Manual Chapter :
Warehouse Topic: Access Product
Applies To:
Show Versions
BIG-IQ Centralized Management
- 7.1.0
Warehouse Topic: Access Product
Before BIG-IQ can display Access report data for a device, you must add the device to the BIG-IQ Centralized Management system, the system must discover the device, and a BIG-IQ user must enable the Access remote logging configuration on the device.
- Log in to the BIG-IQ system with your user name and password.
- At the top of the screen, selectConfiguration, then on the left side of the screen, click .
- Click the name of an Access group.A new screen displays the group's properties.
- Enter aPartition. The default isCommon. You can also enter a custom path to a partition you have created. Only users with access to a partition can view the objects that the partition contains. If the object resides in theCommonpartition, all users can access it.
- ClickShared resources.The screen displays a list of resources, withACCESS POLICIESselected.
- Select the type of resource that you want to change.The screen displays a list of resources of that type on the right.
- At the top of the screen, selectAccess Reporting.A Summary report (for all devices and a default timeframe) starts to generate and display.
- From the left, select any report that you want to run.
- All Managed DevicesIncludes all Access devices that are currently discovered.
- <- Select to include all devices in the Access group.Access group name>
- <- Select to include the devices in the cluster.Cluster display name>
- <- Select to include the device. You can select any device fromDevice name>Managed Devices,<, orAccess group name><.Cluster display name>
- From theTIMEFRAMElist, specify a time frame:
- Select a predefined time period - These range fromLast hourtoLast 3 months.
- Set a custom time period - SelectBetween,After, orBefore, and click the additional fields that display the set dates and times that support your selection.
- To save report data in a comma-separated values file, click theCSV Reportbutton.A CSV file downloads.
- To add this device to a new cluster:If a device is not a member of a Sync-Failover group that you configured to support an Active-Standby configuration for APM, do not add it to a cluster.If the device is the first member of a Sync-Failover group that you have added to the BIG-IQ system, add it to a new cluster. It does not matter whether this device is the Active or the Standby member of the group.
- From theCluster Display Namelist, selectCreate New, and then type a new name for this new cluster.A cluster name must be unique on the BIG-IQ system. It does not need to match the name of the Sync-Failover group on the BIG-IP device. However, ensuring some similarity between the names might be useful to you, because when you add the second member of the group, you must add it to the same cluster.
- Select an option from theDeployment Settings:
- Initiate BIG-IP DSC sync when deploying configuration changes (Recommended)Select this option to prompt BIG-IQ to start the DSC synchronization process so that any configuration change made to this device is synchronized with other members of the DSC. This option makes sure all members of the DSC have the most current configuration.
- Ignore BIG-IP DSC sync when deploying configuration changesSelect this option to have BIG-IQ deploy any configuration changes for this device to all cluster members. Use this option only if this device is not configured in a DSC Sync-Failover device group, or if any members of the cluster are disabled.
- To add this device to an existing cluster:If the device is the second member of a Sync-Failover group that you have added to the BIG-IQ system, add the device to the existing cluster for that Sync-Failover group.
- From theCluster Display Namelist, selectUse Existing, and then select the cluster from the list.
- Select an option from theDeployment Settings:
- Initiate BIG-IP DSC sync when deploying configuration changes (Recommended)Select this option to prompt BIG-IQ to push any configuration changes to this device to other members of the DSC. This option makes sure all members of the DSC have the most current configuration.
- Ignore BIG-IP DSC sync when deploying configuration changesSelect this option to have BIG-IQ deploy any configuration changes for this device to all cluster members. Use this option only if this device is not configured in a DSC Sync-Failover device group, or if any members of the cluster are disabled.
- For Access Policy Manager (APM), select theCreate a snapshot of the current configuration before importingcheck box to save a copy of the device's current configuration.You are not required to create a snapshot, but it is a good idea in case you have to revert to the previous configuration for any reason.
- For Local Traffic (LTM), select theCreate a snapshot of the current configuration before importingcheck box to save a copy of the device's current configuration.You are not required to create a snapshot, but it is a good idea in case you have to revert to the previous configuration for any reason.
- Click .The User Summary screen displays, showing detailed information for specific users.
- Click .The screen displays the SWG analytics screen. By default, the screen displays statistics from the past hour. You can adjust the time settings using the controls found at the top of the screen.
- Click .The Summary report is an example of the type of report that presents high-level data, and provides access to underlying data.BIG-IQ starts to generate and display a Summary report (for all devices and using a default timeframe).
- Click .BIG-IQ displays the list of alert rules configured on this system.
- Click .
- Click .BIG-IQ displays a list of all triggered alerts.
- Click .BIG-IQ opens the Authorization Server Performance screen.
- Click .BIG-IQ opens the Token Summary screen.
- Click .
- Click .
- Click .
- Click .
- Click .
- Click .The screen displays a list of active sessions for all devices.
- Click .A Summary report (for all devices and a default timeframe) starts to generate and display.
