Updated Date: 06/30/2026

System Monitoring Overview

You can monitor the configured system settings in the system webUI and CLI.

System alarms and events overview

You can view active system alarms and events in the webUI and CLI.

Display system alarms and events from the webUI

The Alarms & Events screen lists alert information for system components (such as PSU, firmware, and LCD) that have currently crossed a performance or health threshold. Use this screen to identify the specific component that is affected.

Log in to the webUI using an account with admin access.
On the left, click System Monitoring > Alarms & Events.

Choose from one of these actions:

To refresh the alarms or events list, under the Alarms area click Refresh icon on the right of the screen.
To display events result by time preference, under the Eventsarea select a value from the Time dropdown.. The default value is one hour. For example, select five minutes to display any event that occurred in the last five minutes.
To display events by severity, select a value from the Severity list. The default value is INFORMATIONAL.

Option	Description
Emergency	Emergency system panic messages
Alert	Serious errors that require administrator intervention
Critical	Critical errors, including hardware and file system failures
Error	Non-critical, but possibly important, error messages
Warning	Warning messages that should be logged and reviewed
Notice	Messages that contain useful information, but might be ignored
Informational	Messages that contain useful information, but might be ignored
Debug	Detailed messages used for troubleshooting

View active system alarm conditions from the CLI

You can view information about active system alarm conditions from the CLI.

Connect using SSH to the management IP address.
Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.

View a list of active system alarm conditions.

show system alarms | tab

This example shows a power supply unit (PSU) redundancy fault:

appliance-1# show system alarms | tab
ID     RESOURCE        SEVERITY  TEXT                           TIME CREATED
–––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––-          
65793  psu-1           ERROR     PSU fault detected             2022-06-01-11:11:11.999825828 UTC

File utilities overview

You can import, export, download, or delete files asynchronously depending on which directory you select to work in. All file transfers are done using the HTTPS protocol.

File import

You can import a file from an external server into the system from either the webUI or the CLI. HTTPS is the supported protocol. The remote host should be an HTTPS server with PUT/POST enabled and have a valid CA-signed certificate.

Note: If you want to import the contents of a tar file, you need to extract the contents first before you can import them onto the F5 system.

You can import files into these directories on the system:

configs/
diags/shared
images/import/services
images/staging
images/tenant
images/import/iso/
images/import/os/

File download

You can download files in these directories from the system to your local workstation from the webUI:

log/host
configs
diags/core
diags/crash
diags/shared
log/confd
log/system

File upload

You can upload files in these directories from your local workstation to the system from the webUI:

configs
images/staging
images/tenant
images/import/iso/
images/import/os/
images/import/services/

File export

You can export a file from the system to an external server from either the webUI or the CLI. HTTPS is the supported protocol. The remote host should be an HTTPS server with PUT/POST enabled and have a valid CA-signed certificate.

You can export files into these directories from the system:

configs
log/
log/confd
log/controller
log/host
log/system
diags/
diags/core
diags/crash
diags/shared
images/
images/import
images/staging
images/tenant
images/import/iso/
images/import/os/
images/import/services/

File deletion

You can delete files (to which you have file permissions) on the system only from the diags/shared or configs directories from either the webUI or the CLI.

Manage files from the webUI

File Utilities are available in the webUI. You can use File Utilities to upload, download, import, export, and/or delete files asynchronously depending on which directory you select to work in. All file transfers are done using HTTPS protocol.

Log in to the webUI using an account with admin access.
On the left, click System Monitoring > File Utilities.
From the Base Directory dropdown, browse the directories and click subfolders to view their contents and the commands that are available from each one.

From a subfolder, click the left arrow next to the path to navigate back to the main folder.
To import a file:
1. Click Import.
2. In the drawer, enter the URL of the file to import.
3. Provide the Username and Password only if required by the remote host.
4. Select Ignore Certificate Warnings if you want to skip warnings when importing files (such as if the remote host does not have a valid CA-signed certificate).
5. Click Import File to begin the import.
To export a file:
1. Select the file and click Export.
2. In the drawer, enter the Server URL for where to export the file.
3. Provide the Username and Password only if required by the remote host.
4. Select Ignore Certificate Warnings if you want to skip warnings when importing files.
5. Click Export File to begin the export.
To upload a file:

Click Upload and select the file you want to upload. The selected file will be uploaded.
To download a file:

Select the file and click Download. The selected file will be downloaded.

On the system controller and chassis partition, you can delete files from diags/shared.
To delete a file, select the file and click Delete.

You can delete files only from the diags/shared directory.

You can view the status of a file transfer operation to view its progress and see if it was successful. If you want to cancel an in-progress file transfer operation, click Cancel button. If an operation fails, hover over the warning icon to see the error that occurred.

Note: A runtime error displays in the File Transfer status area, if an invalid operation is performed.

View files from the CLI

You can view the contents of a file from the CLI.

Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.

View the contents of a file.

file show <*local-file-path*>

This example shows how to view the contents of the platform.log file:

appliance-1# file show log/system/platform.log | until 5
2022-12-27T21:34:24.718946+00:00 appliance-1 tmstat-agent[1]: priority="Info" version=1.0 msgid=0x1601000000000008 msg="TMSTAT directory set from command line." directory="cluster".
2022-12-27T21:34:24.719592+00:00 appliance-1 ihealthd[8]: priority="Info" version=1.0 msgid=0x6602000000000005 msg="DB is not ready".
appliance-1# file show log/system/platform.log | until 15
2022-12-27T21:34:24.718946+00:00 appliance-1 tmstat-agent[1]: priority="Info" version=1.0 msgid=0x1601000000000008 msg="TMSTAT directory set from command line." directory="cluster".
2022-12-27T21:34:24.719592+00:00 appliance-1 ihealthd[8]: priority="Info" version=1.0 msgid=0x6602000000000005 msg="DB is not ready".
2022-12-27T21:34:24.720155+00:00 appliance-1 alert-service[9]: priority="Notice" version=1.0 msgid=0x2201000000000001 msg="Alert Service starting." version="3.11.7" date="Thu Nov  3 13:25:15 2022".
...

Import files from the CLI

You can import a file from an external server onto your system from the CLI.

Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.
Import a file.

file import remote-url <*ip-address-and-file-path*> local-file <*local-file-path*> username <*user*> password [ remote-port <*port-number*> } [ protocol [ https | scp | sftp ]] [insecure]

Note: The insecure option ignores certificate warnings during the transfer.

This example shows how to import a Base OS ISO to the system:
appliance-1# file import remote-url https://files.company.com/images/F5OS-A-1.6.x-xxxxx.R5R10.iso local-file images/staging username admin password Enter the password at the prompt: Value for 'password' (<string>): ******** result File transfer is initiated.(images/staging/F5OS-A-1.6.x-xxxxx.R5R10.iso)
Note: If the file import doesn’t work, you can alternatively use secure copy (SCP) to copy the image file to the images/staging directory of the system.
Optionally, you can check the file transfer status.
appliance-1# file transfer-status
When the file transfer completes, the Status displays Complete.
Export a file.

file export remote-url <*ip-address-and-file-path*> local-file <*local-file-path*> username <*user*> password [ remote-port <*port-number*> } [ protocol [ https | scp | sftp ]] [insecure]

This example shows how to import a Base OS ISO to the system:
appliance-1# file export local-file configs/backup1.xml remote-file /tmp/backup1.xml remote-host 192.51.100.75 username root
The system requests the password for the remote account.
Value for 'password' (<string>): ******* result File transfer is initiated.(configs/backup1.xml)
Delete a file.

file delete local-file diags/shared/<*file-name.xml*>

This example shows how to delete a file:
appliance-1# file delete local-file diags/shared/backup1.xml
You can only delete files from the diags/shared or configsdirectory.

Cancel a file transfer from the CLI

You can cancel an in-progress file import onto your system from the CLI.

Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.

Get the operation identifier for the file transfer process.

show file transfer-operations

A summary similar to this example displays:

appliance-1# show file transfer-operations
file transfer-operations transfer-operation images/import/iso/F5OS-A-1.6.0-1234.iso 
  files/F5OS-A/images/F5OS-A-1.6.0-1234.iso "Import file" "HTTPS   "
 operation-id IMPORT-C16QYpun
 status       "In Progress (13.0%)"
 timestamp    "Fri Mar 24 23:05:54 2023"

Cancel the specified file transfer.

file abort-transfer operation-id <*id*>

This example shows canceling a specified in-progress file transfer:

appliance-1# file abort-transfer operation-id IMPORT-C16QYpun
Aborting will stop the file transfer. Do you want to proceed? [yes/no] yes
result File transfer abort operation initiated.

Export files from the CLI

You can export a file to an external server from your system from the CLI.

Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.
Export a file.

file export insecure local-file <*local-file-path*> protocol { https | scp | sftp } remote-file <*remote-file-path*> remote-host <*ip-address-or-fqdn*> remote-port <*port-number*> remote-url <*ip-address-or-fqdn*> username <*user*> web-token <*remote-system-token*>

Delete files from the CLI

You can delete files from the CLI.

Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.
Delete a file.

file delete local-file diags/shared/<*file-name.xml*>

This example shows how to delete a file:
appliance-1# file delete local-file diags/shared/backup1.xml
You can delete files only from the diags/shared or configsdirectories.

Foreground Diagnostics Overview

This release supports F5 rSeries platform Foreground diagnostic processes which include Foreground diagnostic profiles. These profiles include the diagnostic analysis of specific components (Such as, CPU, memory, disk).

Foreground diagnostics let you troubleshoot F5 rSeries hardware while the system is still running. You can check the health of hardware components and services without taking tenants offline.

What foreground diagnostics include:

Profiles and governance model: A set of rules that control how and when diagnostics run safely on active systems.
Task operating model: A framework that defines diagnostic tasks, who runs them, and the business value each task provides.
In-service troubleshooting: The ability to run diagnostic checks on live, active hardware without disrupting tenant workloads.

You can perform the diagnostics operations using a CLI, webUI, and REST API. This diagnostic tool allows you to perform following operations:

You can start, stop, and execute profile diagnostics for individual nodes.
You can view the state of a diagnostic profile, including its unique profile ID, input parameters, run result (passed, error, failure, or inconclusive), run state (running, completed, or aborted), total execution duration, start time, and estimated progress percentage.

Troubleshooting workflows

Foreground diagnostic results are captured as part of the QkView collection, providing enhanced visibility into system health for issue identification and resolution. When you generate a QkView, the system captures diagnostic data.

You can find the Foreground diagnostic profile results in theQkView 'diag-agent/file-system/tmp/profile-results' directory. TheQkView collection process is standard on both F5 rSeries platforms. For QkView generation, see System reports (QKView) overview

Nodes and Components

The following is a list of nodes and diagnostic profiles of the platforms:

Node	Profile	Profile summary
Appliance	`file-system-status`	Reports file system status (r5000, r10000, and r12000 only): checks file system space, reports additional status indicators, and reports RAID status if available.
Appliance	`platform-test`	Runs platform diagnostics: verifies CPLD read/write from both the host and the LOP, identifies CPLD registers for system health insight, performs PCIe device checks (bus presence, speed, width, and link errors — except CC), scans a device subset excluding internal-to-CPU devices, and checks TPM status (except P5a).
Appliance	`memory-test`	Performs DIMM consistency check (verifies all DIMMs are the same vendor and model) and DIMM count/memory size verification (confirms all DIMMs are present and correctly sized for the platform).
Appliance	`aom-test`	r5000, r10000, and r12000: Checks AOM health — verifies LOPd is running and the UDP socket is present, confirms the USB device is present, and checks LOP health. r2000 and r4000: Checks BMC-based AOM health — verifies the IPMI bus is operational and checks BMC health status.
Appliance	`hardware-suite`	Runs the Appliance hardware suite, which includes: `aom-test`, `drive-status`, `fan-status`, `lcd-status`, `memory-test`, `platform-test`, and `psu-status`.
Drive	`drive-status`	Reports the current state of a specified drive, or all drives if no input parameter is provided: serial number, model name, firmware version, user capacity, SMART status, error log status, and important SMART attributes.
LCD	`lcd-status`	Verifies LCD info, checks that the LCD is reporting healthy, confirms LCD services are reachable, and queries LCD sensors.
Fantray	`fan-status`	Checks device presence, reads device sensors (checks limits and sensor faults), reads device status, and checks fan RPM.
PSU	`psu-status`	Checks PSU consistency and presence, reports PSU model/serial number/firmware version, and checks all generated binary alerts (sensors and PMBus status registers).

Monitoring the systems’s health

You can monitor health and state of system from the CLI and webUI.

The list of tasks are performed during the diagnostics operation.

Diagnostic Operations	Description
Nodes	Displays the list of available nodes for the current system
List	List all of the available profiles for the given node
Profile Help	Displays the help for a given profile, shows descriptions, parameters and example run commands
Health	Displays the high-level health of each node within the system
Start
Status
Stop	Stop a profile that is currently running
Run
Results	Displays the results of a profile that is running or has run in the past
History	A list of profiles that have run in the past

The listed tasks outline key attributes monitored during the operation of a profile.

Field	Description
Profile Id	The unique ID of the profile being run.
Parameters	The parameter name/value pair used to invoke the profile.
Result	The run result of the profile, which can be one of the following: passed, error, failure, inconclusive.
Execution State	The current execution state of the profile, which can be: running, completed, aborted.
Execution Duration	The total execution time for the given profile, presented as a string.
Started At	The timestamp indicating when the profile was started.
Progress	An estimated percent of progress towards completion, with 100% indicating the profile is done.

Monitor the system’s health diagnostics for a profile from the webUI

Log in to the webUI using an account with admin access.
On the left, click System Monitoring > Foreground Diagnostics.
Select the Node from the dropdown for which you want to run the diagnostics.

In the Profiles area, list of profile associated with the Node are displayed.
Run the diagnostics for a profile:
- Run the system’s health diagnostics for a profile without parameter value:
  - Select the profile checkbox for which you want to run the diagnostics and click Run Diagnostics.
- Run the system’s health diagnostics for a profile with parameter value:
  - Select the desired profile checkbox and click RunDiagnostics.
    
    A new drawer with list of parameters and parameter values opens.
    - Click the Run All button to run diagnostics on all parameters using default values.
    - Select your desired options and click Run Selected to run diagnostics on selected parameters. Use the dropdown next to each parameter to modify its value.
  - The drawer closes when the diagnostic run starts, and the Diagnostics Status section displays the run details.
In the Diagnostics Status area, the state of the current diagnostics running on your profile is displayed:
- Active runs include runs triggered from the CLI or runs in progress from previous sessions
- Health check initiated. The table displays a Stop button next to the progress indicator.
- The table displays current result information for the running check.
- Health check initiated on parameterized profile displays parameter name and parameter value along with health check progress state.
- When Health check aborted a table displays the aborted execution state. You can expand the row to view detailed result information.
To stop the diagnostics, click Stop button. Upon clicking, a popup will appear displaying the latest status information.

View the history and results of system’s health diagnostics for a profile from the webUI

You can view the history and results of system’s health diagnostics for a profile from the webUI.

Log in to the webUI using an account with admin access.
On the left, click System Monitoring > Foreground Diagnostics.
Select the Node from the dropdown for which you want to view the information.

In the Profiles area, list of profile associated with the Node are displayed.
Select the profile checkbox, click View History.

The system displays a drawer with the profile’s diagnostic history details.
Click View Results.

The system displays both the parameter table (for profiles that support parameters) and the results table.

Run the system’s health diagnostics for a profile from the CLI

You can run the system’s foreground diagnostics for a profile from the CLI

Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.
Change to config mode. config The CLI prompt changes to include (config).

Run the diagnostics:

Run diagnostics for a profile without a parameter value:

system health diagnostics nodes node <node-name> profiles profile <profile-name> start

A summary this example displays:

  ```
  appliance-1(config)# system health diagnostics nodes node appliance profiles profile platform-test start

  profile {

      result inconclusive

      exec-state starting

      exec-duration 1.139377ms

      started-at 2025-09-03T09:38:33Z

      progress 0

      profile-id A.68b7dc2c.3c

  }
  ```

Run diagnostics for a profile with a parameter value:

system health diagnostics nodes node <node> profiles profile <profile-name> start parameters { parameter { name <node> value <parameter-value>} }

A summary to this example displays:

appliance-1(config)# system health diagnostics nodes node psu profiles profile psu-status start parameters { parameter { name psu value psu-1 } }

    profile {

        parameters {

            parameter {

                name psu

                state {

                    value psu-1

                }

            }

        }

        result inconclusive

        exec-state starting

        exec-duration 1.36711ms

        started-at 2025-01-21T19:02:28Z

        progress 0

        profile-id A.678fef33.21

    }

Stop the system’s health diagnostics for a profile from the CLI

You can stop diagnostics for a profile, if it is currently in the running state. A unique profile identifier is generated during the Start command.

You can use the profile ID to stop the execution of the diagnostic process.

Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.
Change to config mode. config The CLI prompt changes to include (config).
Stopping a diagnostic process for a profile:

system health diagnostics nodes node <platform> profiles profile <profile-name> action stop <profile-id>

Display system’s health state of a profile from the CLI

You can view and monitor the system’s health statuses of a profile from the CLI.

Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.

Display the system’s health.

show system health diagnostics nodes node <node name> profiles profile <profile id> state

A summary to this example displays

appliance-1# show system health diagnostics nodes node appliance profiles profile platform-test ids id A.68b7dc2c.3c state  
state result  passed
state exec-state complete
state exec-duration 0.372
state started-at 2025-09-03T09:38:33.084076831Z
state progress 100

View the results of system’s health diagnostics for a profile from the CLI

You can view results of the system’s health statuses for the specific parameters and profiles from the CLI

Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.
Display the history and results of diagnostics for a profile:

show system health diagnostics nodes node <node name> profiles profile <profile name> ids id < profile id > full

Example:

appliance-1# show system health diagnostics nodes node appliance profiles profile file-system-status ids id A.69faf35e.28 full

Log and report configuration overview

The webUI includes options for configuring remote log servers and the log severity level for individual software components and services.

From the webUI you can generate a system report, or QKView file, to collect configuration and diagnostic information from the rSeries system if you have any concerns about your system operation. The QKView file contains machine-readable (JSON) diagnostic data and combines the data into a single compressed tar.gz format file. You can upload the QKView file to F5 iHealth where you can get help to verify proper operation of the system and get help with troubleshooting and understanding any issues you might be having and ensure that the system is operating at its maximum efficiency.

You can view event logs and configure secure remote logging from the CLI. You can also send host log files, which are in the /var/log directory, as well as audit.log files to the remote server from the CLI.

Configure log settings from the webUI

You can add and display information about configured remote log servers from the webUI. You can also change the log severity level for individual software components and services.

Log in to the webUI using an account with admin access.
On the left, click System Monitoring > Log Settings.
To include hostname configured for your system in the log:
1. On the Include Hostname tile, click the edit icon.
2. Select True from the Include Hostname field dropdown.
3. Click Save.
Note: By default, the Include Hostname dropdown value is set to false.

To add access to a Remote Log Server, click Add.

In the Server field, enter the IPv4 address, IPv6 address, or fully qualified domain name (FQDN) of the remote server. After the remote log server is saved, you cannot modify the server address.
In the Port field, enter the port number of the remote server.

The default port value is 514.
For Protocol, select UDP or TCP to choose between TCP or UDP input.

Note: The Authenticationfield is displayed only when the TCP protocol is selected.

From the Selectors field,

Select LOCAL0 or AUTHPRIV
From the Severity list, select the severity level of the messages to log

Option	Description
Emergency	Emergency system panic messages
Alert	Serious errors that require administrator intervention
Critical	Critical errors, including hardware and file system failures
Error	Non-critical, but possibly important, error messages
Warning	Warning messages that should be logged and reviewed
Notice	Messages that contain useful information, but might be ignored
Informational	Messages that contain useful information, but might be ignored
Debug	Verbose messages used for troubleshooting

Note: To add more selectors, click Add. To remove the existing selectors, select it and click Delete.

For Authentication, select the enable or disable option from the list. The default value is Disabled. This option is visible when the TCP protocol is selected while configuring the remote log server. If the UDP protocol is selected, the authentication value is saved as N/A.
Click Save.

To delete a remote log server, select the server and click Delete.
To configure Host Log Settings, click on the edit icon on the Host Log Settings card.
1. For Host Log Forwarding, select the enable or disable button for remote forwarding. The default value is Disabled.
2. To add the required host log files to the Selected Files panel, click the required host log files checkboxes. Click on directories to view the files and sub-directories and select individual files within the directory.
  
  The Selected Files option allows the host logs files to be forwarded from the directory and subdirectories.
3. For Selectors, select the required facility and severity options from the list. To add more selectors, click Add. To remove the existing selectors, select it and click the Delete.
4. For Custom Log File, enter the log file in the text box and click Add to manually add host log file names to the Selected Files panel.
5. Click Save.
For TLS Certificate & Key, click chevron/expand icon to view the configured TLS Certificate and Key values. Click on edit icon on TLS Certificate & Key card.
1. Update the values in the TLS Certificate and TLS Key fields.
2. Click Save.
Note: If the authentication value is set as enabled for any of the remote log servers, you cannot be able to clear the TLS configuration fields.
For CA Bundles, click Add to enter the Name and TLS certificate.
1. Enter the Name of the CA certificate.
2. Update the value in the TLS Certificate field.
3. Click Save.
Note: When any of the remote server authentication is enabled, you cannot delete the CA bundle.

On the Log Settings screen, click the chevron icon to review the software component log levels for individual software components and adjust them as needed. Click Update if you made changes.

The log levels determine at what level events (and all higher levels) are logged for each service. Informational is the default so all except debug-level events are logged.

Component	Description
alert-service	Software component that handles ‌alerts and events at the system level. These components use ConfD to process updates and manage the status of the Alarm LED depending on the severity of the alert.
dagd-service	Software component that manages the distribution of Tenant traffic.
fips-service	Software component for System FIPS configuration and handles system integrity check requests.
kubehelper	Software component triggered during tenant deployment and runs as a assistant task before tenant container is created. For BIG-IP Covert qcow2 image to raw format for BIG_IP tenant only. Reserves huge pages for the tenant Creates host-net interface for host and tenant communication purposes. Creates a tenant management interface for BIG-IP NEXT tenants and includes route integration.
lldpd	Software component for LLDP configuration.
orchestration-agent	Software component for Tenant Orchestration which includes tenant configuration and deployments.
platform-monitor	The Monitoring Agent is responsible for: - Creating telemetry pipelines that query data periodically. Applying processors to the data. Sending the data to various destinations.
rsyslog-configd	Software component for remote syslog configuration handling.
sys-host-config	Software component responsible for: - Setting up management IP to access the device, collecting management interface stats, and enabling/disabling of management interface. Setting up DNS configurations. Updating required files for internal subnet changes. Exchanging internal subnet changes to LCD server. Updating Base MAC and MAC pool size in ConfD. Addition/Deletion of SSH IP table rules. Additionally, it offers backend code support for various ConfD configurations such as: Hostname Date Motd Banner System Reboot SSH idle timeout
utils-agent	Software component that manages file transfer operations such as import, export, delete, and download/upload.
api-svc-gateway	Software component that manages requests and subscriptions for Tenants on the appliance.
datapath-cp-proxy	Software component that manages Tenant datapath setup requests and configuration.
firewall-manager	One software component that enables the setting up of a whitelist for designated source IP addresses and destination ports such as HTTP, HTTPS, RESTCONF, SNMP, and vConsole.
l2-agent	Software component responsible for managing the setup and status of physical connections (such as interfaces and portgroups) and the configuration and status of Layer-2 components (such as VLANs, LAGs, and FDB).
lopd	Software component to manage communication with the LOP (AOM).
partition-common	The system component incorporates standard ConfD utility functions that enhance the CLI interface.
platform-stats	Software component responsible for capturing the various utilization stats of the CPU, drives and memory and storing the data in TMSTAT stat tables.
snmp-service	Software component used to configure system SNMP configuration such as community, target, and user.
system-control	System component that implements configuration backup and restore.
vconsole	Software component for providing authenticated virtual console access to F5OS tenants.
appliance-orchestration-manager	Appliance Onboard Monitoring Daemon (OMD) is a service daemon that oversees the internal coordination of tasks via Kubernetes (K3S). It is responsible for setting up and controlling all required device plugins that enable communication with different hardware components.
diag-agent	The Diagnostic Agent is responsible for running various diagnostic profiles, gathering and exporting telemetry data and providing system health information and producing the hardware alerts.
http-server	Software component responsible for running the apache HTTPD server.
lacpd	Daemon responsible for negotiation of LACP over system interfaces.
network-manager	Software component responsible for managing datapath related resources, such as MAC Addresses. It also manages datapath tables that route traffic between Tenants and Interfaces.
platform-diag	Software component for providing statistics reports and measurements on top of the low-level hardware.
platform-stats-bridge	Software components responsible for handling the platform statistics to display on user interfaces.
snmp-trapd	Software component that process the system alerts/events as traps and sends it to SNMP manager.
tmstat-agent	Software component for providing the framework which can be used to store the statistics data in centralized location on each host.
audit-service	Software component for capturing the system configuration related logs in audit log.
diag-data	Software component for primarily tasked with collecting important information periodically from an F5OS device and sending that data back to F5 for analysis purposes.
ihealth-upload-service	Software component for providing secure way of transporting support package to F5 to different target destination. This service offers historical track records of support package uploads with configurable data retention policy.
lacpd-proxy	Daemon responsible for reporting the results of LACP negotiation from lacpd.
nic-manager	Software component which manages the datapath network interfaces.
platform-fwu	Software component responsible for updating and reporting firmware.
qat-confd-service	Service for communicating QAT device tenant assignments to ConfD tables.
sshd-crypto	Service that manages all the crypto algorithms configuration for sshd.
tmstat-merged	Software component for providing framework to integrate and divide statistics streams.
authd	Software component responsible for managing the configuration settings for various AAA (Authentication, Authorization, Accounting) mechanisms supported by the F5OS system.
disk-usage-statd	None
ihealthd	Software component responsible for handling ihealth configuration parameters and start a qkview upload by sending a request to ihealth.
license-service	Software component responsible for system licensing installation.
node-agent	Software component triggered during tenant deployment and node reboots. - Creates a tenant management interface for BIG-IP NEXT tenants and includes route integration. Adds water-marking rules for BIG-IP NEXT tenants. In charge of allocating large pages for chassis during tenant deployments.
platform-hal	Software component that provides other services with access to platform/hardware data and configuration.
qat-plugin	Kubernetes device plugin for reporting and managing QAT device resources and resource activities related to their respective tenant assignments.
stpd	Software component for configuring STP L2 protocol in platform.
upgrade-service	Software component for processing the system image and package upgrade requests.
confd-key-migrationd	The software component for transfering ConfD configuration from one system to another requiring the same encryption key. This is necessary to migrate encrypted element values successfully.
dma-agent	Software component for Core Offload feature that functions as a buffer broker, allowing multiple tenants to share access to the FPGA while remaining isolated from one another.
image-agent	A software module that manages the validation of imported tenant images and displays the current status of both tenant and platform images on the user interface.
line-dma-agent	Software component which is an fundamental layer of tcpdump in the VELOS/rSeries family.
optics-mgr	Software component that is responsible for storing the tuning values for supported optics. When provided with an optic, returns the proper tuning.
platform-mgr	This software component displays the versions of platform components, CPUs, memory, and firmware. It also automatically initiates firmware upgrades when upgrading or installing a new ISO and rebooting.
qkviewd	Software component designed to create diagnostic snapshots in containerized systems, known as QKView. A QKView file is a compressed file with diagnostic info from containers, the host, and other systems.The main qkviewd service operates within a container, while qkviewd-host service collects data on the host. A peer system is another system running the qkviewd daemon.
sw-rbcast	Software component that is responsible for forwarding broadcast traffic received on a shared VLAN to the tenants which share that VLAN. A secondary responsibility is to forward DLF (destination look-up failures) requests to the fpgamgr component, so that they can be resolved.
user-manager	Software component responsible for the management and configuration of local users on the system such as user accounts, groups/roles, and passwords.
fpgamgr	Software component, which manages the datapath FPGAs. ‌This includes ‌front panel interfaces, L2 functionality, and other advanced FPGA features.
lcd-webserver	Software component providing a webserver to operate the LCD user interface.
sshd-crypto	Software component for handling sshd crypto agility configurations.

Click Save to save the log settings.

View event logs from the CLI

The system logs events to the appliance.log file located in the log/host directory. To list files and view the contents of log files, you use the file command from the CLI.

Connect using SSH to the management IP address.
Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.

List all files in the log directory.

file list path [ log/confd/ | log/host/ | log/system/ }

This example shows an excerpt of the contents of the log/host/ directory:

appliance-1# file list path log/host
entries {
    name anaconda/
    date Thu May 12 17:01:36 UTC 2022
    size 4.0KB
}
entries {
    name ansible.log
    date Fri Jun 17 16:18:02 UTC 2022
    size 0B
}
entries {
    name appliance.log
    date Fri Jun 17 16:18:19 UTC 2022
    size 9.8KB
}
entries {
    name audit/
    date Fri Jun 17 14:59:04 UTC 2022
    size 4.0KB
}
entries {
    name boot.log
    date Thu May 12 17:02:35 UTC 2022
    size 105B
}
...

Show the contents of a log file.

file show [ log/confd/<*filename*> | log/host/<*filename*> | log/system/<*filename*> ]

This example shows the contents of the log/host/boot.log file:
appliance-1# file show log/host/boot.log May 12 10:02:35 localhost NET[1605]: /etc/sysconfig/network-scripts/ifup-post : updated /etc/resolv.conf

Show only the most recent entries in a log file.

file tail [ log/confd/<*filename*> | log/host/<*filename*> | log/system/<*filename*> ]

This example shows the last ten lines of the appliance.log file and uses the -f option to append output as the file grows:

appliance-1# file tail -f log/host/appliance.log
2022-06-17 16:18:03.267761 - OMD log is initialized
2022-06-17 16:18:03.267761 - 8:-738199808 - applianceMainEventLoop::Orchestration manager startup.
2022-06-17 16:18:03.270244 - 8:-754985216 - Can now ping appliance-1.chassis.local (100.65.60.1).
2022-06-17 16:18:03.723485 - 8:-754985216 - Successfully ssh'd to appliance 127.0.0.1.
2022-06-17 16:18:14.399076 - 8:-738199808 - Appliance 1 is ready in k3s cluster.
2022-06-17 16:18:14.399095 - 8:-738199808 - K3S cluster is ready.
appliance-flannel_image|localhost:2003/appliance-flannel:0.13.0
No Image Changes Found for normal reboot
appliance-multus_image|localhost:2003/appliance-multus:3.6.3
No Image Changes Found for normal reboot
_

Configure secure remote logging from the CLI

The system logs events to the appliance.log file located in the var/log directory and enables you to send these logs to a remote server. By configuring secure remote logging from the CLI, you can send logs in audit.log to a remote server. Secure logging is disabled by default.

Connect using SSH to the management IP address.
Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.
Change to config mode.

config

The CLI prompt changes to include (config).
Configure secure remote logging. The default value is disabled.

system logging remote-servers remote-server <*ip-address*> config proto { udp | tcp | remote-port <*port-number*> authentication { disabled | enabled }

The default protocol is upd, and the default port number is 514.

This example enables secure remote logging:
appliance-1(config)# system logging remote-servers remote-server 192.0.2.58 config proto tcp remote-port 80 authentication enabled
Add certificate or key details for secure remote logging.

system logging tls { certificate | key } <*string*>
Add CA bundle details for secure remote logging.

system logging tls ca-bundles ca-bundle <*name*> config name <*name*> content <*ca-cert-contents*>

Note: The certificate bundle that you specify must include the certificate chain of the certificate authority.
Commit the configuration changes.

commit
Return to user (operational) mode.

end
Verify the authentication, certificate, key, and CA bundle configuration.

show running-config system logging tls { certificate | key | ca-bundles } <*string*>

Disable secure remote logging from the CLI

You can disable secure remote logging from the CLI.

Connect using SSH to the management IP address.
Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.
Change to config mode.

config

The CLI prompt changes to include (config).
Disable secure remote logging.

system logging remote-servers remote-server <*ip-address*> config proto { udp | tcp | remote-port <*port-number*> authentication { disabled | enabled }

This example disables secure remote logging:
appliance-1(config)# system logging remote-servers remote-server 192.0.2.58 config proto tcp remote-port 80 authentication disabled
Remove authentication details from secure remote logging.

no system logging remote-servers remote-server <*ip-address*> config authentication
Remove certificate or key details from secure remote logging.

no system logging tls { certificate | key } <*string*>
Remove CA bundle details from secure remote logging.

no system logging tls ca-bundles ca-bundle
Commit the configuration changes.

commit
Return to user (operational) mode.

end
Veify the authentication, certificate, key, and CA bundle configuration.

show running-config system logging tls { certificate | key | ca-bundles } <*string*>

SNMP configuration overview

Simple Network Management Protocol (SNMP) is an industry-standard protocol that enables you to use a standard SNMP management system to remotely manage network devices. F5 rSeries systems support SNMPv1, SNMPv2c, and SNMPv3. You can configure the system from both the CLI and webUI.

SNMP software support

SNMP support is available in different ways, depending on which F5OS software version you are using. On F5 rSeries systems, SNMP is available from both the CLI and webUI.

F5 recommends using the newer system snmp commands, which include support for SNMP versions 1, 2c, and 3. For more information on the older commands, see:

F5 rSeries CLI Reference

F5 rSeries Planning Guide

F5OS-A software version	Older CLI (v1/v2c only)	Newer CLI (v1/v2c/v3)
1.2.0	SNMP-COMMUNITY-MIB SNMP-NOTIFICATION-MIB SNMP-TARGET-MIB SNMP-VIEW-BASED-ACM-MIB SNMPv2-MIB	system snmp communities system snmp engine-id system snmp targets system snmp users

F5OS-A software version

Older CLI (v1/v2c only)

Newer CLI (v1/v2c/v3)

1.2.0

SNMP-COMMUNITY-MIB

SNMP-NOTIFICATION-MIB

SNMP-TARGET-MIB

SNMP-VIEW-BASED-ACM-MIB

SNMPv2-MIB

system snmp communities system snmp engine-id

system snmp targets

system snmp users

Prerequisites for SNMP configuration

Before you configure SNMP access for F5 rSeries systems:

Add the SNMP manager IP address to the system allow list. For more information, see Configure the system allow list from the webUI.
Add descriptions to front-panel interfaces. For more information, see Configure an interface from the CLI.
Add descriptions to management interfaces. For more information, see Configure the management interface from the CLI.
Add descriptions to LAGs, if needed. For more information, see Configure a static LAG interface from the CLI
Download the F5 MIB files from File Utilities in the webUI on the left, click SYSTEM SETTINGS > File Utilities, and then from Base Directory, select mibs, select a .tar.gz file, and click Download.
Configure a DNS name server if you would like to use a fully-qualified domain name (FQDN) instead of an IP address for the SNMP trap destination. For more information, see Configure DNS from the webUI.

SNMPWALK overview

SNMPWALK is an application on an SNMP management system that performs SNMP GETNEXT requests to query a network device for information. You can provide an object identifier (OID) to specify which portion of the object identifier space to search using GETNEXT requests. The SNMP management system queries all variables in the subtree below the specified OID, displays these values to the user, and stops when it returns results that are no longer inside the range of the specified OID.

These SNMP system object IDs (OIDs) are defined for each F5 rSeries system type:

1.3.6.1.4.1.12276.1.3.1.1 (f5OsAppR5x00)
1.3.6.1.4.1.12276.1.3.1.2 (f5OsAppR10x00)
1.3.6.1.4.1.12276.1.3.1.3 (f5OsAppR2x00)
1.3.6.1.4.1.12276.1.3.1.4 (f5OsAppR4x00)

The IDs display in text format when the corresponding MIB is loaded in your SNMP management system. If the MIB is not loaded, the walk displays in OID format.

To more accurately map these system OIDs, you must download the F5-OS-SYSTEM-MIB.mib file and load it into your SNMP management system. To download the F5 MIB files, use File Utilities in the webUI on the left, click System Monitoring > File Utilities, and then from Base Directory, select mibs, select a .tar.gz file, and click Download.

SNMP configuration from the webUI

Configure SNMP port from the webUI

You can configure the SNMP port from the rSeries webUI.

Log in to the webUI using an account with admin access.
On the left, click System Monitoring > SNMP.
Click on the edit icon on the Properties card.
For Port, enter the required value. The allowed values for the Port are either 161 or in the ranges of [1024-7000, 7033-8887, 8889-65535]. To check whether a port is valid or not, we have inline validation.

Note: The port configured in the SNMP Configuration area is reflected on the Allow List Entry screen of the Allowed IP Addresses section under System Security in the System Settings chapter. When an allowlist is created with an SNMP port, the user is not allowed to change the SNMP Port on the SNMP Configuration area, which can cause an error. For more information, see Configure the system allow list from the webUI.
Click Save.

Configure SNMP properties from the webUI

You can configure the SNMP properties from the webUI.

Log in to the webUI using an account with admin access.
On the left, click System Monitoring > SNMP.
In the Properties section, click the edit icon to specify values in the required fields.
- System Contact
- System Location
- System Name Note: The maximum number characters limit is 255.
Click Save.

Configure SNMP communities from the webUI

You can configure SNMP communities with either version 1, version 2c, or both security models from the webUI.

Log in to the webUI using an account with admin access.
On the left, click System Monitoring > SNMP.
In the Communities area, click Add.
For Name, enter a descriptive name for the community.
For Security Model, select from these security models: v1, v2c, and v1 and v2c.
Click Save.

Configure SNMP users from the webUI

You can configure SNMP version 3, which is a user-based security model, from the webUI. This model provides support for additional authentication and privacy protocols.

Log in to the webUI using an account with admin access.
On the left, click System Monitoring > SNMP.
In the Users area, click Add.

The Add v3 User drawer displays.
For User, enter the user name.
For Authentication Protocol, select from these protocols: MD5, SHA, SHA256, SHA512, or None.
For Authentication Password, enter the password for the specified user.
For Privacy Protocol, select from these protocols: AES128, AES192, AES256, DES, or None.
Click Save.

Configure SNMP targets from the webUI

Before you can add an SNMP target, you must have already configured either the SNMPv1/v2c community or SNMPv3 user.

You can configure SNMP targets from the webUI. These are required to send system-generated traps to a manager. You can choose either community (v1/v2c) or user-based (v3) security.

Log in to the webUI using an account with admin access.
On the left, click System Monitoring > SNMP.
In the Targets area, click Add.

The Add Target screen displays.
For Name, enter a descriptive name.
For Security Model, select from these security models: v1, v2c, or v3.
Select one of these options, depending on the selected security model:
- If you selected v1 or v2c, for Community, select the community that you created with that security model.
- If you selected v3, for User, select the user that you created.
For IPv4/IPv6, select either IPv4 or IPv6.
For Address, enter the IPv4 address, IPv6 address, or fully qualified domain name (FQDN) of the target.
For Port, enter the port number for the target.

The default value is 162, and the range is from 1024 to 65535
Click Save.

SNMP configuration from the CLI

Configure SNMP port from the CLI

You can configure the SNMP port from the CLI.

Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.
Change to config mode.

config

The CLI prompt changes to include (config).
Configure SNMP port

system snmp config port <*value*>

he following example configures SNMP port ‘5000’:
appliance-1(config)# system snmp config port 5000
Note: The allowed values for the Port are either 161 or in the ranges of [1024-7000, 7033-8887, 8889-65535]. The port configured in the SNMP Configuration area is reflected on the Allow List Entry screen of the Allowed IP Addresses section under System Security in the System Settings chapter. When an allowlist is created with an SNMP port, the user is not allowed to change the SNMP Port in the SNMP Configuration area, which can cause an error. For more information, see Configure the system allow list from the webUI.
Commit the configuration changes.

commit

Configure the SNMP properties from the CLI

You can configure the SNMP properties from the CLI.

Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.
Change to config mode.

config

The CLI prompt changes to include (config).
Configure SNMP properties

SNMPv2-MIB system sysName <*system name*> sysLocation <*location name*> sysContact <*contact details*>

A summary of this example displays:
appliance-1(config)# SNMPv2-MIB system sysName f5System sysLocation boston sysContact support@f5.com
Commit the configuration changes.

commit

Configure SNMP communities from the CLI

You can configure SNMP communities with either version 1, version 2c, or both security models from the CLI.

Connect using SSH to the management IP address.
Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.
Change to config mode.

config

The CLI prompt changes to include (config).
Configure a community.

system snmp communities community <*community-name*> config security-model { v1 | v2c }

This example creates a community that uses the v2c security model:
appliance-1(config)# system snmp communities community v2comm config security-model v2c
This example creates a community that uses both v1 and v2c community models:
appliance-1(config)# system snmp communities community v1v2c config security-model [ v1 v2c ]
Commit the configuration changes.

commit
Return to user (operational) mode.

end
Verify the community configuration.

show system snmp communities

A summary similar to this example displays:
appliance-1# show system snmp communities SECURITY NAME NAME MODEL ---------------------------------- v1v2c v1v2c [ v1 v2c ]
Note: This example shows both security models configured. If you configure only one security model, then only the configured model displays in the output.

Configure SNMP users from the CLI

You can configure SNMP version 3, which is a user-based security model, from the CLI. This model provides support for additional authentication and privacy protocols.

Connect using SSH to the management IP address.
Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.
Change to config mode.

config

The CLI prompt changes to include (config).
Configure a user, including authentication and privacy protocols.

system snmp users user <*user-name*> config authentication-protocol { md5 | none | sha | sha256 | sha512 } privacy-protocol { aes | aes192 | aes256| des | none } authentication-password

This example creates a user that uses MD5 authentication and AES for password authentication:
appliance-1(config)# system snmp users user jdoe config authentication-protocol md5 privacy-protocol aes authentication-password
After you press Enter, you are prompted to enter the authentication password.
(<string, min: 8 chars, max: 32 chars>): ********
After you press Enter, configure the privacy password.
appliance-1(config-user-v3-user)# config privacy-password
After you press Enter, you are prompted to enter the privacy password.
(<string, min: 8 chars, max: 32 chars>): *********
Commit the configuration changes.

commit
Return to user (operational) mode.

end

Verify the user configuration.

show system snmp users

A summary similar to this example displays:

appliance-1# show system snmp users
                  AUTHENTICATION  PRIVACY  
NAME     NAME     PROTOCOL        PROTOCOL 
--------------------------------------------
jdoe     jdoe     md5             aes

Configure SNMPv1/SNMPv2c targets from the CLI

You can configure SNMP targets with community-based security (SNMPv1/SNMPv2c) from the CLI. These are required to send system-generated traps to an SNMP management system.

Connect using SSH to the management IP address.
Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.
Change to config mode.

config

The CLI prompt changes to include (config).
Configure a target with community-based security.

system snmp targets target <*target-name*> config community <*community-name*> security-model { v1 | v2c } { ipv4 | ipv6 } address <*ip-address*> port <*port-number*>

This example creates a target with community-based security:
appliance-1(config)# system snmp targets target v2c-target config community v2c-comm security-model v2c ipv4 address 192.0.2.24 port 5001
Commit the configuration changes.

commit
Return to user (operational) mode.

end

Verify the target configuration.

show system snmp users

A summary similar to this example displays:

appliance-1# show system snmp targets
                                          SECURITY                                      
NAME       NAME       USER     COMMUNITY  MODEL     ADDRESS         PORT  ADDRESS  PORT 
-----------------------------------------------------------------------------------------
v2c-target v2c-target jdoe     -          -         192.0.2.24      5001  -        -

Configure SNMPv3 targets from the CLI

You can configure SNMP targets with user-based security (SNMPv3) from the CLI. These are required to send system-generated traps to an SNMP management system.

Connect using SSH to the management IP address.
Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.
Change to config mode.

config

The CLI prompt changes to include (config).
Configure a target with user-based security.

system snmp targets target <*target-name*> config user <*user-name*> { ipv4 | ipv6 } address <*ip-address*> port <*port-number*>

This example creates a target with user-based security:
appliance-1(config)# system snmp targets target v3-target config user jdoe ipv4 address 192.0.2.24 port 5001
Commit the configuration changes.

commit
Return to user (operational) mode.

end

Verify the target configuration.

show system snmp targets

A summary similar to this example displays:

appliance-1# show system snmp targets
                                          SECURITY                                      
NAME       NAME       USER     COMMUNITY  MODEL     ADDRESS         PORT  ADDRESS  PORT 
-----------------------------------------------------------------------------------------
v3-target  v3-target  jdoe     -          -         192.0.2.24      5001  -        -

System reports (QKView) overview

If you have any concerns about your system operation, you can use the QKView utility to generate a system report to collect configuration and diagnostic information from the system.

The QKView file contains machine-readable (JSON) diagnostic data and combines the data into a single compressed tar.gz format file. You can upload the QKView file to F5 iHealth at ihealth2.f5.com, where you can get help verifying proper operation of the system, understanding and troubleshooting any issues you might be having, and ensuring that the system is operating at its maximum efficiency.

For information about generating a QKView for BIG-IP Next or other tenants, see the documentation on my.f5.com and clouddocs.f5.com.

Generate system reports (QKView) from the webUI

You can generate a QKView file from the webUI. The report contains diagnostic information, such as configuration data, log files, and platform information.

Log in to the webUI using an account with admin access.
On the left, click System Monitoring > System Reports.

The System Reports screen displays. A list of QKView files that were previously generated are shown with any reports that were uploaded to iHealth.

To generate a system report, click Generate QKView

The Generate QKView drawer form displays these additional options:

Option	Description
Filename	Specify a name for the file to which QKView file data is written. The default filename is `<system-name>.qkview`.
Timeout Value	Specify the time in seconds after which to stop QKView file data collection. The default value is 0, which indicates no timeout.
Max File Size	Exclude all files greater than the specified size (in MB). The range is from 2 MB to 1000 MB. The default value for maximum file size is 500 MB.
Max Core Size	Exclude core files greater than this size (in MB). The range is from 2 MB to 1000 MB. The default value for maximum core size is 25 MB.
Exclude Cores	Specify whether core files should be excluded from the QKView file. The default is to include core files.

Note: The system runs many commands to collect the diagnostic information, so generating the report might affect its performance.

It takes a few minutes for the system to finish creating the report and list it on the screen. The QKView Status changes to `File generated successfully` when it is done.

To upload the report to the F5 iHealth server:
1. Select the check box next to the QKView to be uploaded.
2. Click Upload to iHealth.
3. In the Upload to iHealth drawer form, enter your iHealth credentials.
  
  Optionally, you can include your F5 Support case number and a brief description.
To do the upload, the system must have DNS configured, and have Internet access to these services using the HTTPS/443 remote service/port:
- api.f5.com
- ihealth-api.f5.com The QKView tar file uploads to iHealth, where you can get help to diagnose the health and proper operation of the system.
To delete a QKView file, select it and click Delete.

Generate system reports (QKView) from the CLI

You can generate a QKView file from the CLI. The report contains diagnostic information, such as configuration data, log files, and platform information.

Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.
List existing QKView files.

show system diagnostics qkview

Generate a QKView file.

system diagnostics qkview capture exclude-cores { false | true } filename <*filename*> maxcoresize <*size*> maxfilesize <*size*> timeout <*time*>

These options are available:

Option	Description
exclude-cores	Specify whether core files should be excluded from the QKView file. The default is to include core files.
filename	Specify a name for the file to which QKView file data is written. The default filename is `<system-name>.qkview`.
maxcoresize	Exclude core files greater than this size (in MB). The range is from 2 MB to 1000 MB. The default value for maximum core size is 25 MB.
maxfilesize	Exclude all files greater than the specified size (in MB). The range is from 2 MB to 1000 MB. The default value for maximum file size is 500 MB.
timeout	Specify the time in seconds after which to stop QKView file data collection. The default value is 0, which indicates no timeout.

In this example, you generate a QKView file named client-qkview.tar that excludes core files, sets the maximum core size to 500 MB, sets the maximum file size to 500 MB, and sets a timeout value of 0 (zero), which indicates no timeout:

appliance-1# system diagnostics qkview capture filename client-qkview exclude-cores true maxcoresize 500 maxfilesize 500 timeout 0
result  Qkview file client-qkview is being collected
return code 200				

Check the status of the QKView generation process.

system diagnostics qkview status

A summary similar to this example displays:

appliance-1# system diagnostics qkview status
result  {"Busy":true,"Percent":12,"Status":"collecting","Message":"Collecting Data","Filename":"client-qkview"}

resultint 0

Delete a QKView file.

system diagnostics qkview delete filename <*filename*>

In this example, you delete a QKView file named “c3-test.tar.canceled” on the local system:
syscon-1-active # system diagnostics qkview delete filename c3-test.tar.canceled

Upload a QKView file to F5 iHealth from the CLI

Before you can upload QKView files to F5 iHealth, you must already have configured the system with iHealth credentials.

You can upload a QKView file from the CLI. The report contains diagnostic information, such as configuration data, log files, and platform information.

Connect using SSH to the management IP address.
Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.
Change to config mode.

config

The CLI prompt changes to include (config).

Upload a QKView file to iHealth.

system diagnostics ihealth upload qkview-file <*filename*> description <*qkview-file-description*> service-request-number <*sr-number*>

In this example, you upload a QKView file named client-qkview.tar to iHealth using configured iHealth credentials:

appliance-1(config)# system diagnostics ihealth upload qkview-file 
  diags/shared/qkview/client-qkview.tar description testing service-request-number C523232
message HTTP/1.1 202 Accepted
Location: /support/ihealth/status/iuw53AYW
Date: Mon, 11 Jul 2022 12:09:08 GMT
Content-Length: 00				

Finally, you view the uploaded report on F5 iHealth at ihealth2.f5.com.

System statistics overview

You can monitor data and metrics related to the usage, performance, and behavior of the system from the webUI. These statistics are crucial for monitoring, managing, and optimizing the system. You can monitor the following system details:

System CPU Usage: Shows the measurement of CPU utilization by the system.
System Memory Usage: Shows the measurement of memory utilization by the system.
System Disk Usage: Shows the measurement of disk utilization by the system.

Display system statistics from the webUI

To monitor the system’s statistics, follow the steps below:

Log in to the webUI using an account with admin access.
On the left, click System Monitoring > System Statistics.

You can now see the following statistics and status of the system.
- System CPU Usage: Displays the vCPU’s current utilization of the system by default. However, if multiple vCPUs are available, you can monitor the usage for a limited set of vCPUs depending on the screen resolution. You can view the next set of vCPUs by clicking the right chevron icon to go to next page or you can select a specific set of vCPUs from vCPUs dropdown, and change the time series to view the historical data and analyze the vCPU utilization.
- System Memory Usage: Displays the current memory utilization of the system by default. However, you can change the time series to view the historical data and analyze ‌memory utilization.
- System Disk Usage: Displays the disk’s current utilization of the system by default. However, if multiple disks are available, you can select a disk, data type, and change the time series to view the historical data and analyze ‌memory utilization

Display system statistics from the CLI

You can monitor data and metrics related to the usage, performance, and behavior of a system from the CLI. These statistics, tenant CPU usage, memory usage, and disk usage, are crucial for monitoring, managing, and optimizing the system.

Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.
Change to config mode.

config

The CLI prompt changes to include (config).

Show ‌tenants status and statistics.

tenants tenant <*tenant name*> state <*action*>

Note: You can get the stats with an average of 10 seconds, 30 seconds, 1 minute, 5 minutes, and 10 minutes.

This example displays the tenant status and statistics for a BIG-IP tenant running on the rSeries system.

For CPU stats:

appliance-1(config)# tenants tenant cbip state cpu-thread-stats average 1m-avg         
averages {
        unix-seconds 1717588320
        cpu-threads {
            cpu-thread {
                thread-index 0
                busy-percent 1
            }
            cpu-thread {
                thread-index 1
                busy-percent 0
            }
            cpu-thread {
                thread-index 2
                busy-percent 0
            }
            cpu-thread {
                thread-index 3
                busy-percent 4
            }
            cpu-thread {
                thread-index 4
                busy-percent 4
            }
            cpu-thread {
                thread-index 5
                busy-percent 4
            }
            cpu-thread {
                thread-index 6
                busy-percent 4
            }
            cpu-thread {
                thread-index 7
                busy-percent 12
            }
            cpu-thread {
                thread-index 8
                busy-percent 4
            }
            cpu-thread {
                thread-index 9
                busy-percent 1
            }
            cpu-thread {
                thread-index 10
                busy-percent 4
            }
            cpu-thread {
                thread-index 11
                busy-percent 4
            }
            cpu-thread {
                thread-index 12
                busy-percent 4
            }
appliance-1(config)#

For disk stats:

appliance-1(config)# tenants tenant cbip state disk-stats average 1m-avg
averages {
        unix-seconds 1717588260
        used-percent 88
        disk-list {
            disk {
                disk-name nvme0n1
                total-iops 0
                read-iops 0
                read-bytes 148
                write-iops 154
                write-bytes 1691163
            }
        }
    }
appliance-1(config)#

For interface stats:

appliance-1(config)# tenants tenant cbip state interface-stats average 1m-avg
averages {
        unix-seconds 1717588380
        interface-list {
            interface {
                interface-name 1.0
                ifc-bytes-in 1466
                ifc-bytes-out 0
                ifc-packets-in 0
                ifc-packets-out 0
            }
            interface {
                interface-name 2.0
                ifc-bytes-in 135
                ifc-bytes-out 0
                ifc-packets-in 0
                ifc-packets-out 0
            }
        }
    }
appliance-1(config)#

For memory stats:

appliance-1(config)# tenants tenant cbip state memory-stats average 1m-avg
averages {
        unix-seconds 1717588440
        available 8493508881
        free 1060426615
        used-percent 93
        platform-total 16107667456
        platform-used 8114811835
    }
appliance-1(config)#

OpenTelemetry overview

OpenTelemetry streamlines observability in distributed systems through standardized APIs, libraries, and tools for collecting telemetry data, including traces, metrics, and logs.

F5OS OpenTelemetry enables the efficient collection of streaming metrics and logs in a structured format from the F5OS product to display in your observability platform. All the metrics and logs will be exported through a gRPC connection. The F5OS supports gRPC endpoints and each OpenTelemetry Line Protocol (OTLP) endpoint is provided with the ability to toggle instrument based filtering.

OpenTelemetry Metrics overview

Telemetry subsystem within the F5OS platform layer generates common attributes and different metrics to display in your observability platform.

An instrument is an area of metrics, which contain multiple metrics and can be enabled selectively. F5OS Resource includes instruments.

Summarizes the metrics that are associated with each tenant as they enters and exits the platform hardware at the DMA level.

The following tenant metrics are currently reported by the BIG-IP tenant into the F5OS platform layer. The metrics visible at the platform layer are only a limited subset of the total number of metrics available to the tenant. You can view the full tenant metrics by using the BIG-IP metric reporting capability.

F5OS OpenTelemetry exporter will only report the metrics that are associated with the Docker containers managed by the platform layer. For more information about the docker container metrics, see Docker stats documentation.

The platform hardware sensors represent physical sensors associated with the hardware which measure: temperature, current, power, voltage, RPM and percent humidity.

The metric schema is heavily dependent upon the internal representation of the tmstat tables within F5OS.

Instrument Overview

An instrument is an area of metrics, which contain multiple metrics and can be enabled selectively. F5OS Resource includes instruments.

Instument name	Description
all	All the logs and metrics produced by the F5OS platform layer except docker container metrics
logs	All the F5OS logs file
platform-log	All the F5OS platform logs file
event-log	All the F5OS ConfD event log
metrics	All the F5OS metrics except docker container metrics
platform	Standard platform metrics such as memory, disk, CPU, and interface
hardware	The low-level platform hardware sensors
optics	The front-panel optic DDM metrics
tenant	Tenant-initiated metrics such as memory, disk, CPU, and interface
datapath	F5OS data-path metrics such as those generated by the FPGA and DMA
tmstat	F5OS tmstat tables exported as metrics
container	Docker container metrics for F5OS services

Note:

Support for the intrument “tenant” is provided only for BIG-IP tenants.
The intrument “Datapath” is applicable for F5 r5000/r10000/12000 platforms only.

This image provides a representation how the F5OS Resource includes instruments with multiple metrics:

Common Attributes

The table lists the set of attributes that can be applied to all metrics produced by the platform.

The scope indicates which product the attribute applies to:

F5 - Applies to all metrics produced by F5
F5OS - Applies to all metrics produced by the F5OS product

Name	Value	Type	Scope	Description
`host.name`	`<name of host>`	string	F5	The host-name for F5OS, derived from ConfD system hostname.
`f5.system.id`	`<instance ID>`	string	F5	A unique instance ID per product.
`f5.product.version`	`<version string>`	string	F5	A version string, which represents the version of the product.
`f5.product.name`	`<product\_name>`	string	F5	The high-level F5 product generating the metric/log: - F5OS BIGIP-Next SPK CNF
`f5.product.type`	`<v6h-hi>`	string	F5OS	The platform type.
`f5.platform.serial_number`	`<platform\_serial\_no>`	string	F5OS	Serial number of an appliance, blade, or controller.
`f5.platform.role`	`<platform\_role>`	string	F5OS	The appliance is straight-forward. However, for chassis products, the telemetry data can originate from multiple places. The role can help identify a location. - Blade - The data originated from a blade within a partition Partition - The data originated from a partition-level service Controller - The data originated from a system controller
`f5.platform.pid`	`C137`	string	F5OS	The platform ID
`f5.platform.name`	`<platform\_name>`	string	F5OS	The Platform Name - rSeries - The appliance products VELOS - The chassis products
`instrument.name`	`<name>`	string	F5OS	F5OS Instrument name associated with the metric.
`f5.data_type`	`<f5os-analytics>`	string	F5	The attribute used by BIG-IP Central Manager to help direct F5OS specific metrics
`f5.tenant.name`	`<f5os\_tenant\_name>`	string	F5OS	The deployed tenant name

Tenant Attributes

The following attributes apply for the tenant based metrics.

Name	Value	Type	Description
`f5.tenant.name`	`<tenant name>`	string	The name of the tenant which acts as a tenant ID
`f5.tenant.image`	`<image version>`	string	The tenant image version
`f5.tenant.type`	BIG-IP BIG-IP Next	string	The tenant type name

Platform Metrics

Front-Panel Interface Metrics

Note: These metrics are relevant to Platforms.

Metric Name	Metric Type	Value Type	Attributes	Unit
`f5.interface.packets`	`Counter`	`int64`	`interface.name="1.0" direction="receive"`	`{packets}`
`f5.interface.packets`	`Counter`	`int64`	`interface.name="1.0" direction="transmit"`	`{packets}`
`f5.interface.bytes`	`Counter`	`int64`	`interface.name="1.0" direction="receive"`	`Bytes`
`f5.interface.bytes`	`Counter`	`int64`	`interface.name="1.0" direction="transmit"`	`Bytes`
`f5.interface.errors`	`Counter`	`int64`	`interface.name="1.0" direction="receive"`	`{packets}`
`f5.interface.errors`	`Counter`	`int64`	`interface.name="1.0" direction="transmit"`	`{packets}`
`f5os.interface.dropped`	`Counter`	`int64`	`interface.name="1.0" direction="receive"`	`{packets}`
`f5os.interface.dropped`	`Counter`	`int64`	`interface.name="1.0" direction="transmit"`	`{packets}`
`f5.interface.broadcast`	`Counter`	`int64`	`interface.name="1.0" direction="receive"`	`{packets}`
`f5os.interface.broadcast`	`Counter`	`int64`	`interface.name="1.0" direction="transmit"`	`{packets}`
`f5os.interface.multicast`	`Counter`	`int64`	`interface.name="1.0" direction="receive"`	`{packets}`
`f5.interface.multicast`	`Counter`	`int64`	`interface.name="1.0" direction="transmit"`	`{packets}`
`f5os.interface.ethernet`	`Counter`	`int64`	`name="1.0" direction="transmit" state=<field>`	`{packets}`

Optic DDM Metrics

Reports the front-panel Optic DDM metrics.

Common Attributes include:

The F5OS port group name associated with the Optic

port.group=<*string*>

The front-panel port number

port.name="1.0"..

For metrics which are per-channel, identifies the individual channel number

channel=1..N

An indication of transmit or receive direction

direction="transmit" | "receive"

Metric Name	Metric Type	Value Type	Attributes	Unit
`f5.optic.temperature`	`Gauge`	`float`	`port.group=<string> port.name="1.0"`	`C`
`f5.optic.voltage`	`Gauge`	`float`	`port.group=<string> port.name="1.0"`	`V`
`f5.optic.power`	`Gauge`	`float`	`port.group=<string> port.name="1.0" channel=1..N direction="transmit" \| "receive"`	`dbm`
`f5.optic.tx-bias`	`Gauge`	`int64`	`port.group=<string> port.name="1.0" channel=1..N`	`?`
`f5.optic.los`	`Gauge`	`int64`	`port.group=<string> port.name="1.0" channel=1..N direction="transmit" \| "receive"`
`f5.optic.tx-fault`	`Gauge`	`int64`	`port.group=<string> port.name="1.0" channel=1..N direction="transmit" \| "receive"`

CPU Metrics

The schema of the CPU metrics is based on the OpenTelemetry semantic conventions. For more information, see Metrics Semantic Conventions

Metric Name	Metric Type	Value Type	Attributes	Unit
`system.cpu.time`	`Counter`	`int64`	`cpu=cpu0..cpuN thread=0...N state=<field>`	`Seconds`
`system.cpu.utilization`	`Gauge`	`float64`	`pu=cpu0...cpuN thread=0..N state=<field>`	`{percent}`

Disk IO Metrics

The Disk IO Metrics are based on the OpenTelemetry semantic conventions. For more information, see Metrics Semantic Conventions

Metric Name	Metric Type	Value Type	Attributes	Unit
`system.disk.io_time`	`Counter`	`float64`	`device=<name> direction=total`	`Seconds`
`system.disk.operations`	`Counter`	`int64`	`device=<name> direction=read`	`{operations}`
`system.disk.operations`	`Counter`	`int64`	`device=<name> direction=write`	`{operations}`
`system.disk.io`	`Counter`	`int64`	`device=<name> direction=read`	`Bytes`
`system.disk.io`	`Counter`	`int64`	`device=<name> direction=write`	`Bytes`
`system.disk.merged`	`Counter`	`int64`	`device=<name> direction=read`	`{operations}`
`system.disk.merged`	`Counter`	`int64`	`device=<name> direction=write`	`{operations}`
`system.disk.operation_time`	`Counter`	`float64`	`device=<name> direction=read`	`Seconds`
`system.disk.operation_time`	`Counter`	`float64`	`device=<name> direction=write`	`Seconds`
`system.disk.usage`	`Counter`	`float64`	`device=<name>`	`Bytes`

Memory Metrics

The Memory Metrics are based on the OpenTelemetry semantic conventions. For more information, see Metrics Semantic Conventions

Metric Name	Metric Type	Value Type	Attributes	Unit
`system.memory.usage`	`Counter`	`int64`	`state="<field>"`	`Bytes`
`system.memory.utillization`	`Gauge`	`float64`	`state=used`	`{percent}`
`system.memory.utilization`	`Gauge`	`float64`	`state=platform`	`{percent}`
`system.memory.utilization`	`Gauge`	`float64`	`state=available`	`{percent}`

File system Metrics

The File system Metrics are based on the OpenTelemetry semantic conventions. For more information, see Metrics Semantic Conventions

Metric Name	Metric Type	Value Type	Attributes	Unit
`system.filesystem.usage`	`Gauge`	`int64`	`state = "free" \|\| "total" \|\| "used" system.device = </dev/mapper/partition\_image-export\_chassis> system.filesystem.mountpoint = </var/export/chassis> system.filesystem.type = <ext4>`	`By`
`system.filesystem.utilization`	`Gauge`	`float64`	`state =used system.device = </dev/mapper/partition\_image-export\_chassis> system.filesystem.mountpoint = </var/export/chassis> system.filesystem.type = <ext4>`	`Percent`

Metric Name

Metric Type

Value Type

Attributes

Unit

system.filesystem.usage

Gauge

int64

state = "free" || "total" || "used" system.device = </*dev/mapper/partition\_image-export\_chassis*> system.filesystem.mountpoint = <*/var/export/chassis*> system.filesystem.type = <*ext4*>

By

system.filesystem.utilization

Gauge

float64

state =used system.device = <*/dev/mapper/partition\_image-export\_chassis*> system.filesystem.mountpoint = <*/var/export/chassis*> system.filesystem.type = <*ext4*>

Percent

Uptime Metrics

The Uptime Metrics are based on the OpenTelemetry semantic conventions. For more information, see Metrics Semantic Conventions

Metric Name	Metric Type	Value Type	Attributes	Unit
`system.uptime`	`Counter`	`int64`		`S`

Raid Metrics

The Raid Metrics are based on the OpenTelemetry semantic conventions. For more information, see Metrics Semantic Conventions

Note: Applicable for F5 r10000/12000 platforms with only two hard disks.

Metric Name	Metric Type	Value Type	Attributes	Unit
`system.raid.blocks`	`Gauge`	`int64`	`state= "blocksTotal" \|\| "blocks-synced" system.raid.devices = <nvme0n1p1,nvme1n1p1> system.raid.name = <md124>`	`Blocks`
`system.raid.state`	`Gauge`	`int64`	`state = "disks-total" \|\| "disks-active" \|\| "disks-failed" \|\| "disks-down" \|\| "disks-spare" system.raid.devices = <nvme0n1p1,nvme1n1p1> system.raid.name = <md124>`	`Count`
system.raid.status	`Gauge`	`int64`	state = “active” \|\| “blocks-synced”	{status}
system.raid.sync.estimation	`Gauge`	`float64`		Seconds
system.raid.sync.percent	`Gauge`	`float64`		Percent
system.raid.sync.speed	`Gauge`	`float64`		KbPerSecInterface Counter Metrics

F5OS Data Path Metrics

Summarizes the metrics that are associated with each tenant as they enters and exits the platform hardware at the DMA level.

Note: Applicable for F5 r5000/r10000/12000 platforms only.

Tenant Data Path

Note: This metric is the sum of all internal tenant interfaces and independent of the F5 platform front-panel interface.

Metric Name	Metric Type	Value Type	Attributes	Unit
`f5.datapath.packets`	`Counter`	`int`	`direction="transmit \| receive" f5.datapath.area="dma"`	`{packet}`
`f5.datapath.bytes`	`Counter`	`int`	`direction="transmit \| receive" f5.datapath.area="dma"`	`By`

F5OS Tenant Metrics

Common Tenant Attributes

This table lists the attributes that are associated with the tenant-based metrics.

CPU Metrics

Metric Name	Metric Type	Value Type	Attributes	Unit
`f5.tenant.cpu.utilization`	`Gauge`	`float64`	`state="<field-name>"` `cpu=cpuN`	`Percent`
`f5.tenant.cpu.time`	`Counter`	`int64`	`state="<field-name>"` `cpu=cpuN`	`s`

Memory Metrics

Metric Name	Metric Type	Value Type	Attributes	Unit
`f5.tenant.memory.utilization`	`Gauge`	`float64`	`state="<field>"`	`Percent`
`f5.tenant.memory.usage`	`Gauge`	`int64`	`state="<field>"`	`Bytes`

Disk IO Metrics

Metric Name	Metric Type	Value Type	Attributes	Unit
`f5.tenant.disk.operations`	`Counter`	`int64`	`device=<name> direction=total`	`operation`
`f5.tenant.disk.operations`	`Counter`	`int64`	`device=<name> direction=read`	`operation`
`f5.tenant.disk.operations`	`Counter`	`int64`	`device=<name> direction=write`	`operation`
`f5.tenant.disk.io`	`Counter`	`int64`	`device=<name> direction=read`	`Bytes`
`f5.tenant.disk.io`	`Counter`	`int64`	`device=<name> direction=write`	`Bytes`
`f5.tenant.disk.merged`	`Counter`	`int64`	`device=<name> direction=read`	`operation`
`f5.tenant.disk.merged`	`Counter`	`int64`	`device=<name> direction=write`	`operation`
`f5.tenant.disk.operation_time`	`Counter`	`float64`	`device=<name> direction=read`	`s`
`f5.tenant.disk.operation_time`	`Counter`	`float64`	`device=<name> direction=write`	`s`

Interface Counter Metrics

Metric Name	Metric Type	Value Type	Attributes	Unit
`f5.tenant.interface.packets`	`Counter`	`float64`	`interface.name="<interface-name>" direction="receive"`	`packets`
`f5.tenant.interface.packets`	`Counter`	`int64`	`interface.name="<interface-name>" direction="transmit"`	`packets`
`f5.tenant.interface.bytes`	`Counter`	`int64`	`interface.name="<interface-name>" direction="receive"`	`Bytes`
`f5.tenant.interface.bytes`	`Counter`	`int64`	`interface.name="<interface-name>" direction="transmit"`	`Bytes`

Docker Container Metrics

Common Attributes

Attributes	Metric value type	Description
`container.name`	`string`	The name of the container
`container.image.name`	`string`	The container image name

Metrics

Metric Name	Metric Type	Value Type	Attributes	Unit
`container.cpu.usage`	`Gauge`	`float`		`ns`
`container.memory.<field-name>`	`Gauge`	`float`		`By`
`container.memory.usage <field-name>`	`Gauge`	`float`		`By`
`container.memory.percent`	`Gauge`	`float`		`{percent}`
`container.blockio.io_service_bytes_recursive`	`Gauge`	`float`	`operation="read" \| "write"`	`By`
`container.network.io.usage.<field-name>`	`Gauge`	`float`	`interface=<name>`	`By \| {percent}`
`container.cpu.percent`	`Gauge`	`float`	`cpu=<name>`	`{percent}`

Platform Hardware Sensors

The platform hardware sensors represent physical sensors associated with the hardware which measure: temperature, current, power, voltage, RPM and percent humidity.

Common Attributes

f5os.sensor.name=<sensor name>

Eamples:
- Temperature:
  - Inlet
  - Outlet
  - Central
- Voltage:
  - 12V
  - 3.3V BCM
- Current:
  - 12V Main
  - Current In
- Power:
  - Controller Power
  - Total Power Supply Unit (PSU) Power In
  - Total Power Supply Unit (PSU) Power Out
f5os.sensor.source=<component name>

Eamples:
- psu-[1..N]
- fantray-[1..N]
- psu-controller-[1..N]
- blade-[1..N]
- controller-[1..2]
- platform

Metrics

Metric Name	Metric Type	Value Type	Attributes	Unit
`f5.sensor.temperature`	`Gauge`	`float64`	`sensor.name="<name of sensor>" sensor.source="?<component name>"`	`C`
`f5.sensor.voltage`	`Gauge`	`float64`	`sensor.name="<name of sensor>" sensor.source="?<component name>"`	`V`
`f5.sensor.current`	`Gauge`	`float64`	`sensor.name="<name of sensor>" sensor.source="?<component name>"`	`A`
`f5.sensor.power`	`Gauge`	`float64`	`sensor.name="<name of sensor>" sensor.source="?<component name>"`	`W`
`f5.sensor.humidity`	`Gauge`	`float64`	`sensor.name="<name of sensor>" sensor.source="?<component name>"`	`{percent}`
`f5.sensor.fan.speed`	`Gauge`	`float64`	`sensor.name="<name of sensor>" sensor.source="?<component name>"`	`RPM`

F5OS TMSTAT Metrics

The metric schema is heavily dependent upon the internal representation of the tmstat tables within F5OS.

Note: When you select instrument type as “all” and/or “metrics”, the instrument type “tmstat” is set to off and cannot be selected. You have to manualy enable the instrument “tmstat”. Using this instrument is more tailored to internal ‌F5 use cases, such as deep diagnostics.

Metric Name	Metric Type	Value Type	Attributes	Unit
`f5.tmstat.<table>`	`Gauge`	`int`	`f5.tmstat.column=<name>`

OpenTelemetry configuration from the webUI

Configure an exporter from the webUI

You can configure an exporter from the webUI.

Log in to the webUI using an account with admin access.
On the left, clickSystem Monitoring > Telemetry.

The Telemetry screen displays.
Under the Telemetry exporters area, click Add.
Enter Name of the Exporter (up to 20 characters).

The first character in the name cannot be a number. After that, only lowercase alphanumeric characters and hyphens are allowed.
For Endpoint
- For IP Address, enter the IPv4 address, IPv6 address, or Fully Qualified Domain Name (FQDN) for an exporter.
- For Port, enter the port number of the Server.
For Enable, select True if you want to enable and send the telemetry data to the exporter or False to disable it.

For Instruments, select one or more instruments for an exporter.

Option	Description
all	All the logs and metrics produced by the F5OS platform layer except docker container metrics
logs	Reports all F5OS logs file through the OpenTelemetry ’log’ API
platform-log	Exports the F5OS platform log through the OpenTelemetry ’log’ API
event-log	Exports the F5OS confd event log through the OpenTelemetry ’log’ API
metrics	All the F5OS metrics except docker container metrics
platform	F5OS platform metrics such as memory, disk, cpu, interface, file system, and RAID stats
hardware	F5OS hardware sensors such as voltage, current, temperature, power, fan-speeds
optics	F5OS front-panel Optic DDM metrics
tenant	Low level tenant reported metrics such as memory, disk, cpu, interface stats
datapath	F5OS data-path metrics such as those generated by the FPGA and DMA
tmstat	F5OS tmstat tables exported as metrics
container	F5OS Per-Container metrics such as cpu, block-io, network, memory

For Compression, select the compression type. By default gzip will be selected.
For Attributes, specify the attributes for the exporter.

Click on Add to add another attribute. Select an attribute and click Delete button to delete it.

Attributes are reference data which can be associated with the exporter. Attributes can be specified in the key & value format.
For Secure input, select True to enable and configure the Transport Layer Security (TLS) to secure the connections. The default option is False.

Note: Before you can enable TLS encryption, you must configure a key and certificate on the system.
You can secure connections by using one of these methods:
- Server Authentication only:
  - For TLS CA Certificate, paste the contents of the certificate (self-signed or from a CA) for server TLS authentication.
- Both Server and Client Authentication
  1. For TLS CA Certificate, paste the contents of the certificate (self-signed or from a CA) for server TLS authentication.
  2. In the TLS Certificate field, paste the text of the local certificate for client TLS authentication.
  3. In the TLS Key field, paste the text of the private key for client TLS authentication.
For Reload Interval, specify the duration to reload the certificate within the specified timeframe.

Note: You can only specify the duration value in nanoseconds (ns), microseconds (us (or µs)), milliseconds (ms), seconds, minutes, and hours.
Click Save.

Delete an exporter from the webUI

You can delete an exporter from the webUI.

Log in to the webUI using an account with admin access.
On the left, click System Monitoring > Telemetry.

The Telemetry screen displays the existing exporter and associated details.
To delete an exporter, in the Telemetry exporters area, select the exporter from the list and then click Delete.

Add attributes to all exporters from the webUI

Attributes are reference data which can be associated with the exporter. Attributes can be specified in the key:value format. Spaces must be included between each entry. You can add attributes to all the configured exporters from the webUI.

Log in to the webUI using an account with admin access.
On the left, click System Monitoring > Telemetry.

The Telemetry screen displays the existing exporter and associated details.
Under Telemetry Attributes, click on Add Attributes.

Click on Add to add another attribute. Select an attribute and click Delete to delete it.
Click on Save

OpenTelemetry configuration from the CLI

Display instruments from the CLI

An instrument is an area of metrics, which contain multiple metrics and can be enabled selectively.

Before configuring an exporter, you can display supported instruments from the CLI.

Connect using SSH to the management IP address.
Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.

Show the total and available instruments:

show system telemetry instruments

This example displays the available instruments:

appliance-1# show system telemetry instruments


NAME           DESCRIPTION
------------------------------------------------------------------
all           Report all logs and metrics produced by the F5OS platform layer
logs          Report all F5OS logs file through the OpenTelemetry 'log' API
platform-log  Export the F5OS platform log through the OpenTelemetry 'log' API
event-log     Export the F5OS confd event log through the OpenTelemetry 'log' API
metrics       Report all F5OS metrics through the OpenTelemetry 'metric' API
platform      F5OS platform metrics such as: memory, disk, cpu, interface, file system, and RAID stats
hardware      F5OS hardware sensors such as: voltage, current, temperature, power, fan-speeds
optics        F5OS front-panel Optic DDM metrics
tenant        Low level tenant reported metrics such as: memory, disk, cpu, interface stats
datapath      F5OS data-path metrics such as those generated by the FPGA and DMA
tmstat        F5OS tmstat tables exported as metrics
container     F5OS Per-Container metrics such as: cpu, block-io, network, memory

Configure an exporter from the CLI

An exporter defines an OpenTelemetry gRPC endpoint to which the F5OS Platform will push metrics/logs.

Note: You can enable ‌Transport Layer Security (TLS) and secure the connections for telemetry streaming. Before you can enable TLS encryption, you must generate a private key and self-signed certificate.

You can configure the exporter from the CLI.

Connect using SSH to the management IP address.
Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.
Change to config mode.

config

The CLI prompt changes to include (config).

Configure the exporter.

You must specify the IP address or DNS name of the server and the port number of the server on which OpenTelemetry (OTEL) is running

system telemetry exporters exporter <*server name*> config endpoint address <*address*> port <*port number*> instruments <*instrument name*> tls sercure { false | true }

A summary similar to this example displays:

appliance-1(config)# system telemetry exporters exporter test1 config endpoint address 10.144.74.171 port 4317 instruments [all] tls secure true
Possible completions:
  ca-certificate    Specifies the CA Certificate content.
  certificate       Specifies the PEM-encoded telemetry client certificate (Configure for mTLS).
  key               Specifies the PEM-encoded telemetry client private key (Configure for mTLS)
  reload-interval   Specifies reload-interval in duration strings.
  <cr> 

You can secure the connections by using one of these methods:

To authenticate the server, add the certificate:

system telemetry exporters exporter <*server name*> config ca-certificate

Press Enter to enable multi-line mode and then paste the contents. Press Ctrl-D to exit multi-line mode.

system telemetry exporters exporter test1 config ca-certificate
(<string>):
[Multiline mode, exit with ctrl-D.]
> ...

A summary to this example displays:

appliance-1(config)# system telemetry exporters exporter test1 config endpoint address 10.144.74.171 port 4317 instruments [ all ] tls secure true ca-certificate
(<string, min: 1 chars>):
[Multiline mode, exit with ctrl-D.]
> -----BEGIN CERTIFICATE-----
> MIIFmzCCA4OgAwIBAgIJAIQRlRZvPsmXMA0GCSqGSIb3DQEBCwUAMGQxCzAJBgNV
> BAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRQw
> EgYDVQQKDAtGNSBOZXR3b3JrczELMAkGA1UECwwCUEQxCzAJBgNVBAMMAmNhMB4X
> DTIzMTExMzA3NTUzNFoXDTI0MTExMjA3NTUzNFowZDELMAkGA1UEBhMCVVMxEzAR
> BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFDASBgNVBAoMC0Y1
> IE5ldHdvcmtzMQswCQYDVQQLDAJQRDELMAkGA1UEAwwCY2EwggIiMA0GCSqGSIb3
> DQEBAQUAA4ICDwAwggIKAoICAQC4NiPFaDvwfajK1pLaisHrWFnji0GAiM4Dyn8C
> ndJW5AptRr8xOPfESMvhkMq1MTp9lQCDNKVgfJuJe3xNWugVFvAMPMuTeMnjv+Xm
> /9jzYFBCJ2ddof/8Uwd6/0X2nmAwfO+gGZZv6rviwtxt6YCPuxUWM48Mqdq5BjSQ
> 5eSepXtMXhtubXr8VCjh1aFxAqnadOm8pykumcTUq7vnPElv/4DG5M6WL+vCpDes
> XEjqhAp3wyOzCglew026xUBYvy3WAIxHVttd0VWP+7KNl2QlYXpJewZcUpHM917i
> Uoui3+h66w1YrfoZTBBcdL7Lnb8v78Jg/6tBAjEcxIXRPQbM+qm1l0e6rCy0NMKP
> i+v0wq9EUOfc4z+nMtF+ggyZlHUo6lJLr3+ZMtkBticvNpRpOZ2XjxsvjjoymZ0a
> 7QBDeSbYtOam+UT2h1UiN4RJsQbtyUAgz9zMTyc82B2TonztVm12MrW2GuDD2+Nv
> KdCi5trmgpmWagSFsi8dWK1qFpXUB34+83geAhp5sz5ngsQtiAWHcYbL67M86fKs
> L9GP91p8LZm09LVzekwxbe6Bq/FM7SCHVMcK+lCLA3hTdX3PCuvjkjrXOH7zy8M7
> R7RCmPj5hdPXxTYomGkwY1IW8JkurwukYvnfzn6pwNkRX6/1B5GZHMIi98nkA3lJ
> /eUtKQIDAQABo1AwTjAdBgNVHQ4EFgQUTYPD7uZ2NLCxdyMdxeVQnTONkl4wHwYD
> VR0jBBgwFoAUTYPD7uZ2NLCxdyMdxeVQnTONkl4wDAYDVR0TBAUwAwEB/zANBgkq
> hkiG9w0BAQsFAAOCAgEARpehpSFWyKw0sPeZYk8LsiTiMhS5BX+WBIaZzGrQXW4p
> lU9rOBtunhzjbH5Vf6bzJVL5Zi7kFIUa+8RrnY0+0+CVxRiFE3k1rOFZ7YsS1ILl
> vQ7tVBTCRHJ6VAThlVlagYntfEI+bxTJQ3nnRzRe+znh5uqANEChZUoXX2lmDmhU
> D+2lyzuZ9t6C8xcB2jfe0yUJeUQAdQh1x4k5Y2ssjnS4tLOa2Ly3xj3WudFHoA2D
> kwu9myRKkJ1ruCO6DSRxi1BnfKISUOQtZ1DWaNpN/2fEzqtiW7klO9G2gwL6O/8J
> 9cYn4HRTbA9DKITzPYs854TJnaOimn7US5hZkb1n9uy1c9cN1XfNxenHziEdG1BM
> U7EsAmHYtf7k8N3XisKTfLEZ6AeAsqOp16Fi/ecp467DZtMnY4NXcadnj+IpIPeh
> k6VkkayjrEZgWfcVHZ8L1vpVNTLnRuc0a3V4ioFoOGAKvoBVruQZWt0Sgtg/V/UH
> i/otMqWYV5q366R4St55ZYfu8mdqhZljSU3Zrneco7DqTttFbWeWa3SaWhvP96VF
> 4FTrgLyq4D6OlURqWMRbh98TxAzSbYw6cWoevRUpae5Eo0ST/c6dqjTlbq1YHr1H
> MAhq2UPmh3/Uuc3a0dUWQ8gas0SEPFOHbnY5a/ae2cSdUV5uLR/dNsRWflZQaj4=
> -----END CERTIFICATE-----
>

To authenticate the server and client, add the certificates and key.

system telemetry exporters exporter <*server name*> config tls certificate

Press Enter to enable multi-line mode and then paste the contents. Press Ctrl-D to exit multi-line mode.

system telemetry exporters exporter server1 config tls certificate (<string>): [Multiline mode, exit with ctrl-D.] > ... appliance-1(config-exporter-test)# config tls key (<string>): [Multiline mode, exit with ctrl-D.] > appliance-1(config-exporter-test)# config tls certificate (<string>): [Multiline mode, exit with ctrl-D.] >

A summary to this example displays:

appliance-1(config)# system telemetry exporters exporter test2 config endpoint address 10.144.74.171 port 4317 instruments [ all ] tls secure true ca-certificate
(<string, min: 1 chars>):
[Multiline mode, exit with ctrl-D.]
> -----BEGIN CERTIFICATE-----
> MIIFmzCCA4OgAwIBAgIJAIQRlRZvPsmXMA0GCSqGSIb3DQEBCwUAMGQxCzAJBgNV
> BAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRQw
> EgYDVQQKDAtGNSBOZXR3b3JrczELMAkGA1UECwwCUEQxCzAJBgNVBAMMAmNhMB4X
> DTIzMTExMzA3NTUzNFoXDTI0MTExMjA3NTUzNFowZDELMAkGA1UEBhMCVVMxEzAR
> BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFDASBgNVBAoMC0Y1
> IE5ldHdvcmtzMQswCQYDVQQLDAJQRDELMAkGA1UEAwwCY2EwggIiMA0GCSqGSIb3
> DQEBAQUAA4ICDwAwggIKAoICAQC4NiPFaDvwfajK1pLaisHrWFnji0GAiM4Dyn8C
> ndJW5AptRr8xOPfESMvhkMq1MTp9lQCDNKVgfJuJe3xNWugVFvAMPMuTeMnjv+Xm
> /9jzYFBCJ2ddof/8Uwd6/0X2nmAwfO+gGZZv6rviwtxt6YCPuxUWM48Mqdq5BjSQ
> 5eSepXtMXhtubXr8VCjh1aFxAqnadOm8pykumcTUq7vnPElv/4DG5M6WL+vCpDes
> XEjqhAp3wyOzCglew026xUBYvy3WAIxHVttd0VWP+7KNl2QlYXpJewZcUpHM917i
> Uoui3+h66w1YrfoZTBBcdL7Lnb8v78Jg/6tBAjEcxIXRPQbM+qm1l0e6rCy0NMKP
> i+v0wq9EUOfc4z+nMtF+ggyZlHUo6lJLr3+ZMtkBticvNpRpOZ2XjxsvjjoymZ0a
> 7QBDeSbYtOam+UT2h1UiN4RJsQbtyUAgz9zMTyc82B2TonztVm12MrW2GuDD2+Nv
> KdCi5trmgpmWagSFsi8dWK1qFpXUB34+83geAhp5sz5ngsQtiAWHcYbL67M86fKs
> L9GP91p8LZm09LVzekwxbe6Bq/FM7SCHVMcK+lCLA3hTdX3PCuvjkjrXOH7zy8M7
> R7RCmPj5hdPXxTYomGkwY1IW8JkurwukYvnfzn6pwNkRX6/1B5GZHMIi98nkA3lJ
> /eUtKQIDAQABo1AwTjAdBgNVHQ4EFgQUTYPD7uZ2NLCxdyMdxeVQnTONkl4wHwYD
> VR0jBBgwFoAUTYPD7uZ2NLCxdyMdxeVQnTONkl4wDAYDVR0TBAUwAwEB/zANBgkq
> hkiG9w0BAQsFAAOCAgEARpehpSFWyKw0sPeZYk8LsiTiMhS5BX+WBIaZzGrQXW4p
> lU9rOBtunhzjbH5Vf6bzJVL5Zi7kFIUa+8RrnY0+0+CVxRiFE3k1rOFZ7YsS1ILl
> vQ7tVBTCRHJ6VAThlVlagYntfEI+bxTJQ3nnRzRe+znh5uqANEChZUoXX2lmDmhU
> D+2lyzuZ9t6C8xcB2jfe0yUJeUQAdQh1x4k5Y2ssjnS4tLOa2Ly3xj3WudFHoA2D
> kwu9myRKkJ1ruCO6DSRxi1BnfKISUOQtZ1DWaNpN/2fEzqtiW7klO9G2gwL6O/8J
> 9cYn4HRTbA9DKITzPYs854TJnaOimn7US5hZkb1n9uy1c9cN1XfNxenHziEdG1BM
> U7EsAmHYtf7k8N3XisKTfLEZ6AeAsqOp16Fi/ecp467DZtMnY4NXcadnj+IpIPeh
> k6VkkayjrEZgWfcVHZ8L1vpVNTLnRuc0a3V4ioFoOGAKvoBVruQZWt0Sgtg/V/UH
> i/otMqWYV5q366R4St55ZYfu8mdqhZljSU3Zrneco7DqTttFbWeWa3SaWhvP96VF
> 4FTrgLyq4D6OlURqWMRbh98TxAzSbYw6cWoevRUpae5Eo0ST/c6dqjTlbq1YHr1H
> MAhq2UPmh3/Uuc3a0dUWQ8gas0SEPFOHbnY5a/ae2cSdUV5uLR/dNsRWflZQaj4=
> -----END CERTIFICATE-----
>
appliance-1(config-exporter-test)# config tls key
(<AES encrypted string>):
[Multiline mode, exit with ctrl-D.]
> *******************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ****************************************************************
> ************************************************************
> *****************************
>
appliance-1(config-exporter-test)# config tls certificate
(<string>):
[Multiline mode, exit with ctrl-D.]
> -----BEGIN CERTIFICATE-----
> MIIFajCCA1KgAwIBAgIJAN5Vgnsykm2mMA0GCSqGSIb3DQEBCwUAMGQxCzAJBgNV
> BAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRQw
> EgYDVQQKDAtGNSBOZXR3b3JrczELMAkGA1UECwwCUEQxCzAJBgNVBAMMAmNhMB4X
> DTIzMTExMzEwNTgyOFoXDTI0MTExMjEwNTgyOFowcDELMAkGA1UEBhMCVVMxEzAR
> BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFDASBgNVBAoMC0Y1
> IE5ldHdvcmtzMQswCQYDVQQLDAJQRDEXMBUGA1UEAwwOMTAuMjM4LjE1Ny4yMzcw
> ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCiQiZZbGgioRHXDOw6slU8
> 9lzikxOFmkpcr0EonT3f1o+n46oNU4PmZ7saTDp3dffU3gflLIh0eseUCJosFd8H
> iF/OZdq38YPDCmAI4GD341Gs959qIpRYiuXzv5+11H7bUewS4Uj0ZP7ByuV+PFYS
> +mHjRjcDXDV2kNVPwiEz/wxsuX5QP2rLH/Kepknj+ldkE9/khy2/aaWtmlVy5VaO
> L1PRUAJh1lbT95GGpAYcCdbzay17GV0FN7uSl2/pMv74ygIvQNcs4av4l7bAvVdF
> sGNJm/AdvruOhw2y87KKPGjgrS072c8aYkri/jJh6IW1DJ9HS+4vU7RtB9JKcbw5
> O01gZXKWRal5VUHRg/BBiYGwRqJg2fmcKzt9YHqOTzFPvudc5S8ij4CgVmXH5lHI
> bPQjc8dn8CE0upwDAIUKOS2tPz5PcgBCqbCG1d5NtCSbZSa8udDCQmRXZ0mwPdn9
> wLNymUBAnZvFuzaU0Q99P1WwPK4wJrCHUdF+ETK3VY+U4pwYeyNLt82cVSeuAZD+
> 4hBXNPHDKrsylhRn5QqhORfs+XNaUjp94zs4Uth2dxCREG3yb/AsW3q+ddjfCk51
> 2kSy73dUudtxbErbivHSuuvmOm4flzBTgQF8C8aP1P9AEj60lyNOPY72dRMdWf2y
> hpfogHMaqkHRNxcazhZ7GQIDAQABoxMwETAPBgNVHREECDAGhwQK7p3tMA0GCSqG
> SIb3DQEBCwUAA4ICAQAb85rbxzosNnG+OucXVD3Cxt0VKH816ZnEvCtz9DVZfMqj
> IpLOmIpFr5MJp4bz3459BRRsJf/TvhQaofPoxUCf1mm8Vf889mJFBFQ4eUmqpv35
> FDZfe8cNmTsJwebHr7ubSxytJR+IMwAwirbuW656oSMX3r0ERNYxdC2VYf7rWG2a
> EiF2zMlTAsyjfToMIIpWncata3tGxJHXMDYrl8Y4tXl20PlRR3x/2QBj/Ghud9+E
> JYIFsdFeIMDiPyu2S3saYZS5dwb+0Fmn/0qgzut3eZuYn0TiTpPj9i0c4Zmza0aK
> uHjI7N/lzkReAfh4KT/o3uqxLMn+6eUwc2ai8EfQ7Jw+geL0N4JDrhW7Z9Qsp+yS
> 9Gl3qGNAyU+7kZqixcLde2+aLFZoq169Ayo7IXx/wFSBW/Lif0ZoMLKZ7OVOeawb
> Ct1tnQ3bQZwmWa7MFdF3aaATXBy6jKfcEH0vTIa2FiCxhEbynMzw5zIcFX1GLL4l
> SBzPKkNz7sA6EzuKJNL8LwjOndAKHGAB2EkGy4/3PKmM5yF//shRneXrJx1xd1nI
> 9ipFxZ1e6YwxJ4K6tIiZMineKK/csA7z6tLaImQ/ldFz0S0Qws+1csgfp9VIrxtG
> ZwIVHO/QCZe7gB6XQESbBpW6M8eKj5zqk5ZTMAGihtE7nDEe3ZXWvzV0Vr0MPQ==
> -----END CERTIFICATE-----
>

Commit the configuration changes.

commit

Display exporter state from the CLI

After you configure the exporter, you can display the state of the exporter from the CLI.

Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.

Display the state of a specific exporter

show system telemetry exporters exporter <*server name*>

When you specify an exporter, a summary to this example displays:

appliance-1# show system telemetry exporters exporter test-tls 
state enabled
state endpoint address 10.144.74.171
state endpoint port 4317
state instruments [ all ]
state tls secure true
state tls ca-certificate "
> -----BEGIN CERTIFICATE-----
> MIIFmzCCA4OgAwIBAgIJAIQRlRZvPsmXMA0GCSqGSIb3DQEBCwUAMGQxCzAJBgNV
> BAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRQw
> EgYDVQQKDAtGNSBOZXR3b3JrczELMAkGA1UECwwCUEQxCzAJBgNVBAMMAmNhMB4X
> DTIzMTExMzA3NTUzNFoXDTI0MTExMjA3NTUzNFowZDELMAkGA1UEBhMCVVMxEzAR
> BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFDASBgNVBAoMC0Y1
> IE5ldHdvcmtzMQswCQYDVQQLDAJQRDELMAkGA1UEAwwCY2EwggIiMA0GCSqGSIb3
> DQEBAQUAA4ICDwAwggIKAoICAQC4NiPFaDvwfajK1pLaisHrWFnji0GAiM4Dyn8C
> ndJW5AptRr8xOPfESMvhkMq1MTp9lQCDNKVgfJuJe3xNWugVFvAMPMuTeMnjv+Xm
> /9jzYFBCJ2ddof/8Uwd6/0X2nmAwfO+gGZZv6rviwtxt6YCPuxUWM48Mqdq5BjSQ
> 5eSepXtMXhtubXr8VCjh1aFxAqnadOm8pykumcTUq7vnPElv/4DG5M6WL+vCpDes
> XEjqhAp3wyOzCglew026xUBYvy3WAIxHVttd0VWP+7KNl2QlYXpJewZcUpHM917i
> Uoui3+h66w1YrfoZTBBcdL7Lnb8v78Jg/6tBAjEcxIXRPQbM+qm1l0e6rCy0NMKP
> i+v0wq9EUOfc4z+nMtF+ggyZlHUo6lJLr3+ZMtkBticvNpRpOZ2XjxsvjjoymZ0a
> 7QBDeSbYtOam+UT2h1UiN4RJsQbtyUAgz9zMTyc82B2TonztVm12MrW2GuDD2+Nv
> KdCi5trmgpmWagSFsi8dWK1qFpXUB34+83geAhp5sz5ngsQtiAWHcYbL67M86fKs
> L9GP91p8LZm09LVzekwxbe6Bq/FM7SCHVMcK+lCLA3hTdX3PCuvjkjrXOH7zy8M7
> R7RCmPj5hdPXxTYomGkwY1IW8JkurwukYvnfzn6pwNkRX6/1B5GZHMIi98nkA3lJ
> /eUtKQIDAQABo1AwTjAdBgNVHQ4EFgQUTYPD7uZ2NLCxdyMdxeVQnTONkl4wHwYD
> VR0jBBgwFoAUTYPD7uZ2NLCxdyMdxeVQnTONkl4wDAYDVR0TBAUwAwEB/zANBgkq
> hkiG9w0BAQsFAAOCAgEARpehpSFWyKw0sPeZYk8LsiTiMhS5BX+WBIaZzGrQXW4p
> lU9rOBtunhzjbH5Vf6bzJVL5Zi7kFIUa+8RrnY0+0+CVxRiFE3k1rOFZ7YsS1ILl
> vQ7tVBTCRHJ6VAThlVlagYntfEI+bxTJQ3nnRzRe+znh5uqANEChZUoXX2lmDmhU
> D+2lyzuZ9t6C8xcB2jfe0yUJeUQAdQh1x4k5Y2ssjnS4tLOa2Ly3xj3WudFHoA2D
> kwu9myRKkJ1ruCO6DSRxi1BnfKISUOQtZ1DWaNpN/2fEzqtiW7klO9G2gwL6O/8J
> 9cYn4HRTbA9DKITzPYs854TJnaOimn7US5hZkb1n9uy1c9cN1XfNxenHziEdG1BM
> U7EsAmHYtf7k8N3XisKTfLEZ6AeAsqOp16Fi/ecp467DZtMnY4NXcadnj+IpIPeh
> k6VkkayjrEZgWfcVHZ8L1vpVNTLnRuc0a3V4ioFoOGAKvoBVruQZWt0Sgtg/V/UH
> i/otMqWYV5q366R4St55ZYfu8mdqhZljSU3Zrneco7DqTttFbWeWa3SaWhvP96VF
> 4FTrgLyq4D6OlURqWMRbh98TxAzSbYw6cWoevRUpae5Eo0ST/c6dqjTlbq1YHr1H
> MAhq2UPmh3/Uuc3a0dUWQ8gas0SEPFOHbnY5a/ae2cSdUV5uLR/dNsRWflZQaj4=
> -----END CERTIFICATE-----
>
state options compression gzip

Modify the exporter configuration from the CLI

You can modify the configuration of an exporter from the CLI.

Connect using SSH to the management IP address.
Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.
Change to config mode.

config

The CLI prompt changes to include (config).

You can use the following commands to modify the exporter configuration:

Disable the exporter

system telemetry exporters exporter <*server name*> config disabled

When you specify an exporter, a summary to this example displays:

appliance-1(config)# system telemetry exporters exporter server1 config disabled

Modify option retry-enabled

system telemetry exporters exporter <*server name*> config retry-enabled

A summary to this example displays:

appliance-1(config-exporter-server1)# system telemetry exporters exporter server1 config options retry-enabled
Possible completions:
  false  true
appliance-1(config)# system telemetry exporters exporter server1 config options retry-enabled false

Modify option timeout

system telemetry exporters exporter server1 config options timeout <*new value*> 

A summary to this example displays:

appliance-1(config)# system telemetry exporters exporter server1 config options timeout 10

Modify option compression

system telemetry exporters exporter server1 config options compression <*new value*>

A summary to this example displays:

appliance-1(config)# system telemetry exporters exporter server1 config options compression zstd

Commit the configuration changes.

commit
Return to user (operational) mode.

end
You can verify the state of the exporter. see Display exporter state from the CLI.

Manage the instruments from the CLI

You can add, modify, or delete the instruments that are configured for an exporter from the CLI.

Connect using SSH to the management IP address.
Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.
Change to config mode.

config

The CLI prompt changes to include (config).

You can use the following commands to modify the exporter configuration:

Add a new instrument

system telemetry exporters exporter <*server name*> config instruments <*instrument name*>

A summary to this example displays:

appliance-1(config)# system telemetry exporters exporter server1 config instruments hardware

Modify the instrument

system telemetry exporters exporter <*server name*> config instruments [<*instrument name*>]

A summary to this example displays:

appliance-1(config)# system telemetry exporters exporter server1 config instruments [ optics ]

Delete the instrument

no system telemetry exporters exporter <*server name*> config instruments <*instrument name*>

A summary to this example displays:

appliance-1(config)# no system telemetry exporters exporter server1 config instruments platform

Commit the configuration changes.

commit
Return to user (operational) mode.

end
You can verify the state of the exporter. see Display exporter state from the CLI.

Add Attributes to all the exporters from the CLI

You can add attributes to all the configured exporters from the CLI

Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.
Change to config mode.

config

The CLI prompt changes to include (config).

You can add attributes to all the configures exporters:

system telemetry attributes attribute <*attribute name*> <*attribute value*>

A summary to this example displays:

appliance-1(config)# system telemetry attributes attribute test.key config key test.key value test.vale
appliance-1(config-attribute-test.key)# commit
Commit complete.
appliance-1(config-attribute-test.key)# exit
appliance-1(config)# exit
appliance-1# show system telemetry attributes 
KEY       KEY       VALUE      
-------------------------------
test.key  test.key  test.vale 

Commit the configuration changes.

commit

Delete the exporter from the CLI

Connect using SSH to the management IP address.
Log in to the command line interface (CLI) of the system using an account with admin access.

When you log in to the system, you are in user (operational) mode.
Change to config mode.

config

The CLI prompt changes to include (config).
Delete the exporter:
no system telemetry exporters exporter <*server name*>
A summary similar to this example displays:appliance-1(config)# no system telemetry exporters exporter server1
Commit the configuration changes.

commit
Return to user (operational) mode.

end
You can verify the state of the exporter. see Display exporter state from the CLI.

Applies To:

F5OS-A

System Monitoring Overview

Follow Us