With Enterprise Manager
, you can quickly get a general overview of the status of the devices in your network by viewing the status icons on the Device List screen. You access the Device List screen by clicking the Devices
link in the Enterprise Management
section of the Main tab on the navigation pane.
Status icons, defined in Table 11.1
, provide quick insight into the state of managed devices, because status icons indicate whether Enterprise Manager can successfully communicate with managed devices..
| || |
| || |Active Mode
Indicates that the device is enabled and that the Enterprise Manager can connect to the device.
| || |Standby Mode
Indicates that Enterprise Manager can connect to the device.
| || |Offline Mode
Indicates that the device is enabled, but offline, and that the Enterprise Manager cannot connect to the device.
| || |Forced Offline Mode
Indicates that only active connections to the device are allowed.
| || |Impaired
Indicates that there is a communication error, but the device can still receive updates.
| || |Maintenance Mode
Indicates that communication between Enterprise Manager and the managed device is disabled.
| || |Device Replacement Mode
Indicates that communication between Enterprise Manager and the managed device is disabled for the purpose of replacing the managed device.
| || |Unreachable
Indicates that Enterprise Manager cannot connect to the device. This could be due to many factors including a disconnected network cable, powered down or rebooting device, or network issues.
When Enterprise Manager cannot communicate with a managed device, the
status icon appears with a red X in the middle of the device icon. There are a variety of reasons that Enterprise Manager might not be able to communicate with a managed device: The device is rebooting, the management cable became disconnected, or the iControl port was closed or blocked. If you notice a device unreachable icon, you can try to remotely log into the device to further investigate the devices status.
One of the advantages of using Enterprise Manager for device management
is that you can monitor the progress of several management tasks at once. You can use the task list (see Figure 11.1
) to survey the status of running, completed, and pending tasks.
You can also use the task list as a starting point to finding additional
information about a particular task, or for setting up new tasks such as a software upgrade or rotating archive schedule.
The task list provides an overview of all tasks initiated by Enterprise
Manager. The task list provides information relevant to a task, including the overall progress of the task, and the task initialization time.
In the navigation pane, expand Enterprise Management
and click Tasks
So that you can track when upgrades, device discoveries, and configuration
archive management tasks occurred, a record remains in the task list. These records remain in the list until you delete them.
Check the box to the left of a completed task name, and click Delete
, located below the list.
Enterprise Manager deletes the task from the Enterprise Manager database, and removes the task from the task list.
When you click a task name in the task list, the Task Properties screen
opens. This screen gives you additional details about the task you selected, including any dependent jobs required to complete the overall task. Depending on the type of task you are looking at, the Task Properties screen displays the status of each individual device in a discovery task, software upgrade, or hotfix installation.
If errors occur in the task, you can click the Details
link in the Task Summary table to view even more detailed information and find suggestions about a particular job.
With Enterprise Manager as your network management appliance, you can
create alerts to help you better maintain the health of your network. For example, you can create custom system alerts to notify you or others if a device becomes unreachable by Enterprise Manager, upon completion or failure of a software or hotfix installation, or if a device system clock differs from the Enterprise Manager clock.
You can apply alerts to individual devices, or to a device group. You can
also create alerts for the Enterprise Management device itself, so that you can maintain the health of your management system.
Enterprise Manager can take actions on a wide variety of alerts that you can
use in managing your F5 Networks®
devices. The alerts that you can set include:
For systems that support statistics collection, you can create statistics data
threshold alert instances for which you can specify how long a statistic is out of range before the system triggers an alert.
When you manage redundant systems, Enterprise Manager monitors the
Active or Standby state of each peer device. The status icon in the Device list corresponds to the active/standby state of a device. When the status changes, the corresponding icon changes. However, if you want to immediately notify a user as soon as the active/standby status of a managed device changes, you can configure an alert.
If you take a device offline, or force it offline, the status icon in the Device
list reflects those changes. However, if you want to immediately notify a user as soon as the offline or forced offline status of a managed device changes, you can figure an alert.
When Enterprise Manager cannot properly collect all configuration data
from a device, but can still communicate with the device, the system changes the device status to Impaired.
For example, if you have an extremely long pool name, Enterprise Manager
may truncate this name in its database. This does not affect the pool on the managed device, but it does affect how the pool is presented in Enterprise Manager. You can still perform management tasks on the device, however, because the configuration is not completely represented, the device status is marked Impaired.
You can create an alert that immediately notifies a user if the status of a
managed device changes to Impaired so that the user can correct the situation.
Because Enterprise Manager authenticates itself to managed devices on the
iControl port through a certificate that it creates when it first discovers a device in the network, there are a variety of reasons for a device to be unreachable. For example, the connection could be interrupted if the managed device is rebooting, or if someone closed the management port, or removed the management cable. It is also possible that a system clock differential between Enterprise Manager and a managed device caused the management certificate to expire.
In addition to monitoring the Device list, you can create an alert to send a
notification when a device is unreachable, so the alert recipients can get the managed device back online. When configured, the system checks the connection every 10 minutes and triggers an alert if the device is unreachable.
Enterprise Manager can help you easily monitor certificates defined on
managed devices in your network. In addition to providing a broad overview of device certificates in the certificate list, you can also create a certificate expiration alert to trigger when a certificate expires or is within a specific number of days of expiration.
When you define an alert for certification expiration, you can specify how
many days in advance that you are notified, before the certificate expiration date occurs. We recommend that you select all possible thresholds for the alert (14 days, 7 days, 3 days, and 1 day from expiration) to ensure that you receive as many reminders as possible prior to certificate expiration.
When you start a software upgrade, hotfix installation, or attack signature
installation task, you may not be able to monitor the status of the task. For example, if you start an upgrade on multiple devices, it may not be feasible to manually check to see if a particular device is upgraded.
In addition to viewing all tasks from the Task List and detailed information
in the Task Properties screen to monitor progress, you can also create an software install completion or attack signature install completion alert to notify you or others when a specific device completes an upgrade or installation task.
When performing an upgrade, hotfix installation, or attack signature
installation task on several devices, you may not be able to closely monitor each job. For example, if you start an upgrade on multiple devices, you may not be able to manually check to see if a particular installation or upgrade failed.
In addition to viewing all tasks from the Task List Screen and detailed
information in the Task Properties screen to monitor progress, you can also create a software install failure or attack signature install failure alert to notify you or others if an upgrade or installation job fails. The user who receives the alert email can then investigate why the upgrade or installation failed, make corrections, and schedule a new task.
When Enterprise Manager adds a device to its managed Device list, it
creates a certificate that it uses to authenticate itself to the managed device. If the system clock of Enterprise Manager and the managed device are not synchronized within 15 minutes of each other, the management certificate becomes invalid. An invalid certificate on a device can result in Enterprise Manager losing management privileges for that device.
To prevent this scenario, you can set a clock skew alert that checks the
system clocks every 10 minutes and sends a notification if the Enterprise Manager and managed device system clocks are out of synch by a specific number of minutes. Then, the user who receives the alert can log on to the managed device and correct the system clock.
When you configure a rotating archive schedule, Enterprise Manager creates
a device configuration at the interval you specified. Because this is an automated process, you may not know if the configuration archive was created properly.
You can create a rotating archive failure alert to notify you or others
whenever a scheduled configuration archive process encounters an error. A user who receives an alert email can investigate why an archive was not created, or can manually create a configuration archive.
When you create alerts, you can specify delivery options for that alert. You
can also set a certain recipients email address, or a remote syslog server, to receive notifications for all alerts by default. Once these are set, Enterprise Manager sends alert notifications to the default email address you specified, or to the remote syslog server, unless the alert is configured to notify another recipient.
| |In the Email Recipient
box, type the default email address to use when you select email as an alert action.
: When you create an alert, you can specify a separate email address from the default email recipient address.
| |In the Syslog Server Address
box, type the IP address of the remote syslog server, if you want to use syslog events for alerting.
| |In the Maximum History Entries
box, type the number of history entries that you want Enterprise Manager to store in the Alert History list.
To help maintain the health of the Enterprise Manager device, you can
create system alerts to notify you when CPU, disk, or memory usage meets or exceeds a particular threshold.
| |For the Conditions
setting, check the boxes for the metrics that you want to track with alerts.
The screen displays threshold boxes for the conditions you selected.
| |In the EM Alert Action area, for Action
, select the type of action that you want Enterprise Manager to take when the values you specified for the thresholds are met or exceeded.
Creating an alert for a device or device group involves naming the alert,
defining the alert condition, setting the alert action, and assigning the alert to one or more devices. You can do this from the New Alert screen.
| |On the Main tab, expand Enterprise Management
, click Alerts
, and select Device Alerts
The Device Alerts list screen opens.
: Once you create the alert, you cannot change the name.
| |From the Alert Type
list, select the alert condition.
Depending on the type you select, the screen may change to provide additional options.
| |For the Action
setting, check the box next to the actions that you want Enterprise Manager to take when the alert is triggered.
| |For either the Devices
or Device Groups
setting, click a device or device group in the Available
box to select it.
| |Click Finished
The Device Alerts screen opens, and the new alert appears in the list.
The flexibility of alerts allows you to easily apply or remove existing alerts
for specified devices or device groups. You can also change the alert actions or email recipients for an alert. From the Device Alerts screen, click the name of an alert to open the Alert Properties screen.
| |On the Main tab, expand Enterprise Management
, click Alerts
, and select Device Alerts
The Device Alerts list screen opens.
If you no longer need an alert, you can delete the alert using the Device
Alerts screen. Once you remove an alert from the alert list, it no longer applies to any devices or groups that you assigned.