F5 BIG-IP LTM monitoring

Deprecation notice

This extension documentation is now deprecated and will no longer be updated. We recommend using the new F5 BIG-IP LTM extension for improved functionality and support.

Learn how to monitor F5 BIG-IP LTM devices using the F5 LTM ActiveGate extension.

Prerequisites

  • F5 BIG-IP LTM devices with iControl API support.
  • Credentials for F5 admin account or non-admin account with iControl_REST_API_User role. For F5 version 13.1+, any user with the access to the objects to monitor is sufficient. For more information, see K84925527: Overview of iControl permissions.
  • An Environment ActiveGate (version 1.155+) that has the ActiveGate plugin module installed, and isn't used for synthetic or mainframe monitoring.
    • ActiveGate version 1.175+ is ready to accept and run extensions. If you are running an earlier version of ActiveGate, see Install ActiveGate plugin module for instructions on installing the plugin module.
    • For Environment ActiveGate installation instructions, see Dynatrace ActiveGate.
    • One environment ActiveGate can typically support 30-50 F5 LTM devices.

Extension installation

  1. In Dynatrace Hub, select F5 BIG-IP.

  2. Select Download to get the extension ZIP file. Don't rename the file.

  3. Unzip the ZIP file to the plugin_deployment directory of your ActiveGate host.

  4. Restart the Dynatrace Remote Plugin Module service.

    • On Linux, restart the service using the following commands with admin rights: 
      systemctl restart remotepluginmodule.service
    • On Windows, run these two commands in a Command Prompt launched as Admin: 
      sc stop "Dynatrace Remote Plugin Module"
      sc start "Dynatrace Remote Plugin Module"

  5. In Dynatrace, go to Settings > Monitoring > Monitored technologies and select Add new technology monitoring > Add ActiveGate extension.

  6. Select Upload extension and upload custom.remote.python.f5rest.zip.

  7. Enter the endpoint information requested for connecting to F5 device:

    Setting

    Details

    Endpoint name

    Enter a meaningful endpoint name.

    Username

    The username for connecting to the iControl REST API. The account must be an admin account or non-admin account with the iControl_REST_API_User role).

    Password

    The account password.

    Use token authentication

    Use token authentication instead of direct connection (required for LDAP-integrated and non-admin users, but may also be used with admin accounts).

    Hostname/IP of management interface

    The hostname/IP where the management interface is listening, defaults to port 443 (HTTPS).

    Require a valid SSL certificate

    Select if a valid SSL certificate is required. Note that even if the certificate validation is disabled the extension will still communicate via HTTPS, if the device is configured for that.

    Path to a CA_BUNDLE file or directory

    The absolute path to self-signed certificates of trusted CAs.

Troubleshoot ActiveGate extensions

  • 404 error when connecting to F5?

    Starting in BIG-IP 11.6.0, a non-admin user account may be granted with the minimum permissions required to successfully query the iControl API (iControl_REST_API_User role). This role may be granted by a BIG-IP admin, using the following command:

    curl -sk -u <admin_username>:<admin_password> https://localhost/mgmt/shared/authz/roles/iControl_REST_API_User -H "Content-Type: application/json" -X PATCH -d '{ "userReferences":[{"link":"https://localhost/mgmt/shared/authz/users/<username>"}]}'

See also Troubleshoot ActiveGate extensions.

Metrics

The IP address of all network interfaces and the ports used by the services are automatically captured, as are the following metrics:

Device

  • Availability

Virtual servers (split by virtual server)

  • Status
  • Requests
  • Ephemeral/client-side connections
  • Ephemeral/client-side received bytes
  • Ephemeral/client-side transmitted bytes
  • Ephemeral/client-side received packets
  • Ephemeral/client-side transmitted packets
  • Ephemeral/client-side slow killed
  • Ephemeral/client-side evicted connections
  • CPU usage
  • Syncookie accepts
  • Syncookie rejects

Pools (split by pool)

  • Status
  • Requests
  • Connections
  • Received bytes
  • Transmitted bytes
  • Received packets
  • Transmitted packets
  • Member count
  • Current sessions

Nodes (split by node)

  • Status
  • Requests
  • Connections
  • Received bytes
  • Transmitted bytes
  • Received packets
  • Transmitted packets

Rules (split by rule)

  • Executions
  • Aborts
  • Failures

Network interfaces (split by interface)

  • Status
  • Received bytes
  • Transmitted bytes
  • Received packets
  • Transmitted packets
  • Dropped packages
  • Errors

Client and server SSL (split by profile)

  • Common connections
  • Native connections
  • Fatal alerts
  • Secure handshakes
  • Handshake failures
  • Insecure handshake accepts
  • Insecure handshake rejects
  • Insecure renegotiation rejects
  • Requests (split by protocol)

Disks (split by disks)

  • Free
  • Used
  • Reserved

CPU (split by CPUs)

  • Idle
  • IO wait
  • IRQ
  • Soft IRQ
  • Stolen
  • System
  • User

Memory

  • Total
  • Used

HTTP stats (split by profiles)

  • GET/POST requests
  • 2xx responses
  • 3xx responses
  • 4xx responses
  • 5xx responses

Related topics