How to: Configure remote logging using instance API

**WARNING**: *This procedure should only be used if [How To: Configure remote logging on BIG-IP Next Central Manager](cm_how_to_remote_logging_gui.md) failed.*

BIG-IP Next Central Manager allows you to configure remote log consumers for a specific BIG-IP Next instance, allowing you to stream the instance’s logs to remote log servers.

Note: This procedure is for remote logging of instance logs only.

The procedure below describes to connect to a BIG-IP Next instance API using your BIG-IP Next Central Manager management credentials.

Prerequisites

  • BIG-IP Next VE or VELOS instance

  • Postman or a similar REST API client

  • Download a Postman collection from MyF5.

  • Management credentials for the instance. These credentials are the username and password added when the instance was created on BIG-IP Next Central Manager.

  • The management IP address and port number for the BIG-IP Next instance

  • The remote log destination (example: Splunk) is configured to received logs from BIG-IP Next:

    • Ensure you have the remote log server hostname, IP address, and port number.

    • Ensure you have the remote log server private key, SSL certificate, and root CA.

Create log consumer service using BIG-IP Next instance API

To log in to a BIG-IP Next instance using the BIG-IP Next Central Manager credentials, send a POST request to the API endpoint /api/v1/login with the details outlined in the procedure below.

Request authenication token from instance API

Before you configure remote streaming, you first need to log in to the BIG-IP Next instance API.

The procedure below is an example of how to request a token using a Linux machine and saving the token as a variable.

  1. Set your variables for requesting an authentication token:

    1. Set the username that will be used to authenticate to the BIG-IP Next instnace, the default is admin-cm. This username was created when the BIG-IP was discovered by the BIG-IP Next Central Manager

      username=<admin-cm>

    2. Set the password for your username:

      password=<password>

    3. Set the IP address for the BIG-IP Next instance:

       target=<IP_address_BIGIP>

  2. Make an API request for an authentication token to connect directly to the BIG-IP Next instance. Ensure you include the instance port number within the API URL. The command will make a request for an authentication token and then use the jq command to filter out the token from the response and save the auth token to a variable.

    token=$(curl -sk -u "${username}:${password}" https://${target}:5443/api/v1/login | jq -r '.token')

  3. Check that the token variable is populated:

    Note: This is optional, you can view the token and add it directly to the API request to connect to the instance.

    echo $token

Once you have requested the token and added it as a variable (or copied), you send API requests to the BIG-IP Next instance.

Configure remote log consumers to the BIG-IP Next instance

To configure a remote telemetry log service on a BIG-IP Next instance send a PUT request to the API endpoint /api/v1/services with the details of the log service in the body of the request.

Create request data file

  1. Create a file contianing a JSON shown below. Modify the file and replace any occurance of with the actual values for your environment.

Copy the JSON below and modify the values with your values:

{
    "name": "<Server Name>",
    "analytics":
    {
        "servers":
        [{
            "serverType": "OtlpServer",
            "hostname": "<FQDN>",
            "port": "<Int_Server_Port>",
            "associatedAddress": "<IP_Address>",
            "tls": true,
            "privateKey": "<RSA_PRIVATE_KEY>",
            "certificate": "<Certificate>",
            "rootCA": "<CA_Certificate>"
        }]
    }
}

This table explains the keys in the JSON request body:

Key

Description

hostname

Hostname of external logging service

port

Port number of external logging service

assosciatedAddress

IP address the external logging service

private key

Private key of external logging service

certificate

SSL certificate for remote logging service

rootCA

Root CA certificate
Example: JSON body complete with values

The following is an example a JSON file with the request body data named example_log_service.json:

{
    "name": "Petes Better than Tims Telemetry Service",
    "analytics":
    {
        "servers":
        [{
            "serverType": "OtlpServer",
            "hostname": "telemetry.example.com",
            "port": 443,
            "associatedAddress": "203.0.113.67",
            "tls": true,
            "privateKey": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIBAAKCAQEAyWOGuoEqmQhsY5gTCj/p2Kv8h9nmE1DYQmHOegK17SFDIhVw\nZsoBF5bqRGihpxOa8UW7fM+fsJK0rKkrdt5WpQQYT+74gh+/SyNystHwmqinYvX9\ndoQIKHHbvbte2FdSaco7XN52n0xp22eGQ/akDOd0gp/fLsbYZ9WzkmrxohgSIDPZ\n4PMUQXD9Ay+hkhm6ufedHSstFtRJ0Z1uWveqf2XT9y1WvvCNlBf1tyVsqFeA5Zsz\nH60z5kyp9QoXOeuhHvx90hzePnI4UbfECEUvFHXNjxDiCylhvop7i5cDfDpHytwh\nHslv8VlcUq+VIA9nQVuqAtLt4TC7x8tQKsVE+wIDAQABAoIBAQC5mznD0GHjMuk6\njSEXNDqg0DnpNwEeUkdOPvheaPsk9p/53MqAYbLJ+/QjYk+CPcZykbMvX+eshDly\nXGPLpTUz1udVXEi7HOlgJeaDOoxG7iN/SHn27c7a/7znS7YpK6mwCIvXlsy7GmEB\nrpMHNlyR7Avsi83VPbybTlC3JEtY+LSncCSQODFG3s4YnMGC1SOAEmQ/ewHCHesu\nvl3+ssW2AOkfh59eqo71k0P9QjvMF66OaxAdrdFw40nCy4oNnzeZjPchrHCn/2PQ\nt7BzoR3RcQsxDWBC78MGmnVV2iUCALw2xWQxLGxMLROQ7Ll9qY1lPo0FYUaPqpZV\nFRQHKktZAoGBAPRv2GcDCKyUn/Pi/rzj55Og2K4SufAPsYdxpHhjgsrWYAoI1/yN\nRq5EciwBJEx/zNe1fArSt6hMzWNyCa64cay+Oqkj9Azazkkj9Nhx6bwYlaR9mSWa\nlkcgg5KjSCgUe+SuaShtIku3/Y6r4UZrNK7qavwuA3j3AdDvui81HiivAoGBANLq\nXS+4tmgrsfXUv8i/Tr0qBhdrhTveytnAMoxZ5JpisXU/QLzKDsE/fXdZa9AZVjEU\n2pVCzwFtPMGUfwZptfs09+0S0Dj1rkBPATtL5DOY3ls/8WV1jfi0bLCHGYOOeYjO\nBkeFPJmv50VwlnpvnvNkrUV2YyrXb7v7abWoD2N1AoGARDHgAf1KsjtU1MoDn9dF\niF5blVUMIvl94ffGlv/MQaLFcIc/GuqfSYc3AyfeZKlTEOtFDA/1xTKIKrJqGSDE\nNhlsbDvnnp585tLtQGWnfB6vwRB5ZZBXVMixbHu5adUtK4OtOuYXp2BRkThKxUar\nkBE+f9Smi1z+WLhJDVqYa2kCgYEAjmU4IL3eOJo3fbby/D9ck43JqwomW3NhFH4U\nInmWQz0afgQEWvE34PRSar9ucIKKlHx1zovaYiYz/KWa1OONv1nVgLNQ7QPBbx1n\nwXbNTKCKjqSu/0bMYPq+3rd3XEBWgSxHRQYJEeGWjGUk0uiFMeHosZrp/MSSZSGq\nDsC2EvkCgYEAipv6hPaZb2incXUOyb9XL5FSrsYwA9jABJdTSKWxs1PwHz6ZXebo\nZBAJ5MKAWaA+BmjSsdGxE9Gw3orD1WaLY7ft83ZZyvMpsJ6bS5C/AKeD8m6AyN/E\n97ojrEOe5kxyWRrowdUKgyCxe7mNlfYrO6pFL08PzirnnjtXFbUS0w8=\n-----END RSA PRIVATE KEY-----\n",
            "certificate": "-----BEGIN CERTIFICATE-----\nMIIDoTCCAomgAwIBAgIUf+hXjNmW7NlMaJH6Nuo9omJgM7QwDQYJKoZIhvcNAQEL\nBQAwUDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcT\nB1NlYXR0bGUxCzAJBgNVBAoTAkY1MQ0wCwYDVQQLEwREZW1vMB4XDTIyMDgwMzEw\nNDIwMFoXDTI3MDgwMjEwNDIwMFowJTEjMCEGA1UEAxMaYmlnLWlwLW5leHQtMDEu\nZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJY4a6\ngSqZCGxjmBMKP+nYq/yH2eYTUNhCYc56ArXtIUMiFXBmygEXlupEaKGnE5rxRbt8\nz5+wkrSsqSt23lalBBhP7viCH79LI3Ky0fCaqKdi9f12hAgocdu9u17YV1Jpyjtc\n3nafTGnbZ4ZD9qQM53SCn98uxthn1bOSavGiGBIgM9ng8xRBcP0DL6GSGbq5950d\nKy0W1EnRnW5a96p/ZdP3LVa+8I2UF/W3JWyoV4DlmzMfrTPmTKn1Chc566Ee/H3S\nHN4+cjhRt8QIRS8Udc2PEOILKWG+inuLlwN8OkfK3CEeyW/xWVxSr5UgD2dBW6oC\n0u3hMLvHy1AqxUT7AgMBAAGjgZ0wgZowDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQM\nMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEVad1TOVk+dktOX\nD+LuuN+NLVeuMB8GA1UdIwQYMBaAFLXm/qrHcaCHWmM9WRCpBabFJ71LMCUGA1Ud\nEQQeMByCGmJpZy1pcC1uZXh0LTAxLmV4YW1wbGUuY29tMA0GCSqGSIb3DQEBCwUA\nA4IBAQDNwdYZb48WNwbsoqWtlgSDxbvUcrzxnJjxgIG5Em3ViDKWuzwts4X4UY/A\nHrbJjJ1q1F+Uc98AjW3AT50feFN9NEVD7wmdjZi7j5IUuuVvvVG8rTU+Z32BV4Pw\nofrK3P3gj1VM59vK+BmOpom20Ijr9JTJQKrD12Aq3g9i3XPotpRb9dGWCSiBLD3R\n+CJFg57LtNu6IRiyyUckrZg5h7FLiMGaCeELJvNlHx6zNcaTn9FtXNXwErAtoPot\ni86xNEUY47aC877um+27+lnHpBoQdMz/2sCYB6/1kFuFmgNy+zbzMmFUeNTy2G7I\nEp6d3PQbxWk6aykNEbqB2TKf0HLX\n-----END CERTIFICATE-----\n",
            "rootCA": "-----BEGIN CERTIFICATE-----\nMIIDcDCCAligAwIBAgIUPFNWCFdiah1yJi8+j2b5CryNPLwwDQYJKoZIhvcNAQEL\nBQAwUDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcT\nB1NlYXR0bGUxCzAJBgNVBAoTAkY1MQ0wCwYDVQQLEwREZW1vMB4XDTIyMDgwMzEw\nNDAwMFoXDTI3MDgwMjEwNDAwMFowUDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldh\nc2hpbmd0b24xEDAOBgNVBAcTB1NlYXR0bGUxCzAJBgNVBAoTAkY1MQ0wCwYDVQQL\nEwREZW1vMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8vdRvLZr761D\nhIdQu+vi9senqQBqijcH+/7arF0zpLVY9vKU/gvgy1uiJ7D7FH8f/xESNT4lTKZ8\n+cMD2TD4q1mwlj5cy7BdyLwEs6Ok+GDxXZWYpsAItEaAJwbt0BBWszAEovQ/fWsb\nX1ZCmiNuihDLatk9mV5HZAuQ9nn0TMXcFelrygVrrn3WbPjT/gck7gY6+lZpHrcW\nmd0eIdU4XdkBGeEdH7wigAFIGvrSjh4FbnMnGLLTScWlceFUgQzQ/6uwJOGKFFh6\nWW7OBl1lOQU7yqJdjLuSj0fzDlqUjiwJeKbldTQXWElkd6DwRadHFA5TqapYwaDs\n22Ae1l0nRwIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB\n/zAdBgNVHQ4EFgQUteb+qsdxoIdaYz1ZEKkFpsUnvUswDQYJKoZIhvcNAQELBQAD\nggEBAIxEQElu1ldsZC/x+mn4DHig0DOcurZmpXY9cLOPG9woucB98z/eaW6uxWKD\nlC+3k+BAohKbjaCtipuELVFHUZXChnsZo3r2VVT3jdmc4kDB4rfMq/1cAWshr6UN\nMgwAyakSm/gVPe5UF3wBmfG3KHDmbjyhuUcihbpXB+Nz2qbIL0es11CGengesjKG\n5JgKmgOypsAknCEzpnHA9fX3BbhJP7bVOjZhWwMs1kJbcyVcXZ3Ytbpr0/g7dWLj\nrzs4OMZMzgzgXvrQ5big1crivFuZuaINxMpIz/ttif0+vOLkMGWe7RY8fNfq5HUp\nu6bGCaegJurMBkvLGE0gOJJAt9c=\n-----END CERTIFICATE-----\n"
        }]
    }
}

  1. Make a request to a BIG-IP instance API by creating a logging service Use the request below:

  • Curl command uses the variables populated previouly

    • ${token}: HTTP auth token expires after 5 minutes

    • ${target}: IP address od BIG-IP instance

    • PUT body data from JSON file /var/tmp/example_log_service.json

curl -sk -H "Authorization: Bearer ${token}" -H "Content-Type: application/json" https://${target}:5443/api/v1/services -X PUT --upload-file /var/tmp/example_log_service.json | jq .

  1. List all log services to see the new service: This command retrieves all the services and uses jq to filter name, id, and service details:

curl -sk -H "Authorization: Bearer ${token}" -H "Content-Type: application/json" https://${target}:5443/api/v1/services | jq '. | ._embedded.services[] | .name,.id,.analytics'

Sample output

The follwing BIG-IP instance API response shows three log services configured:

% curl -sk -H "Authorization: Bearer ${token}" -H "Content-Type: application/json" https://${target}:5443/api/v1/services | jq '. | ._embedded.services[] | .name,.id,.analytics'

"Petes Better than Tims Telemetry Service"
"b9150916-b032-4c84-b597-82d415416d8f"
{
  "servers": [
    {
      "associatedAddress": "203.0.113.67",
      "hostname": "telemetry.example.com",
      "port": 443,
      "serverType": "OtlpServer",
      "tls": true
    }
  ]
}
"Default Service"
"c3aeab15-3c8a-4d46-9a7f-31cd68d358d0"
{
  "servers": [
    {
      "associatedAddress": "10.154.73.138",
      "hostname": "server.ado.svc",
      "port": 443,
      "serverType": "OtlpServer",
      "tls": true
    }
  ]
}
"Tims Telemetry Service"
"f5f3b965-fa68-4232-a1fd-9c022e5e307b"
{
  "servers": [
    {
      "associatedAddress": "192.0.2.10",
      "hostname": "telemetry.example.com",
      "port": 443,
      "serverType": "OtlpServer",
      "tls": true
    }
  ]
}

  1. Go to the remote logging server to access the logs from the BIG-IP Next instance.