Status ReasonStatus Reason
TypeThe Type of the Gtm Pool Member.
Virtual Server NameVirtual Server Name
WeightSpecifies the resource record weight

Module

NameDescription
CPU Provisioned (%)The amount of CPU provisioned for the module
Disk Provisioned (Mebibytes)The amount of disk space provisioned for the module
Full PathThe Full path of the Module on the BIG-IP System
Host Memory Provisioned (Mebibytes)The amount of Host memory provisioned for the module
KindThe Type of Module
Memory Provisioned (Mebibytes)The amount of Memory provisioned for the module
NameThe Name of the Module
Provisioning LevelThe provisioning Level of the Module on the BIG-IP System
Self LinkInternal Link defining the Module object in BIG-IP

Node

NameDescription
Availability StateCurrent BIG-IP availability state to the Node
Current Connections (Connections)Current number of network connections from BIG-IP
Current Sessions (Sessions)Current number of sessions
Data In (Bits)The amount of data received from the BIG-IP Node
Data Out (Bits)The amount of data sent to the BIG-IP Node
Enabled StateCurrent BIG-IP enabled state
FQDNFQDN of node
Full PathBIG-IP full path identification
IP AddressBIG-IP network address to send to the node
KindType of Node in BIG-IP
Maximum Connections (Connections)Current highest number of network connections reported from BIG-IP
Monitor RuleBIG-IP Health Monitor rule
Monitor StatusCurrent Health Monitor rule status
NameUser defined name
Packets In (Packets)The number of packets received from the BIG-IP Node
Packets Out (Packets)The number of packets sent to the BIG-IP Node
Requests (Requests)Current number of requests over the last collection from BIG-IP
Self LinkBIG-IP System internal link and full path for the Node
Session StatusCurrent status of the session
Short NameShort name of node
StateCurrent BIG-IP State
Status ReasonBIG-IP reason for the current status

Pool

NameDescription
Active Member CountNumber of active pool members
Availability StateCurrent availability state
Current Connections (Connections)Current number of connections
Data In (Bits)The amount of data received from the BIG-IP Pool
Data Out (Bits)The amount of data sent to the BIG-IP Pool
DescriptionUser defined Description
Enabled StateCurrent enabled state, can be user defined
Full PathBIG-IP System full path
KindKind of Pool
Load Balancing ModeCurrent Load Balancing Mode
Maximum Connections (Connections)Current max number of connections seen at one point
Monitor RuleCurrent Health Monitoring Rule applied
NameUser defined name
Packets In (Packets)The number of packets received from the BIG-IP Pool
Packets Out (Packets)The number of packets sent to the BIG-IP Pool
Requests (Requests)The total number of requests to the Pool
Self LinkInternal Link defining the Pool object in BIG-IP
Status ReasonTextual Property explaining the overall health reason

Pool Member

NameDescription
Availability StateCurrent availability from the BIG-IP System
Current Connections (Connections)Current Connections
Current Sessions (Sessions)Current session count
Data In (Bits)The amount of data received from the BIG-IP Pool Member
Data Out (Bits)The amount of data sent to the BIG-IP Pool Member
Enabled StateEnabled state of the Pool Member with regards to the parent pool
Full PathBIG-IP System full path to the Pool Member
KindPool Member Kind
Maximum Connections (Connections)Maximum Connections
Monitor RuleHealth Monitoring rule applied to the pool member
Monitor StatusMontior Status
NamePool Member Name
Node NameName of the node the Pool Member is using
Packets In (Packets)The number of packets received from the BIG-IP Pool Member
Packets Out (Packets)The number of packets sent to the BIG-IP Pool Member
Pool NameName of the Pool the Pool Member belongs
PortPort the Pool Member listens on
Requests (Requests)Current number of requests over the last collection interval
Self LinkInternal Link defining the Pool Member object in BIG-IP
Session StatusCurrent session health status
StateCurrent state
Status ReasonExplanation of the current status

SSL Certificate

NameDescription
Created ByUser who created the Certificate
Expiration DateExpiration date of the Certificate
IssuerCertificate Issuer
Key TypeCertificate Key Type
KindType of Certificate
NameCertificate Name
Self LinkInternal Link defining the SSL Certificate object in BIG-IP
Time Until Expiration (Days)Time until Certificate will expire

System

NameDescription
Average CPU Idle Utilization (%)Average percentage of time the CPU is idle
Average CPU Interrupt Request Utilization (%)Average percentage of time the CPU is handling interrupt requests
Average CPU IO Wait Utilization (%)Average percentage of time the CPU is waiting on IO
Average CPU Nice Level Utilization (%)Average percentage of time the CPU is handling nice level processes
Average CPU Soft Interrupt Request Utilization (%)Average percentage of time the CPU is handling soft interrupt requests
Average CPU Stolen Utilization (%)Average percentage of time the CPU is handling reclaimed cycles by the hypervisor
Average CPU System Utilization (%)Average percentage of time the CPU is used by the kernel
Average CPU User Utilization (%)Average percentage of time the CPU is used by user processes
Chassis Serial NumberChassis Serial Number for the current device
CPU Idle Ticks (per Second)Amount of CPU ticks that the CPU was idle
CPU Usage Ticks: System (per Second)Amount of CPU ticks used by the kernel processes
CPU Usage Ticks: User (per Second)Amount of CPU ticks used by user processes
Device NameName of the current device
Host and PortHost and Port combination we are using to connect to this BIG-IP System
Memory Total (Mebibytes)Total amount of Memory available on the current device
Memory Used (Mebibytes)Current Memory being used on the current device
PlatformPlatform of the current device
ProductProduct Name for the current device

Virtual Server

NameDescription
Application ServiceCurrent Application Service assigned
Availability StateBIG-IP defined availability
Current Connections (Connections)Current number of connections from BIG-IP
Data In (Bits)The amount of data received from the BIG-IP Virtual Server
Data Out (Bits)The amount of data sent to the BIG-IP Virtual Server
DestinationDestination address picked up by BIG-IP
Enabled StateCurrent enabled state (disabled, enabled)
Full PathBIG-IP defined full path
KindBIG-IP Type of Virtual Server
Maximum Connections (Connections)Highest number of connections from BIG-IP
NameUser defined name
Packets In (Packets)The number of packets received from the BIG-IP Virtual Server
Packets Out (Packets)The number of packets sent to the BIG-IP Virtual Server
PoolPool the Virtual Server uses for load balancing
Requests (Packets)Number of requests in the last collection interval to BIG-IP
Self LinkThe Self Link of the Virtual Server.
Status ReasonExplanation of the current status