Manual Chapter : Monitoring Session Data

Applies To:

Show Versions Show Versions

BIG-IQ Centralized Management

  • 8.0.0, 7.1.0
Manual Chapter

Monitoring Session Data

Managing Sessions

About the session summary dashboard

BIG-IQ Centralized Management allows users to monitor data for all session requests managed by Access Policy Manager (APM). Use BIG-IQ to create a summary report for all sessions, as well as to view individual session details and log messages.

View and configure session summary reports

Before BIG-IQ can display Access report data for a managed BIG-IP device, you must first complete the following tasks:
  • Add the managed BIG-IP device to the BIG-IQ Centralized Management inventory
  • Discover and import the managed BIG-IP device
  • Have a BIG-IQ user enable Access remote logging configuration on the managed BIG-IP device
To discover and import a configuration and deploy configurations to a managed BIG-IP device, users must belong to one of the following RBAC roles:
  • Admin
  • Access Manager
  • Access Deployer
You can create session reports for any managed BIG-IP device with an APM configuration that has been discovered on the BIG-IQ system, whether or not the device is a member of an Access group. To create a report, you can select any combination of Access groups, clusters, and devices.
  1. Navigate to
    Monitoring
    DASHBOARDS
    Access
    Sessions
    Sessions Summary
  2. At the top left of the screen, from the
    ACCESS GROUP/DEVICES
    list, either select one of the first two options (
    All Devices
    and
    All Managed Devices
    ) or select one or more of the other options (
    <
    Access group name
    >
    ,
    <
    Cluster display name
    >
    , and
    <
    Device name
    >
    ).
    • All Devices
      Includes Access devices that are currently managed, and Access devices that were managed at one time but are not managed now. (A managed device is one that has been discovered with the APM service configuration.)
    • All Managed Devices
      Includes all Access devices that are currently discovered.
    • <
      Access group name
      >
      - Select to include all devices in the Access group.
    • <
      Cluster display name
      >
      - Select to include the devices in the cluster.
    • <
      Device name
      >
      - Select to include the device. You can select any device from
      Managed Devices
      ,
      <
      Access group name
      >
      , or
      <
      Cluster display name
      >
      .
  3. From the
    TIMEFRAME
    menu, specify a time frame:
    • Select a predefined time period. These range from
      Last hour
      to
      Last 3 months
      .
    • Set a custom time period. Select
      Between
      ,
      After
      , or
      Before
      , and click the additional fields that display the set dates and times that support your selection.
  4. To save report data in a comma-separated values (CSV) file, click the
    CSV Report
    button.
    The CSV file downloads.
  5. To refresh the data on this dashboard immediately, click
    Refresh
    . To configure an automatic refresh, click the arrow next to it and then select
    1 minute
    ,
    5 minutes
    , or
    10 minutes
    . You can also
    Disable
    automatic refresh from this menu.
  6. To view details for a specific session, click the ID under the
    Session ID
    column.
  7. Use the
    Log Levels
    menu to sort by message severity. Selecting
    Emergency
    will show only the most severe warnings, and selecting
    Debug
    will display the lowest severity messages.
  8. Select
    Close
    .

What data can you monitor from the Session Summary dashboard?

BIG-IQ Access allows you to monitor APM session data from the Sessions Summary dashboard. From this page, you can generate customizable and dynamic reports to monitor top-level content for all sessions. See the notes below to learn more about each category for which you can record data.

What charts are in the dashboard?

Value
Functionality
Local Time
Displays the date and time that the session was created.
Hostname
Displays the managed BIG-IP device name.
Cluster
Displays the High Availability (HA) cluster associated with the session.
Session ID
Click the Session ID to open the Session Details screen, displaying session details and session variables.
Session Duration
Displays the duration of time when the session was active.
Session Termination
Displays the local timestamp when the session was terminated.
Active
Displays a green dot if the session is active.
User Name
Displays the logon name used to start a session.
Virtual IP
Displays the IP address of the virtual server where the session started.
Client IP
Displays the IP address of the client that started the session.
Client OS
Displays the operating system of the client that started the session.
IP-Reputation
For a connection attempted from an IP address that exists in the IP reputation database on a device, specifies the category of IP reputation, or, Unknown when IP intelligence is not enabled on the BIG-IP device.
Continent
Displays the continent on which the client is located.
Country
Displays the country in which the client is located.
State
Displays the state or province in which the client is located.

Stopping sessions on BIG-IP devices from Access

Before BIG-IQ can display Access report data for a managed BIG-IP device, you must first complete the following tasks:
  • Add the managed BIG-IP device to the BIG-IQ Centralized Management inventory
  • Discover and import the managed BIG-IP device
  • Have a BIG-IQ user enable Access remote logging configuration on the managed BIG-IP device
To discover and import a configuration and deploy configurations to a managed BIG-IP device, users must belong to one of the following RBAC roles:
  • Admin
  • Access Manager
  • Access Deployer
You can stop currently active sessions on BIG-IP devices, using the Active sessions report on the BIG-IQ system.
  1. Click
    Monitoring
    DASHBOARDS
    Access
    Sessions
    Active
    .
    The screen displays a list of active sessions for all devices.
  2. To display sessions for particular devices, groups, or clusters only, select them from the
    ACCESS GROUP/DEVICE
    list at upper left.
    The screen displays the active sessions for the selected devices.
  3. To stop specific sessions only, select the sessions that you want to end and click
    Kill Selected Sessions
    .
  4. To stop all sessions, click
    Kill All Sessions
    .

What data can you monitor for active sessions?

BIG-IQ Access allows you to monitor APM session data for all active sessions. From this page, you can generate customizable and dynamic reports to monitor top-level content for all active sessions. See the notes below to learn more about each category for which you can generate data.

What charts are in the dashboard?

Value
Functionality
Local Time
Displays the date and time that the session was created.
Hostname
Displays the managed BIG-IP device name.
Cluster
Displays the high availability cluster associated with the session.
Session ID
Click the session ID to open the Session Details screen, displaying session details and session variables.
User Name
Displays the logon name of the user who initiated this session.
Virtual IP
Displays the IP address of the virtual server where the session started..
Client IP
Displays the IP address of the client that started the session.
IP Reputation
For a connection attempted from an IP address that exists in the IP reputation database on a device, specifies the category of IP reputation, or, when IP intelligence is not enabled on the device,
Unknown
.
Continent
Displays the country in which the client is located.
State
Displays the state or province in which the client is located.
Access Profile
Displays the access profile used by the BIG-IP device for this session.

About Access profile usage

Using BIG-IQ Centralized Management, you can monitor all session activity originating from the Access profiles (also known as per-session policies) that you configured. The session count displayed in BIG-IQ includes both established and failed sessions. Use this report to determine which Access profiles are being used most frequently by your users in order to determine or troubleshoot resource allocation.

View and configure Access profile reports

Before BIG-IQ can display Access report data for a managed BIG-IP device, you must first complete the following tasks:
  • Add the managed BIG-IP device to the BIG-IQ Centralized Management inventory
  • Discover and import the managed BIG-IP device
  • Have a BIG-IQ user enable Access remote logging configuration on the managed BIG-IP device
To discover and import a configuration and deploy configurations to a managed BIG-IP device, users must belong to one of the following RBAC roles:
  • Admin
  • Access Manager
  • Access Deployer
With BIG-IQ, you can generate reports for sessions, grouped by the Access profile used, in order to gain information about which Access profiles are being used most heavily. The session counts displayed on the dashboard include both established and failed sessions.
  1. Navigate to
    Monitoring
    DASHBOARDS
    Access
    Sessions
    Access Profile Usage
    .
  2. At the top left of the screen, from the
    ACCESS GROUP/DEVICES
    list, either select one of the first two options (
    All Devices
    and
    All Managed Devices
    ) or select one or more of the other options (
    <
    Access group name
    >
    ,
    <
    Cluster display name
    >
    , or
    <
    Device name
    >
    ).
    • All Managed Devices
      Includes all Access devices that are currently discovered.
    • <
      Access group name
      >
      Select to include all devices in the Access group.
    • <
      Cluster display name
      >
      Select to include the devices in the cluster.
    • <
      Device name
      >
      Select to include the device. You can select any device from
      Managed Devices
      ,
      <
      Access group name
      >
      , or
      <
      Cluster display name
      >
      .
  3. From the
    TIMEFRAME
    menu, specify a time frame:
    • Select a predefined time period. These range from
      Last hour
      to
      Last 3 months
      .
    • Set a custom time period. Select
      Between
      ,
      After
      , or
      Before
      , and click the additional fields that display the set dates and times that support your selection.
  4. To save report data in a comma-separated values (CSV) file, click the
    CSV Report
    button.
    The CSV file downloads.
  5. To refresh the data on this dashboard immediately, click
    Refresh
    . To configure an automatic refresh, click the arrow next to it and then select
    1 minute
    ,
    5 minutes
    , or
    10 minutes
    . You can also
    Disable
    automatic refresh from this menu.
  6. Under
    Top 5 Access Profiles By Session Count
    , select an Access profile from the top right corner of the chart to add or remove an Access profile from view.

What data can you monitor for the Access profile usage dashboard?

BIG-IQ Access allows you to monitor session data, grouped by Access profile used, from the Access Profile Usage dashboard. The session counts displayed on this dashboard include established and failed sessions. See the notes below to learn more about each category for which you can record data.

What charts are in the dashboard?

Value or Chart Title
Functionality
TOP 5 ACCESS PROFILES BY SESSION COUNT
View the most active Access profiles by number of sessions over time.
Name
Displays name of the Access profile.
Session Count
Displays the number of sessions for each Access profile over time.

About access control list reports

Using BIG-IQ, you may generate reports on session data for both user-defined and system-generated access control lists (ACLs). ACLs restrict user access to host and port combinations that are specified in access control entries (ACEs). You can create ACLs when configuring an Access Group, and BIG-IQ will also generate them automatically whenever you create a portal access resource, an app tunnel, or a a remote desktop configuration.
Generate reports on ACL usage by action count. You can also use BIG-IQ to view the session details associated with a particular ACL result, and view all log messages for both allowed and denied ACL results.

View and configure ACL usage reports

Before BIG-IQ can display Access report data for a managed BIG-IP device, you must first complete the following tasks:
  • Add the managed BIG-IP device to the BIG-IQ Centralized Management inventory
  • Discover and import the managed BIG-IP device
  • Have a BIG-IQ user enable Access remote logging configuration on the managed BIG-IP device
To discover and import a configuration and deploy configurations to a managed BIG-IP device, users must belong to one of the following RBAC roles:
  • Admin
  • Access Manager
  • Access Deployer
Use BIG-IQ to generate a chart to summarize the top Access Control Lists (ACLs) and a table with data for the top ACLs by action count.
  1. Navigate to
    Monitoring
    DASHBOARDS
    Access
    Sessions
    ACL
    ACL Usage
    .
  2. At the top left of the screen, from the
    ACCESS GROUP/DEVICES
    list, either select one of the first two options (
    All Devices
    and
    All Managed Devices
    ) or select one or more of the other options (
    <
    Access group name
    >
    ,
    <
    Cluster display name
    >
    , or
    <
    Device name
    >
    ).
    • All Managed Devices
      Includes all Access devices that are currently discovered.
    • <
      Access group name
      >
      Select to include all devices in the Access group.
    • <
      Cluster display name
      >
      Select to include the devices in the cluster.
    • <
      Device name
      >
      Select to include the device. You can select any device from
      Managed Devices
      ,
      <
      Access group name
      >
      , or
      <
      Cluster display name
      >
      .
  3. From the
    TIMEFRAME
    menu, specify a time frame:
    • Select a predefined time period. These range from
      Last hour
      to
      Last 3 months
      .
    • Set a custom time period. Select
      Between
      ,
      After
      , or
      Before
      , and click the additional fields that display the set dates and times that support your selection.
  4. Use the
    ACL Action Type
    dropdown to view results for one type of action.
    • Allow
      : Permit the traffic.
    • Continue
      : Skip checking against the remaining access control entries in this ACL and continue evaluation at the next ACL.
    • Discard
      : Drop the packet silently.
    • Reject
      : Drop the packet and send a TCP RST message on TCP flows or proper ICMP messages on UDP flows. Silently drop the packet on other protocols.
  5. To save report data in a comma-separated values (CSV) file, click the
    CSV Report
    button.
    The CSV file downloads.
  6. To refresh the data on this dashboard immediately, click
    Refresh
    . To configure an automatic refresh, click the arrow next to it and then select
    1 minute
    ,
    5 minutes
    , or
    10 minutes
    . You can also
    Disable
    automatic refresh from this menu.
  7. For the
    Top 5 ACLs
    chart, select the name of an ACL in order to remove it or add it to the chart view.

What data can you monitor for Access Control List usage?

BIG-IQ Access allows you to record and view Access Control List (ACL) usage data for an Access group or for a single managed BIG-IP device. See the notes below to learn more about the categories for which you can data.

What charts are in the dashboard?

Vale or Chart title
Functionality
TOP 5 ACLS
View the number of ACLs over time for each access profile. This chart will display data for a maximum of 5 ACLs.
Name
Displays name of the ACL.
Action Count
Displays the number of actions for each ACLs over time.

View and configure the ACL summary dashboard

Before BIG-IQ can display Access report data for a managed BIG-IP device, you must first complete the following tasks:
  • Add the managed BIG-IP device to the BIG-IQ Centralized Management inventory
  • Discover and import the managed BIG-IP device
  • Have a BIG-IQ user enable Access remote logging configuration on the managed BIG-IP device
To discover and import a configuration and deploy configurations to a managed BIG-IP device, users must belong to one of the following RBAC roles:
  • Admin
  • Access Manager
  • Access Deployer
Use BIG-IQ to create a summary report of sessions by Access Control List (ACL) result, and see specific information for each session in the report.
  1. Navigate to
    Monitoring
    DASHBOARDS
    Access
    Sessions
    ACL
    ACL Summary
    .
  2. At the top left of the screen, from the
    ACCESS GROUP/DEVICES
    list, either select one of the first two options (
    All Devices
    and
    All Managed Devices
    ) or select one or more of the other options (
    <
    Access group name
    >
    ,
    <
    Cluster display name
    >
    , or
    <
    Device name
    >
    ).
    • All Managed Devices
      Includes all Access devices that are currently discovered.
    • <
      Access group name
      >
      Select to include all devices in the Access group.
    • <
      Cluster display name
      >
      Select to include the devices in the cluster.
    • <
      Device name
      >
      Select to include the device. You can select any device from
      Managed Devices
      ,
      <
      Access group name
      >
      , or
      <
      Cluster display name
      >
      .
  3. From the
    TIMEFRAME
    menu, specify a time frame:
    • Select a predefined time period. These range from
      Last hour
      to
      Last 3 months
      .
    • Set a custom time period. Select
      Between
      ,
      After
      , or
      Before
      , and click the additional fields that display the set dates and times that support your selection.
  4. Select one of the options from the
    ACL Results
    dropdown menu to display sessions with a specific ACL result. By default, sessions with all ACL results display. You can show allowed results only or denied results only by showing the
    ACL RESULTS
    dropdown menu. Select
    All ACL Results
    to generate a report for sessions with all ACL results.
  5. To save report data in a comma-separated values (CSV) file, click the
    CSV Report
    button.
    The CSV file downloads.
  6. To refresh the data on this dashboard immediately, click
    Refresh
    . To configure an automatic refresh, click the arrow next to it and then select
    1 minute
    ,
    5 minutes
    , or
    10 minutes
    . You can also
    Disable
    automatic refresh from this menu.
  7. Click the blue session ID to open the Session Details screen, displaying session details and session variables.
  8. Use the
    Log Levels
    menu to sort by message severity. Selecting
    Emergency
    will show only the most severe warnings, and selecting
    Debug
    will display the lowest severity messages.
  9. Select
    Close
    .

What data can you monitor for Access Control List summary dashboard?

BIG-IQ Access allows you to record Access Control List (ACL) summary data for an Access group or for a single managed BIG-IP device. See the notes below to learn more about each category for which you can record data.

What charts are in the dashboard?

Property
Functionality
Local Time
Displays the date and time that the ACL was created.
HostName
Displays the BIG-IP device name.
Session ID
Click the session ID to open the Session Details screen, displaying session details and session variables.
ACL Result
Displays ACL result: Allow, Continue, or Reject.
Src IP
Displays the source IP address.
Src Port
Displays the source port number.
Dest IP
Displays the destination IP address.
Dest Port
Displays the destination port number.
Virtual IP
Displays the IP address of the virtual server where the ACL originated.
Scheme
Displays the authorization scheme that corresponds to the ACL.
Host
Displays the host network that corresponds to the ACL.
Path
Displays the path to which the ACL belongs.
Partition
Displays the partition to which the ACL belongs. Only roles that are granted access to a partition can view the objects (such as the ACL) that the partition contains. If the ACL resides in the Common partition, all roles can access it.

View and configure an ACL log messages report

Before BIG-IQ can display Access report data for a managed BIG-IP device, you must first complete the following tasks:
  • Add the managed BIG-IP device to the BIG-IQ Centralized Management inventory
  • Discover and import the managed BIG-IP device
  • Have a BIG-IQ user enable Access remote logging configuration on the managed BIG-IP device
To discover and import a configuration and deploy configurations to a managed BIG-IP device, users must belong to one of the following RBAC roles:
  • Admin
  • Access Manager
  • Access Deployer
Use BIG-IQ to generate a report for all ACL log messages. You can configure the report by ACL result and view session details.
  1. Navigate to
    Monitoring
    DASHBOARDS
    Access
    Sessions
    ACL
    ACL Log Messages
    .
  2. At the top left of the screen, from the
    ACCESS GROUP/DEVICES
    list, either select one of the first two options (
    All Devices
    and
    All Managed Devices
    ) or select one or more of the other options (
    <
    Access group name
    >
    ,
    <
    Cluster display name
    >
    , or
    <
    Device name
    >
    ).
    • All Managed Devices
      Includes all Access devices that are currently discovered.
    • <
      Access group name
      >
      Select to include all devices in the Access group.
    • <
      Cluster display name
      >
      Select to include the devices in the cluster.
    • <
      Device name
      >
      Select to include the device. You can select any device from
      Managed Devices
      ,
      <
      Access group name
      >
      , or
      <
      Cluster display name
      >
      .
  3. From the
    TIMEFRAME
    menu, specify a time frame:
    • Select a predefined time period. These range from
      Last hour
      to
      Last 3 months
      .
    • Set a custom time period. Select
      Between
      ,
      After
      , or
      Before
      , and click the additional fields that display the set dates and times that support your selection.
  4. Select one of the options from the
    ACL Results
    dropdown menu to display sessions with a specific ACL result. By default, sessions with all ACL results display. You can show allowed results only or denied results only by showing the
    ACL RESULTS
    dropdown menu. Select
    All ACL Results
    to generate a report for sessions with all ACL results.
  5. To save report data in a comma-separated values (CSV) file, click the
    CSV Report
    button.
    The CSV file downloads.
  6. To refresh the data on this dashboard immediately, click
    Refresh
    . To configure an automatic refresh, click the arrow next to it and then select
    1 minute
    ,
    5 minutes
    , or
    10 minutes
    . You can also
    Disable
    automatic refresh from this menu.
  7. Click the blue session ID to open the
    Session Details
    screen, displaying session details and session variables.
  8. Use the
    Log Levels
    menu to sort by message severity. Selecting
    Emergency
    will show only the most severe warnings, and selecting
    Debug
    will display the lowest severity messages.
  9. Select
    Close
    .

What data is available for the ACL log message report?

BIG-IQ Access allows you to record log messages for Access Control Lists (ACLs). See the notes below to learn more about each category for which you can record data.

What charts are in the dashboard?

Properties
Functionality
Local Time
Displays the time and date the error message occurred.
Session ID
Click the session ID to open the Session Details screen, displaying session details and session variables.
HostName
Displays the managed BIG-IP device name.
ACL Result
Displays the ACL result.
ACL Name
Displays the name of the ACL.
Log Message
Displays the log message.

About session data for bad IP reputation

You can monitor session data for session requests initiated by an IP address listed in the IP intelligence database. The IP intelligence database contains only IP addresses that are considered untrustworthy, as a result of having performed exploits or attacks. Learn more about the F5 IP intelligence database here: https://support.f5.com/csp/article/K41310205.
To BIG-IQ to record data for this metric, you will need to have configured an Access policy with an IP Reputation Lookup agent. This agent allows Access to search for the IP address in the IP intelligence database.
If a session is initiated from an IP with a bad reputation, this means that the IP address exists in the IP intelligence database and the session request will be blocked. For example, the IP address may be a spam source or an infected system. APM sets rules to identify IP reputation by default, based on category. If you discover any categories that are categorized as bad reputations that you find acceptable to initiate a session, you can update the iRule or create another iRule to allow the session. If the IP reputation is good, the IP address is not found in the IP intelligence database and the session request can go through.
Use Access to monitor all session requests initiated by IP addresses with a bad reputation. You can also use this workflow to determine the category of IP reputation and to view detailed session information.

View and configure reports for sessions initiated by IPs with bad reputations

Before BIG-IQ can display Access report data for a managed BIG-IP device, you must first complete the following tasks:
  • Add the managed BIG-IP device to the BIG-IQ Centralized Management inventory
  • Discover and import the managed BIG-IP device
  • Have a BIG-IQ user enable Access remote logging configuration on the managed BIG-IP device
To discover and import a configuration and deploy configurations to a managed BIG-IP device, users must belong to one of the following RBAC roles:
  • Admin
  • Access Manager
  • Access Deployer
Enable IP intelligence on you managed BIG-IP devices in order to populate the IP intelligence database.
Use BIG-IQ to view session data for IP addresses in the IP intelligence database.
  1. Navigate to
    Monitoring
    DASHBOARDS
    Access
    Sessions
    Bad IP Reputation
    .
  2. At the top left of the screen, from the
    ACCESS GROUP/DEVICES
    list, either select one of the first two options (
    All Devices
    and
    All Managed Devices
    ) or select one or more of the other options (
    <
    Access group name
    >
    ,
    <
    Cluster display name
    >
    , or
    <
    Device name
    >
    ).
    • All Managed Devices
      Includes all Access devices that are currently discovered.
    • <
      Access group name
      >
      Select to include all devices in the Access group.
    • <
      Cluster display name
      >
      Select to include the devices in the cluster.
    • <
      Device name
      >
      Select to include the device. You can select any device from
      Managed Devices
      ,
      <
      Access group name
      >
      , or
      <
      Cluster display name
      >
      .
  3. From the
    TIMEFRAME
    menu, specify a time frame:
    • Select a predefined time period. These range from
      Last hour
      to
      Last 3 months
      .
    • Set a custom time period. Select
      Between
      ,
      After
      , or
      Before
      , and click the additional fields that display the set dates and times that support your selection.
  4. To save report data in a comma-separated values (CSV) file, click the
    CSV Report
    button.
    The CSV file downloads.
  5. To refresh the data on this dashboard immediately, click
    Refresh
    . To configure an automatic refresh, click the arrow next to it and then select
    1 minute
    ,
    5 minutes
    , or
    10 minutes
    . You can also
    Disable
    automatic refresh from this menu.
  6. From the
    IP REPUTATION RATIO (ALL SESSIONS)
    pie chart, select
    Bad
    to view session details for session requests originating from IP addresses in the IP intelligence database. You can view data such top client IPs, top countries which sessions are originating from, top users, top Access profiles, top virtual servers, and top Access policy results.
    You can continue drilling down in this dashboard to customize the view depending on what information you are interested in. For example, if you were interested in viewing details on sessions originating from IP addresses in the intelligence database and originating from the United States, you would select
    Bad
    from the
    IP REPUTATION RATIO (ALL SESSIONS)
    pie chart and then select the dot over the United States in the map under
    TOP 10 COUNTRIES
    .
  7. To exit the nested view or to move up one level, select the breadcrumbs links at the top of the dashboard you want to navigate to.

What session data can you monitor for bad IP reputation?

BIG-IQ Access allows you to monitor APM sessions that originate from IP addresses that are present in the IP intelligence database. See the notes below to learn more about each category for which you can record data for

What charts are in the dashboard?

Chart title
Functionality
IP REPUTATION RATIO (ALL SESSIONS)
View the IP reputation ratio as a ratio of bad to other for all sessions.
Local Time
Displays the time and date.
HostName
Displays the BIG-IP device name.
Session ID
Click the session ID to open the Session Details screen, displaying session details and session variables.
Client IP
Displays the IP address of the client device.
IP Reputation
Displays the category of the IP reputation.

About browser and operating system session reports

From the Access dashboards in BIG-IQ, you can view browser and operating system (OS) information, as well as detailed session information, for specific managed BIG-IP devices provisioned for Access usage or for all devices in an Access group. Use BIG-IQ to monitor data on which browsers and operating systems are being used to initiate session requests, and to view detailed session data per operating system.

View and configure session data by browser OS

Before BIG-IQ can display Access report data for a managed BIG-IP device, you must first complete the following tasks:
  • Add the managed BIG-IP device to the BIG-IQ Centralized Management inventory
  • Discover and import the managed BIG-IP device
  • Have a BIG-IQ user enable Access remote logging configuration on the managed BIG-IP device
To discover and import a configuration and deploy configurations to a managed BIG-IP device, users must belong to one of the following RBAC roles:
  • Admin
  • Access Manager
  • Access Deployer
You can use BIG-IQ to view session data organized by browser and operating system information for a particular managed BIG-IP device or for all devices in an Access group.
  1. Navigate to
    Monitoring
    DASHBOARDS
    Access
    Sessions
    Browser and OS
    .
  2. At the top left of the screen, from the
    ACCESS GROUP/DEVICES
    list, either select one of the first two options (
    All Devices
    and
    All Managed Devices
    ) or select one or more of the other options (
    <
    Access group name
    >
    ,
    <
    Cluster display name
    >
    , or
    <
    Device name
    >
    ).
    • All Managed Devices
      Includes all Access devices that are currently discovered.
    • <
      Access group name
      >
      Select to include all devices in the Access group.
    • <
      Cluster display name
      >
      Select to include the devices in the cluster.
    • <
      Device name
      >
      Select to include the device. You can select any device from
      Managed Devices
      ,
      <
      Access group name
      >
      , or
      <
      Cluster display name
      >
      .
  3. From the
    TIMEFRAME
    menu, specify a time frame:
    • Select a predefined time period. These range from
      Last hour
      to
      Last 3 months
      .
    • Set a custom time period. Select
      Between
      ,
      After
      , or
      Before
      , and click the additional fields that display the set dates and times that support your selection.
  4. To save report data in a comma-separated values (CSV) file, click the
    CSV Report
    button.
    The CSV file downloads.
  5. To refresh the data on this dashboard immediately, click
    Refresh
    . To configure an automatic refresh, click the arrow next to it and then select
    1 minute
    ,
    5 minutes
    , or
    10 minutes
    . You can also
    Disable
    automatic refresh from this menu.
  6. To learn which browsers are most commonly being used to initiate sessions, view the data under the
    BROWSER VERSIONS BY SESSION COUNT
    chart.
  7. In the
    OS PLATFORM VERSIONS BY SESSION COUNT
    chart, select one of the segments of the pie chart bars to view session details for that OS. Available session details include top client IPs using that OS, top countries initiating sessions from that OS, top users, top Access profiles, top virtual servers, top Access policy results, and detailed session information.
    You can continue drilling down in this dashboard to customize the view depending on what information you are interested in. For example, if you wanted to view details about sessions originating from Windows 8 and using the same virtual server, you would select
    Win8
    from the
    OS PLATFORM VERSIONS BY SESSION COUNT
    dashboard and then select the horizontal bar by the virtual server you are interested in under
    TOP 10 VIRTUAL SERVERS
    .
  8. To exit the nested view or to move up one level, select the breadcrumbs links at the top of the dashboard you want to navigate to.

What browser and operating system data can you monitor for sessions?

BIG-IQ Access allows you to view session data, organized by browser and operating system details, for a particular Access device or for all devices in an Access group. See the notes below to learn more about each category for which you can record data.

What charts are in the dashboard?

Chart title or property
Functionality
BROWSER VERSIONS BY SESSION COUNT
View the browser versions by session count.
OS PLATFORM VERSIONS BY SESSION COUNT
View the OS platform versions by session count.
Browser/Application
Displays the browser or application type.
Version
Displays the browser or application version.
OS
Displays the operating system type.
Count
Displays the session count.

About session geolocation data

Use BIG-IQ Centralized Management to view the distribution of sessions organized by geographic location. From this report, you can view a map representing the geographic origin of all sessions initiated within a specified time period, and obtain detailed information for each session represented in the report.

View and configure session geolocation data

Before BIG-IQ can display Access report data for a managed BIG-IP device, you must first complete the following tasks:
  • Add the managed BIG-IP device to the BIG-IQ Centralized Management inventory
  • Discover and import the managed BIG-IP device
  • Have a BIG-IQ user enable Access remote logging configuration on the managed BIG-IP device
To discover and import a configuration and deploy configurations to a managed BIG-IP device, users must belong to one of the following RBAC roles:
  • Admin
  • Access Manager
  • Access Deployer
Use BIG-IQ to generate a report to view the distribution of sessions organized by geographic location.
  1. Navigate to
    Monitoring
    DASHBOARDS
    Access
    Sessions
    By Geolocation
    .
  2. At the top left of the screen, from the
    ACCESS GROUP/DEVICES
    list, either select one of the first two options (
    All Devices
    and
    All Managed Devices
    ) or select one or more of the other options (
    <
    Access group name
    >
    ,
    <
    Cluster display name
    >
    , or
    <
    Device name
    >
    ).
    • All Managed Devices
      Includes all Access devices that are currently discovered.
    • <
      Access group name
      >
      Select to include all devices in the Access group.
    • <
      Cluster display name
      >
      Select to include the devices in the cluster.
    • <
      Device name
      >
      Select to include the device. You can select any device from
      Managed Devices
      ,
      <
      Access group name
      >
      , or
      <
      Cluster display name
      >
      .
  3. From the
    TIMEFRAME
    menu, specify a time frame:
    • Select a predefined time period. These range from
      Last hour
      to
      Last 3 months
      .
    • Set a custom time period. Select
      Between
      ,
      After
      , or
      Before
      , and click the additional fields that display the set dates and times that support your selection.
  4. To save report data in a comma-separated values (CSV) file, click the
    CSV Report
    button.
    The CSV file downloads.
  5. To refresh the data on this dashboard immediately, click
    Refresh
    . To configure an automatic refresh, click the arrow next to it and then select
    1 minute
    ,
    5 minutes
    , or
    10 minutes
    . You can also
    Disable
    automatic refresh from this menu.
  6. To view session data by country, go to the map titled
    SESSION COUNT DISTRIBUTION ACROSS COUNTRIES
    . Use your cursor to move the view to the part of the map you are interested in, or use
    +
    and
    -
    to zoom in or zoom out.
  7. To view session data for one country, click the colored dot on the country you are interested in.
    A dashboard with data on the top client IP addresses, top users, top Access profiles, top virtual servers, top client platforms, and most common Access policy results will display.
    You can continue to drill down based on the information you are interested in. For example, if you were interested in session requests originating from the United States using the
    ca_policy
    an Access profile you have created for California residents, you would select the United States from the
    SESSION COUNT DISTRIBUTION ACROSS COUNTRIES
    , and then when the next dashboard loads, you would select your Access profile named
    /Common/ca_policy
    from under
    TOP 10 ACCESS PROFILES
    .
  8. To exit the nested view or to move up one level, select the breadcrumbs links at the top of the dashboard you want to navigate to.
  9. To view session data originating from a particular state or province, perform the same steps as above with the
    SESSION COUNT DISTRIBUTION ACROSS STATES
    chart.

What data can you monitor in the geographic session data?

BIG-IQ Access allows you view the distribution of all APM sessions by geographic location. See the notes below to learn more about each category you can record data for.

What charts are in the dashboard?

Chart title
Functionality
SESSION COUNT DISTRIBUTION ACROSS COUNTRIES
View the session count distribution across countries.
SESSION COUNT DISTRIBUTION ACROSS STATES
View the session count distribution across states or provinces.
State/Province
Displays the state or province where the sessions originated.
Country
Displays the country where the sessions originated.
Continent
Displays the continent where the sessions originated.
Count
Displays the session count.

About denied sessions

You can monitor the sessions that BIG-IQ® Centralized Management denies. By using the Access Monitoring option, you can view the following information:
  • The history of denied sessions
  • The reasons why sessions were denied
  • The top denied users, sorted by session count
  • The top authentication failures
  • The top denied policies
  • The top denied sessions by country of origin
  • The top denied session by the virtual server
  • The denied sessions, sorted by the client platform

Viewing and configuring denied sessions reports

Before BIG-IQ can display Access report data for a managed BIG-IP device, you must first complete the following tasks:
  • Add the managed BIG-IP device to the BIG-IQ Centralized Management inventory
  • Discover and import the managed BIG-IP device
  • Have a BIG-IQ user enable Access remote logging configuration on the managed BIG-IP device
To discover and import a configuration and deploy configurations to a managed BIG-IP device, users must belong to one of the following RBAC roles:
  • Admin
  • Access Manager
  • Access Deployer
Use BIG-IQ to generate a report on which sessions were denied by your Access policies, as well to create a report.
  1. Click
    Monitoring
    DASHBOARDS
    Access
    Sessions
    Denied
    .
  2. From the
    ACCESS GROUP/DEVICE
    list at upper left, select
    Managed Devices
    , or one or more of these options:
    • <
      Access group name
      >
      Select to include all devices in the Access group.
    • <
      Cluster display name
      >
      Select to include the devices in the cluster.
    • <
      Device name
      >
      Select to include the device. You can select any device from
      Managed Devices
      ,
      <
      Access group name
      >
      , or
      <
      Cluster display name
      >
      .
  3. From the
    TIMEFRAME
    menu, specify a time frame:
    • Select a predefined time period. These range from
      Last hour
      to
      Last 3 months
      .
    • Set a custom time period. Select
      Between
      ,
      After
      , or
      Before
      , and click the additional fields that display the set dates and times that support your selection.
  4. To save report data in a comma-separated values (CSV) file, click the
    CSV Report
    button.
    The CSV file downloads.
  5. From the
    DENIED SESSIONS/AUTH FAILURES OVER TIME
    chart, select or deselect
    Auth Failures
    or
    Denied Sessions
    from the top right corner of the chart to add or remove them from view.
  6. From any of the bar charts, select one of the horizontal bars to view details such as the authentication failure categories, top 10 reasons for denied sessions, top 10 denied users, top 10 denied Access policies, top 10 virtual servers by denied sessions, and top 10 client platforms by denied sessions.
    You can continue drilling down in this dashboard to customize the view depending on what information you are interested in. For example, if you wanted to view details about LDAP failures associated with a particular Access policy, click the bar by the Access policy you are interested in under the chart
    TOP 10 DENIED POLICIES
    , then on the next screen, select the bar by LDAP Failure under the
    TOP 10 DENIED REASONS
    chart. The customized dashboard will display all LDAP failures that resulted in denied sessions and originated from a single Access policy.
  7. To exit out of the nested view or to move up one level, select the blue links at the top with the dashboard you would like to navigate to.
From here, you can view details regarding denied sessions and create a report.

What data can you monitor for denied session reports?

BIG-IQ Access allows you to monitor denied Access Control List (ACL) sessions data. See the notes below to learn more about each category for which you can record data.

What charts are in the dashboard?

Chart title or property
Functionality
Denied Sessions/Auth Failures Over Time
View denied sessions and authentication failures over time.
Top 10 Auth Failures Categories
Displays the 10 most common session authentication failures during the specified time period.
Top 10 Denied Reasons
Displays the 10 most common reasons the session request was denied for the specified time period.
Top 10 Denied Users
Displays the top 10 users who most frequently experienced a denied session request.
Top 10 Denied Policies
Displays the top 10 Access policies involved in denied session requests over the specified time period.
Top 10 Virtual Servers by Denied Sessions
Displays the top 10 virtual servers involved in denied session requests over the specified time period.
Top 10 Client Platform by Denied Sessions
Displays the top 10 client platforms used to initiate a denied session request.
Local Time
Displays the date and time that the ACL was created.
HostName
Displays the BIG-IP device name.
Session ID
Click the session ID to open the Session Details screen, displaying session details and session variables.
User Name
Displays the user name for the BIG-IP device.
Denied Reason
Displays the reason the session was denied.
Auth Failure
Displays authentication failure category.
Virtual IP
Displays the IP address of the virtual server.
Client IP
Displays the IP address of the client.
Client OS
Displays the operating system of the client.
Access Profile
Displays the Access profile associated with the ACL session.
Country
Displays country where the session originated.

About monitoring endpoint software

Endpoint (client-side) security is a strategy for ensuring that a client device does not present a security risk before it is granted a remote-access connection to the network. Endpoint software verifies that desktop antivirus and firewall software is in place, systems are patched, keyloggers or other dangerous processes are not running, and sensitive data is not left behind in web caches and other vulnerable locations.
Use BIG-IQ Centralized Management to record and view data for the various endpoint security products used by APM users who initiate session requests. You can also view session details for each session where endpoint checks were performed.

View and configure endpoint software summary dashboard

Before BIG-IQ can display Access report data for a managed BIG-IP device, you must first complete the following tasks:
  • Add the managed BIG-IP device to the BIG-IQ Centralized Management inventory
  • Discover and import the managed BIG-IP device
  • Have a BIG-IQ user enable Access remote logging configuration on the managed BIG-IP device
To discover and import a configuration and deploy configurations to a managed BIG-IP device, users must belong to one of the following RBAC roles:
  • Admin
  • Access Manager
  • Access Deployer
Use BIG-IQ to record data for sessions involving endpoint security check software.
  1. Navigate to
    Monitoring
    DASHBOARDS
    Access
    Sessions
    Endpoint Software
    Endpoint Software Summary
    .
  2. At the top left of the screen, from the
    ACCESS GROUP/DEVICES
    list, either select one of the first two options (
    All Devices
    and
    All Managed Devices
    ) or select one or more of the other options (
    <
    Access group name
    >
    ,
    <
    Cluster display name
    >
    , or
    <
    Device name
    >
    ).
    • All Managed Devices
      Includes all Access devices that are currently discovered.
    • <
      Access group name
      >
      Select to include all devices in the Access group.
    • <
      Cluster display name
      >
      Select to include the devices in the cluster.
    • <
      Device name
      >
      Select to include the device. You can select any device from
      Managed Devices
      ,
      <
      Access group name
      >
      , or
      <
      Cluster display name
      >
      .
  3. From the
    TIMEFRAME
    menu, specify a time frame:
    • Select a predefined time period. These range from
      Last hour
      to
      Last 3 months
      .
    • Set a custom time period. Select
      Between
      ,
      After
      , or
      Before
      , and click the additional fields that display the set dates and times that support your selection.
  4. To save report data in a comma-separated values (CSV) file, click the
    CSV Report
    button.
    The CSV file downloads.
  5. To refresh the data on this dashboard immediately, click
    Refresh
    . To configure an automatic refresh, click the arrow next to it and then select
    1 minute
    ,
    5 minutes
    , or
    10 minutes
    . You can also
    Disable
    automatic refresh from this menu.
  6. In the
    SOFTWARE CHECKS TYPE
    chart, select one of the horizontal bars to view details such as the users, endpoint check products, geolocation distribution, and client OS involved in this endpoint check.
    You can continue drilling down in this dashboard to customize the view depending on what information you are interested in. For example, if you wanted to view details about antivirus checks initiated by the user Julie, you would select
    Antivirus
    from the
    SOFTWARE CHECKS TYPE
    dashboard and then select the horizontal bar by Julie's name under the chart
    TOP 10 Users
    .
  7. To exit out of the nested view or to move up one level, select the blue links at the top with the dashboard you would like to navigate to.
  8. In the
    TOP 10 USED PRODUCTS
    chart, select a software check product that you would like to view details for. You may view details such as top users, vendor information, geolocation data, and client OS distribution, as well as session data.
    You can continue drilling down in this dashboard to customize the view depending on what information you are interested in.
    Exit out of the nested view when you are finished.
  9. In the
    TOP 10 VENDORS USED
    chart, select a software check vendor that you would like to view details for. You may view details such as top users, software check product information, geolocation data, and client OS distribution, as well as session data.
    You can continue drilling down in this dashboard to customize the view depending on what information you are interested in.
    Exit out of the nested view when you are finished.

What data can you monitor for the endpoint software summary dashboard?

BIG-IQ Access allows you to monitor endpoint security check summary data for each established session. See the notes below to learn more about each category for which you can record data.

What charts are in the dashboard?

Chart title or property
Functionality
SOFTWARE CHECKS TYPES
Displays the types of software checks.
TOP 10 USED PRODUCTS
Displays the top ten products used.
TOP 10 USED VENDORS
Displays the top ten vendors used.
Top 100 Products, Vendors Types by used count
Displays the top 100 products and the type of vendors used.
Type
Displays the type of vendor used for the software check.
Product Name
Displays the name of the product used for the endpoint software check.
Vendor Name
Displays the name of the vendor who provides the product for the software check.
Version
Displays the software version for the product providing the software check.
Usage Count
Displays the number of times the product was used for an endpoint software check.
Distinct Users
Displays the number of individual users who initiated the endpoint software check.

View and configure an endpoint software details report

Before BIG-IQ can display Access report data for a managed BIG-IP device, you must first complete the following tasks:
  • Add the managed BIG-IP device to the BIG-IQ Centralized Management inventory
  • Discover and import the managed BIG-IP device
  • Have a BIG-IQ user enable Access remote logging configuration on the managed BIG-IP device
To discover and import a configuration and deploy configurations to a managed BIG-IP device, users must belong to one of the following RBAC roles:
  • Admin
  • Access Manager
  • Access Deployer
Use BIG-IQ to generate detailed reports for sessions involving endpoint security checks.
  1. Navigate to
    Monitoring
    DASHBOARDS
    Access
    Sessions
    Endpoint Software
    Endpoint Software Details
    .
  2. At the top left of the screen, from the
    ACCESS GROUP/DEVICES
    list, either select one of the first two options (
    All Devices
    and
    All Managed Devices
    ) or select one or more of the other options (
    <
    Access group name
    >
    ,
    <
    Cluster display name
    >
    , or
    <
    Device name
    >
    ).
    • All Managed Devices
      Includes all Access devices that are currently discovered.
    • <
      Access group name
      >
      Select to include all devices in the Access group.
    • <
      Cluster display name
      >
      Select to include the devices in the cluster.
    • <
      Device name
      >
      Select to include the device. You can select any device from
      Managed Devices
      ,
      <
      Access group name
      >
      , or
      <
      Cluster display name
      >
      .
  3. From the
    TIMEFRAME
    menu, specify a time frame:
    • Select a predefined time period. These range from
      Last hour
      to
      Last 3 months
      .
    • Set a custom time period. Select
      Between
      ,
      After
      , or
      Before
      , and click the additional fields that display the set dates and times that support your selection.
  4. To save report data in a comma-separated values (CSV) file, click the
    CSV Report
    button.
    The CSV file downloads.
  5. To refresh the data on this dashboard immediately, click
    Refresh
    . To configure an automatic refresh, click the arrow next to it and then select
    1 minute
    ,
    5 minutes
    , or
    10 minutes
    . You can also
    Disable
    automatic refresh from this menu.
  6. Choose to view logs of only one severity by selecting a value from the
    Log Level
    dropdown.
  7. Use the
    Log Levels
    menu to sort by message severity. Selecting
    Emergency
    will show only the most severe warnings, and selecting
    Debug
    will display the lowest severity messages.
  8. Select
    Close
    .

What data can you monitor for the endpoint software details dashboard?

BIG-IQ Access allows you to monitor endpoint security check details for each established session. See the notes below to learn more about each category for which you can record data.

What charts are in the dashboard?

Property
Functionality
Local Time
Displays the local timestamp when the endpoint check took place.
Hostname
Displays the BIG-IQ system from which the endpoint check originates.
Cluster
Displays the BIG-IQ cluster.
Session ID
Click the session ID to open the Session Details screen, displaying session details and session variables.
Product Name
Displays the name of the product with endpoint software.
Vendor Name
Displays name of the vendor who supplies the product.
Version
Displays the product version.
User Name
Displays the logon name used to perform the endpoint check.
Client OS
Displays the operating system where the endpoint check originates.
Continent
Displays the continent where the endpoint check originates.
Country
Displays the country where the endpoint check originates.
State
Displays the state or province where the endpoint check originates.

About monitoring license usage

Use BIG-IQ Centralized Management to monitor APM license usage to monitor if you are close to your license usage limits for BIG-IQ APM. You can monitor the number of users with active Access sessions, Connectivity sessions, and Secure Web Gateway (SWG) sessions.

Viewing and configuring license usage reports

Before BIG-IQ can display Access report data for a managed BIG-IP device, you must first complete the following tasks:
  • Add the managed BIG-IP device to the BIG-IQ Centralized Management inventory
  • Discover and import the managed BIG-IP device
  • Have a BIG-IQ user enable Access remote logging configuration on the managed BIG-IP device
To discover and import a configuration and deploy configurations to a managed BIG-IP device, users must belong to one of the following RBAC roles:
  • Admin
  • Access Manager
  • Access Deployer
Use BIG-IQ to monitor the number of sessions by license usage, including Access sessions, Connectivity sessions, and SWG sessions.
  1. Navigate to
    Monitoring
    DASHBOARDS
    Access
    Sessions
    License Usage
    .
  2. At the top left of the screen, from the
    ACCESS GROUP/DEVICES
    list, either select one of the first two options (
    All Devices
    and
    All Managed Devices
    ) or select one or more of the other options (
    <
    Access group name
    >
    ,
    <
    Cluster display name
    >
    , or
    <
    Device name
    >
    ).
    • All Managed Devices
      Includes all Access devices that are currently discovered.
    • <
      Access group name
      >
      Select to include all devices in the Access group.
    • <
      Cluster display name
      >
      Select to include the devices in the cluster.
    • <
      Device name
      >
      Select to include the device. You can select any device from
      Managed Devices
      ,
      <
      Access group name
      >
      , or
      <
      Cluster display name
      >
      .
  3. From the
    TIMEFRAME
    menu, specify a time frame:
    • Select a predefined time period. These range from
      Last hour
      to
      Last 3 months
      .
    • Set a custom time period. Select
      Between
      ,
      After
      , or
      Before
      , and click the additional fields that display the set dates and times that support your selection.
  4. To save report data in a comma-separated values (CSV) file, click the
    CSV Report
    button.
    The CSV file downloads.
  5. To refresh the data on this dashboard immediately, click
    Refresh
    . To configure an automatic refresh, click the arrow next to it and then select
    1 minute
    ,
    5 minutes
    , or
    10 minutes
    . You can also
    Disable
    automatic refresh from this menu.
  6. Select up to 5 managed BIG-IP devices from the hostname list in order to monitor the license usage originating from those devices.
  7. To add or remove a managed BIG-IP device from any of the license usage charts, select the hostname in the top right corner of the chart.

What data can I monitor for license usage reports?

BIG-IQ Access allows you to monitor APM session data filtered by license usage: APM usage, Connectivity usage, and Secure Web Gateway usage. From this page, you can generate customizable and dynamic reports to monitor license usage by managed BIG-IP device. See the notes below to learn more about each category for which you can generate data.

What charts are in the dashboard?

Chart Title or Property
Functionality
ACCESS SESSIONS
Displays the number of APM sessions per day by device.
CONNECTIVITY SESSIONS
Displays the number of Connectivity sessions per day by device.
SWG SESSIONS
Displays the number of Secure Web Gateway (SWG) sessions per day by device.

About monitoring new APM sessions

From BIG-IQ, you can monitor the number of new APM sessions over a specified period of time in order to measure recent traffic or to troubleshoot recent session issues. Use the new sessions dashboard to view the total number of established sessions, timed-out session requests, and denied session requests.

View and configure new sessions report

Before BIG-IQ can display Access report data for a managed BIG-IP device, you must first complete the following tasks:
  • Add the managed BIG-IP device to the BIG-IQ Centralized Management inventory
  • Discover and import the managed BIG-IP device
  • Have a BIG-IQ user enable Access remote logging configuration on the managed BIG-IP device
To discover and import a configuration and deploy configurations to a managed BIG-IP device, users must belong to one of the following RBAC roles:
  • Admin
  • Access Manager
  • Access Deployer
You can use BIG-IQ to generate reports on new sessions.
  1. Navigate to
    Monitoring
    DASHBOARDS
    Access
    Sessions
    New Sessions
    .
  2. At the top left of the screen, from the
    ACCESS GROUP/DEVICES
    list, either select one of the first two options (
    All Devices
    and
    All Managed Devices
    ) or select one or more of the other options (
    <
    Access group name
    >
    ,
    <
    Cluster display name
    >
    , or
    <
    Device name
    >
    ).
    • All Managed Devices
      Includes all Access devices that are currently discovered.
    • <
      Access group name
      >
      Select to include all devices in the Access group.
    • <
      Cluster display name
      >
      Select to include the devices in the cluster.
    • <
      Device name
      >
      Select to include the device. You can select any device from
      Managed Devices
      ,
      <
      Access group name
      >
      , or
      <
      Cluster display name
      >
      .
  3. From the
    TIMEFRAME
    menu, specify a time frame:
    • Select a predefined time period. These range from
      Last hour
      to
      Last 3 months
      .
    • Set a custom time period. Select
      Between
      ,
      After
      , or
      Before
      , and click the additional fields that display the set dates and times that support your selection.
  4. To save report data in a comma-separated values (CSV) file, click the
    CSV Report
    button.
    The CSV file downloads.
  5. To refresh the data on this dashboard immediately, click
    Refresh
    . To configure an automatic refresh, click the arrow next to it and then select
    1 minute
    ,
    5 minutes
    , or
    10 minutes
    . You can also
    Disable
    automatic refresh from this menu.
  6. Customize the
    NEW SESSIONS OVER TIME
    chart by selecting the session result you would like to view.
    For example, if you would like to filter your view by new session requests that were unsuccessful, select
    Denied
    and
    Timed Out
    from the top right corner of the chart.

What data can you monitor for new sessions?

BIG-IQ Access allows you to monitor new session data filtered by result of the session request. See the notes below to learn more about each category for which you can generate data.

What charts are in the dashboard?

Chart title or properties
Functionality
NEW SESSIONS OVER TIME
Displays the number of new sessions per day over a specified time period, organized by total sessions, established sessions, denied sessions, and timed out session requests.
Local Time
Displays the time and date of the new ACL session.
Established / min
Displays the number of sessions established per minute.
Denied / min
Displays the number of sessions denied per minute.
Time out / min
Displays the number of session timeouts per minute.
Total / min
Displays the total number of sessions per minute.