F5 Logo MyF5
Search
  1. MyF5 Home
  2. Knowledge Centers
  3. BIG-IQ Centralized Management
  4. F5 BIG-IQ Centralized Management: Monitoring and Reports
  5. Health monitoring and alerts using SMTP and SNMP alerts
Manual Chapter : Health monitoring and alerts using SMTP and SNMP alerts

Applies To:

Show Versions Show Versions

BIG-IQ Centralized Management

  • 5.3.0
Manual Chapter
Table of Contents | Next Chapter >>

Health and event monitoring using SMTP and SNMP alerts

You can use F5® BIG-IQ® Centralized Management to easily monitor the health of your managed devices, as well as BIG-IQ itself, using the following tools:

  • Simple Mail Transfer Protocol - SMTP is a standard for email transmission used for monitoring and alerting you to the health of devices in your network.
  • Simple Network Management Protocol - SNMP is an industry standard protocol for monitoring devices on IP networks. Once configured, the SNMP agent sends data collected from BIG-IQ Device to your third-party SNMP manager. BIG-IQ is compatible with SNMPv1, SNMPv2c, and SNMPv3.

After you configure SMTP and/or SNMP (which you typically do when you initially set up BIG-IQ), you can specify email recipients to receive alerts when certain events occur. These alerts are configurable; you can enable and disable them, and, for some alerts, you can set specific thresholds to prompt an alert.

Alerts for managed devices and suggestions for troubleshooting

You can specify these alerts to help you manage BIG-IP® devices from F5® BIG-IQ® Centralized Management.

Alert Enable if you want to know when Action (if applicable)
Certificate expiration A certificate for a BIG-IP device is within a specific number of days of expiring.
Certificate expired A certificate for a BIG-IP device has expired. Update the certificate so the BIG-IP device can continue to manage traffic.
  1. Click Configuration > LOCAL TRAFFIC > Certificate Management > Certificate & Keys .
  2. Click the name of the expired certificate.
  3. Click the Renew Certificate button.
DNS Sync failed A synchronization failed for the DNS synchronization group. Investigate and resolve the issue, then synchronize the group.

Some potential reasons for this error might be: A network error, a BIG-IP device in the DNS sync group is unavailable (down), and so forth.
Data Collection Device snapshot failed A snapshot for a Data Collection Device failed. Investigate and resolve the issue, then rerun the failed snapshot.
Device CPU above threshold The CPU usage for a BIG-IP device is over a specified threshold. Rebalance resources as needed.
Device backup failed A backup failed for a BIG-IP device. Investigate and resolve the issue, then rerun the failed backup.

Some potential reasons for this error might be: A network failure, not enough space for the backup, the device is unavailable (down), another BIG-IQ has discovered this device and is managing it, and so forth.
Device could not be assigned to a Data Collection device The maximum number of devices (200) has been assigned to a single Data Collection Device. If you want to assign more BIG-IP devices, you must add another Data Collection Device.
  1. Click System > BIG-IQ DATA COLLECTION > BIG-IQ Data Collection Devices .
  2. Click the Add button.
Device is low on memory The BIG-IP device is low on memory. Investigate and resolve the issue.
Device software version update is required A managed BIG-IP device is running a software version that is not compatible with the BIG-IQ software version. This could happen after you upgrade BIG-IQ. To manage this BIG-IP device from BIG-IQ, you must upgrade it to a compatible software version. For more information about that process, refer to the F5 BIG-IQ Centralized Management : Device Management guide.
Framework update required The framework for a BIG-IP device is not compatible with BIG-IQ. This could happen after you upgrade BIG-IQ or update a BIG-IP device to version 11.x. To manage the BIG-IP device from BIG-IQ, you must update its framework.
  1. Click Devices > BIG-IP DEVICES .
  2. Select the check box next to the device.
  3. Click the More button, and select Update Framework.
HA error There is an issue with communication between the peer BIG-IQ systems in an high availability configuration. Investigate and resolve the issue.

Some potential reasons for this error might be: A network failure, the peer is unavailable (down), and so forth.
License expired The license for a BIG-IP device has expired. For a BIG-IP device managed from BIG-IQ, reactivate and reinstall its license.
Note: BIG-IQ does not send alerts for unmanaged BIG-IP devices. If you have licensed a BIG-IP device you are not managing from BIG-IQ, you'll have to monitor the expiration dates directly on the BIG-IP device itself.
  1. Click Devices > LICENSE MANAGEMENT > Licenses .
  2. Click the name of the license.
  3. If the License Status doesn't display as Active, click the Reactivate button.
  4. Find the license assignment and click the Refresh button to reinstall the reactivated license.
Managed Device Available BIG-IQ successfully contacted a BIG-IP device.
Managed Device Unavailable BIG-IQ cannot reach a BIG-IP device. Check the health and status of the BIG-IP device, and resolve the issue.

Some potential reasons for this error might be: A network error, a BIG-IP device is offline for maintenance, another BIG-IQ has discovered this device and is managing it, and so forth.
Statistics Collection Agent update required A BIG-IP device has an older version of the stats agent installed. Update the stats agent for the BIG-IP device.
  1. Click Devices > BIG-IP DEVICES .
  2. Select the check box next to the device.
  3. Click the More button, and select Update Stats Agent.
Statics Collection did not happened when expected BIG-IQ has exceeded the time configured for the frequency of statistics collection for a device. The default is 60 seconds This could be caused by an expired license, communication issues, and so forth. To troubleshoot, take a look at the device.
  1. Click Devices > BIG-IP DEVICES .
  2. Click the name of the device.
  3. Look into any reported issues.
Used disk space is above threshold for a DCD The disk space on a DCD is running out. Take a look at your resources and adjust as needed.
Used disk space is above threshold for a device The disk space for a device is over a specified threshold. Check the BIG-IP device for non-critical files, such as old tcpdump, qkview, or core files. If you are uncertain about files to remove, contact F5 Technical Support for assistance.

Specify an SMTP server to send email alerts

You specify an SMTP server so F5® BIG-IQ® Centralized Management can send email to alert specified people when a certain condition happens, such as when an SSL certificate is about to expire.
  1. At the top of the screen, click System.
  2. On the left, click SMTP configuration.
  3. Near the top of the screen, click the Add button.
  4. In the Name field, type a name for this SMTP configuration.
  5. In the SMTP Server Host and SMTP Server Port fields, type the SMTP server and TCP port.
    By default, SMTP uses TCP 25.
  6. In the From Email Address field, type the email address from which to send the alert email.
  7. From the Encryption list, select the type of encryption to use for the email.
  8. To require a user name and password, from the Use Auth list, select Yes, and type the required user name and password.
  9. To verify that you can reach the server you configured, click the Test Connection button.
  10. Click the Save & Close button at the bottom of the screen.
You can now specify email recipients and set up the alert conditions that prompt BIG-IQ to send an email when a certain event happens on a managed device.

How do I set up BIG-IQ to work with SNMP?

Simple Network Management Protocol (SNMP) is an Internet-standard protocol for collecting and organizing information about managed devices on IP networks. You can set up BIG-IQ® to work with SNMP so you can receive alerts when certain things happen on a managed device.

To set up BIG-IQ to work with SNMP, you must:
  1. Set up the SNMP Agent
  2. Configure SNMP Access
  3. Specify settings for the SNMP Trap

Before you configure SNMP

Gather the following information before you start your SNMP configuration.

CONFIGURATION COMPONENT CONSIDERATIONS FOR MY CONFIGURATION
SNMP administrator contact information Find out or decide who is responsible for SNMP administration. The contact information is a MIB-II simple string variable.
Machine location Find out the location of the BIG-IQ system. The location is a MIB-II simple string variable.
BIG-IQ client allow list Gather the IP or network addresses (with netmasks) of the SNMP managers from which the SNMP agent will accept requests.
Access Find the OID for the top-most node of the SNMP tree to provide access to.
Community Get the v1 and v2c communities and the IP addresses of the SNMP managers you want to grant access to.
Users Get the v3 users you want to grant access to SNMP data, along with the privacy protocols and passwords, Community, Destination, and Port.

Configuring SNMP agent for sending alerts

This screen displays specified user addresses allowed to access your 3rd-party SNMP Manager BIG-IQ through the SNMP Agent. An agent can communicate with multiple managers, so you can configure BIG-IQ to support communications with one management station using the SNMP version1 protocol, one using the SNMP version 2C protocol, and another using SMNP version 3.

  1. At the top of the screen, click System.
  2. On the left, click .
  3. At the top of the screen, click the Download MIB button to download the F5-required MIBs.
  4. At the top of the screen, click Edit.
  5. Edit the Contact Information and Machine Location fields to reflect your SNMP agent settings and click the Save & Close button at the bottom of the screen.
  6. Click the Save & Close button at the bottom of the screen to save your changes.
  7. For the SNMP Access - Client Allowed List setting, click the Add button.
  8. In the Addresses/Networks and Mask fields, type the IP address and networks and the netmask (if applicable) that the SNMP manager is allowed to access.
  9. To add another address, click the plus ( + ) sign.
  10. Click the Save & Close button at the bottom of the screen.
You can now configure SNMP access and SNMP traps.

Configure Access and Traps for SNMP version 3 to send alerts

After you configure the SNMP agent, you can configure SNMP access and SNMP traps.
You configure SNMP access to allow the SNMP agent to accept requests from specific SNMP managers.
  1. At the top of the screen, click System.
  2. On the left, click LOCAL HOST SETTINGS > SNMP Configuration > SNMP Access (v3) .
  3. Click the Add button at the bottom of the screen.
  4. In the Name and User Name fields, type a name for this SNMP access and the user name.
  5. If you want to specify the authentication protocol for SNMP traps, from the Type list, select an option.
    • MD5 specifies digest algorithm.
    • SHA specifies secure hash algorithm.
  6. If you selected an authentication protocol, in the Password and Confirm Password fields, type and confirm the password for access.
    The password must be between 8 and 32 characters, include alphabetic, numeric, and special characters, but no control characters.
  7. If you want to encrypt the SNMP traps, from the Protocol list, select an option.
    • AES specifies Advanced Encryption Standard
    • DES specifies Data Encryption Standard
  8. If you selected a privacy protocol, in the Password and Confirm Password fields, type the password to use for authentication.
    Alternatively, you can select the Use Authentication Password check box to use the authentication password.
  9. In the OID field, type the object identifier (OID) you want to associate with this user.
  10. From the Access list, select an option:
    • Read Only - This user can only view the MIB.
    • Read/Write - This user can view and modify the MIB.
    The most secure access level or type takes precedence when there is a conflict. When you set the access level to read/write, and an individual data object has a read-only access type, access to the object remains read-only.
  11. Click the Save & Close button at the bottom of the screen to save your changes.
  12. On the left, click SNMP Traps.
  13. In the Name field, type a name for this SNMP trap.
  14. From the Version list, select V3.
  15. In the Destination and Port fields, type the IP address and the port for this trap destination.
  16. For the Security Level setting, select an option. Auth, No Privacy processes SNMP messages using authentication, but no encryption. Auth and Privacy processes SNMP messages using authentication and encryption.
  17. For the Security Name setting, specify the user name you want to use to handle SNMP version 3 traps.
  18. For the Engine ID setting, specify the unique identifier (snmpEngineID) of the remote SNMP protocol engine.
  19. In the Password and Confirm Password fields, type and confirm the password for the protocol.
  20. Click the Save & Close button at the bottom of the screen to save your changes.
You can now specify email recipients for alerts.

Configuring Access and Traps for SNMP version 1 and 2C to send alerts

After you configure the SNMP agent, you can configure SNMP access and SNMP traps.
You configure SNMP access to allow the SNMP agent to accept requests from specific SNMP managers.
  1. At the top of the screen, click System.
  2. On the left, LOCAL HOST SETTINGS > SNMP Configuration > SNMP Access (V1, V2C)
  3. At the top left of the screen, click the Add button.
  4. In the Name field, type the SNMP manager's user name.
  5. From the Type list, select the format for the IP address.
  6. In the Community field, type the community string (password) for access to the MIB.
  7. From the Source list, select a source or select Specify and type the source address for access to the MIB.
  8. In the OID field, type the object identifier (OID) you want to associate with this user.
  9. From the Access list, select an option:
    • Read Only - This user can only view the MIB.
    • Read/Write - This user can view and modify the MIB.
    The most secure access level or type takes precedence when there is a conflict. When you set the access level to read/write, and an individual data object has a read-only access type, access to the object remains read-only.
  10. Click the Save & Close button at the bottom of the screen to save your changes.
  11. On the left, click SNMP Traps.
  12. At the top left of the screen, click the Add button.
  13. In the Name field, type a name for this SNMP trap.
  14. In the Community, Destination, and Port fields, type, respectively, the community name, IP address, and port for the trap destination.
  15. Click the Save & Close button at the bottom of the screen.
You can now specify email recipients for alerts.

Add email recipients for SMTP and SNMP alerts

After you configure SMTP and/or SNMP, you can add email recipients.
Email recipients you add will get alert notifications when specified events happen on BIG-IQ or your managed devices
  1. At the top of the screen, click System.
  2. On the left, click LOCAL HOST SETTINGS > Email Notification Recipients .
  3. At the top left of the screen, click the Add button.
  4. In the Name the Email address fields, type the name and email address of the person you want to receive an alert.
  5. In the Description field, you can type an optional description to help identify this user.
  6. Select the check box next to each type of notification you want this user to receive an email about.
  7. To add another email recipient, click +.
  8. Click the Save & Close button at the bottom of the screen to save your changes.
You can now configure the alert settings that trigger BIG-IQ to send an email to the specified recipients.

How do I monitor SSL certificate expiration dates for my managed devices?

When you manage BIG-IP® devices that load balance SSL traffic, you must monitor their SSL traffic.

BIG-IQ® imports the certificates for every managed BIG-IP device you discover. This makes it easy to monitor the expiration dates all of your devices' SSL certificates from one location.

You can also:

  • Set up alerts to let you know when a certain certificate is about to expire within a specified number of days.
  • Download the data to a CSV file for reporting purposes.

Set up alert conditions that triggers BIG-IQ to send a notification

After you set up the SNMP and/or SMTP on F5 ®BIG-IQ® Centralized Management, you can select the alerts that prompt BIG-IQ to send an email to the people you specified.
  1. At the top of the screen, click Monitoring.
  2. On the left, click ALERTS & NOTIFICATIONS.
  3. At the top of the screen, click the Settings button.
  4. Select the Enabled check box next to each alert you want to receive and, if applicable, specify the Threshold.
    Only SNMP events specified as Yes are available for SNMP alerts. BIG-IQ uses SMTP for all other event types.
  5. Click the Save & Close button at the bottom of the screen.
Table of Contents | Next Chapter >>
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5 Networks, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information