How to: Configure remote logging using instance API¶
BIG-IP Next Central Manager allows you to configure remote log consumers for a specific BIG-IP Next instance, allowing you to stream the instance’s logs to remote log servers.
Note: This procedure is for remote logging of instance logs only.
The procedure below describes to connect to a BIG-IP Next instance API using your BIG-IP Next Central Manager management credentials.
Prerequisites¶
BIG-IP Next VE or VELOS instance
Postman or a similar REST API client
Download a Postman collection from MyF5.
Management credentials for the instance. These credentials are the username and password added when the instance was created on BIG-IP Next Central Manager.
The management IP address and port number for the BIG-IP Next instance
The remote log destination (example: Splunk) is configured to received logs from BIG-IP Next:
Ensure you have the remote log server hostname, IP address, and port number.
Ensure you have the remote log server private key, SSL certificate, and root CA.
Create log consumer service using BIG-IP Next instance API¶
To log in to a BIG-IP Next instance using the BIG-IP Next Central Manager credentials, send a POST request to the API endpoint /api/v1/login
with the details outlined in the procedure below.
Request authenication token from instance API¶
Before you configure remote streaming, you first need to log in to the BIG-IP Next instance API.
The procedure below is an example of how to request a token using a Linux machine and saving the token as a variable.
Set your variables for requesting an authentication token:
Set the username that will be used to authenticate to the BIG-IP Next instnace, the default is admin-cm. This username was created when the BIG-IP was discovered by the BIG-IP Next Central Manager
username=<admin-cm>
Set the password for your username:
password=<password>
Set the IP address for the BIG-IP Next instance:
target=<IP_address_BIGIP>
Make an API request for an authentication token to connect directly to the BIG-IP Next instance. Ensure you include the instance port number within the API URL. The command will make a request for an authentication token and then use the jq command to filter out the token from the response and save the auth token to a variable.
token=$(curl -sk -u "${username}:${password}" https://${target}:5443/api/v1/login | jq -r '.token')
Check that the token variable is populated:
Note: This is optional, you can view the token and add it directly to the API request to connect to the instance.
echo $token
Once you have requested the token and added it as a variable (or copied), you send API requests to the BIG-IP Next instance.
Configure remote log consumers to the BIG-IP Next instance¶
To configure a remote telemetry log service on a BIG-IP Next instance send a PUT request to the API endpoint /api/v1/services
with the details of the log service in the body of the request.
Create request data file¶
Create a file contianing a JSON shown below. Modify the file and replace any occurance of
with the actual values for your environment.
Copy the JSON below and modify the
{
"name": "<Server Name>",
"analytics":
{
"servers":
[{
"serverType": "OtlpServer",
"hostname": "<FQDN>",
"port": "<Int_Server_Port>",
"associatedAddress": "<IP_Address>",
"tls": true,
"privateKey": "<RSA_PRIVATE_KEY>",
"certificate": "<Certificate>",
"rootCA": "<CA_Certificate>"
}]
}
}
This table explains the keys in the JSON request body:
Key |
Description |
---|---|
hostname |
Hostname of external logging service |
port |
Port number of external logging service |
assosciatedAddress |
IP address the external logging service |
private key |
Private key of external logging service |
certificate |
SSL certificate for remote logging service |
rootCA |
Root CA certificate |
Example: JSON body complete with values
The following is an example a JSON file with the request body data named example_log_service.json:
{
"name": "Petes Better than Tims Telemetry Service",
"analytics":
{
"servers":
[{
"serverType": "OtlpServer",
"hostname": "telemetry.example.com",
"port": 443,
"associatedAddress": "203.0.113.67",
"tls": true,
"privateKey": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIBAAKCAQEAyWOGuoEqmQhsY5gTCj/p2Kv8h9nmE1DYQmHOegK17SFDIhVw\nZsoBF5bqRGihpxOa8UW7fM+fsJK0rKkrdt5WpQQYT+74gh+/SyNystHwmqinYvX9\ndoQIKHHbvbte2FdSaco7XN52n0xp22eGQ/akDOd0gp/fLsbYZ9WzkmrxohgSIDPZ\n4PMUQXD9Ay+hkhm6ufedHSstFtRJ0Z1uWveqf2XT9y1WvvCNlBf1tyVsqFeA5Zsz\nH60z5kyp9QoXOeuhHvx90hzePnI4UbfECEUvFHXNjxDiCylhvop7i5cDfDpHytwh\nHslv8VlcUq+VIA9nQVuqAtLt4TC7x8tQKsVE+wIDAQABAoIBAQC5mznD0GHjMuk6\njSEXNDqg0DnpNwEeUkdOPvheaPsk9p/53MqAYbLJ+/QjYk+CPcZykbMvX+eshDly\nXGPLpTUz1udVXEi7HOlgJeaDOoxG7iN/SHn27c7a/7znS7YpK6mwCIvXlsy7GmEB\nrpMHNlyR7Avsi83VPbybTlC3JEtY+LSncCSQODFG3s4YnMGC1SOAEmQ/ewHCHesu\nvl3+ssW2AOkfh59eqo71k0P9QjvMF66OaxAdrdFw40nCy4oNnzeZjPchrHCn/2PQ\nt7BzoR3RcQsxDWBC78MGmnVV2iUCALw2xWQxLGxMLROQ7Ll9qY1lPo0FYUaPqpZV\nFRQHKktZAoGBAPRv2GcDCKyUn/Pi/rzj55Og2K4SufAPsYdxpHhjgsrWYAoI1/yN\nRq5EciwBJEx/zNe1fArSt6hMzWNyCa64cay+Oqkj9Azazkkj9Nhx6bwYlaR9mSWa\nlkcgg5KjSCgUe+SuaShtIku3/Y6r4UZrNK7qavwuA3j3AdDvui81HiivAoGBANLq\nXS+4tmgrsfXUv8i/Tr0qBhdrhTveytnAMoxZ5JpisXU/QLzKDsE/fXdZa9AZVjEU\n2pVCzwFtPMGUfwZptfs09+0S0Dj1rkBPATtL5DOY3ls/8WV1jfi0bLCHGYOOeYjO\nBkeFPJmv50VwlnpvnvNkrUV2YyrXb7v7abWoD2N1AoGARDHgAf1KsjtU1MoDn9dF\niF5blVUMIvl94ffGlv/MQaLFcIc/GuqfSYc3AyfeZKlTEOtFDA/1xTKIKrJqGSDE\nNhlsbDvnnp585tLtQGWnfB6vwRB5ZZBXVMixbHu5adUtK4OtOuYXp2BRkThKxUar\nkBE+f9Smi1z+WLhJDVqYa2kCgYEAjmU4IL3eOJo3fbby/D9ck43JqwomW3NhFH4U\nInmWQz0afgQEWvE34PRSar9ucIKKlHx1zovaYiYz/KWa1OONv1nVgLNQ7QPBbx1n\nwXbNTKCKjqSu/0bMYPq+3rd3XEBWgSxHRQYJEeGWjGUk0uiFMeHosZrp/MSSZSGq\nDsC2EvkCgYEAipv6hPaZb2incXUOyb9XL5FSrsYwA9jABJdTSKWxs1PwHz6ZXebo\nZBAJ5MKAWaA+BmjSsdGxE9Gw3orD1WaLY7ft83ZZyvMpsJ6bS5C/AKeD8m6AyN/E\n97ojrEOe5kxyWRrowdUKgyCxe7mNlfYrO6pFL08PzirnnjtXFbUS0w8=\n-----END RSA PRIVATE KEY-----\n",
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDoTCCAomgAwIBAgIUf+hXjNmW7NlMaJH6Nuo9omJgM7QwDQYJKoZIhvcNAQEL\nBQAwUDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcT\nB1NlYXR0bGUxCzAJBgNVBAoTAkY1MQ0wCwYDVQQLEwREZW1vMB4XDTIyMDgwMzEw\nNDIwMFoXDTI3MDgwMjEwNDIwMFowJTEjMCEGA1UEAxMaYmlnLWlwLW5leHQtMDEu\nZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJY4a6\ngSqZCGxjmBMKP+nYq/yH2eYTUNhCYc56ArXtIUMiFXBmygEXlupEaKGnE5rxRbt8\nz5+wkrSsqSt23lalBBhP7viCH79LI3Ky0fCaqKdi9f12hAgocdu9u17YV1Jpyjtc\n3nafTGnbZ4ZD9qQM53SCn98uxthn1bOSavGiGBIgM9ng8xRBcP0DL6GSGbq5950d\nKy0W1EnRnW5a96p/ZdP3LVa+8I2UF/W3JWyoV4DlmzMfrTPmTKn1Chc566Ee/H3S\nHN4+cjhRt8QIRS8Udc2PEOILKWG+inuLlwN8OkfK3CEeyW/xWVxSr5UgD2dBW6oC\n0u3hMLvHy1AqxUT7AgMBAAGjgZ0wgZowDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQM\nMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEVad1TOVk+dktOX\nD+LuuN+NLVeuMB8GA1UdIwQYMBaAFLXm/qrHcaCHWmM9WRCpBabFJ71LMCUGA1Ud\nEQQeMByCGmJpZy1pcC1uZXh0LTAxLmV4YW1wbGUuY29tMA0GCSqGSIb3DQEBCwUA\nA4IBAQDNwdYZb48WNwbsoqWtlgSDxbvUcrzxnJjxgIG5Em3ViDKWuzwts4X4UY/A\nHrbJjJ1q1F+Uc98AjW3AT50feFN9NEVD7wmdjZi7j5IUuuVvvVG8rTU+Z32BV4Pw\nofrK3P3gj1VM59vK+BmOpom20Ijr9JTJQKrD12Aq3g9i3XPotpRb9dGWCSiBLD3R\n+CJFg57LtNu6IRiyyUckrZg5h7FLiMGaCeELJvNlHx6zNcaTn9FtXNXwErAtoPot\ni86xNEUY47aC877um+27+lnHpBoQdMz/2sCYB6/1kFuFmgNy+zbzMmFUeNTy2G7I\nEp6d3PQbxWk6aykNEbqB2TKf0HLX\n-----END CERTIFICATE-----\n",
"rootCA": "-----BEGIN CERTIFICATE-----\nMIIDcDCCAligAwIBAgIUPFNWCFdiah1yJi8+j2b5CryNPLwwDQYJKoZIhvcNAQEL\nBQAwUDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcT\nB1NlYXR0bGUxCzAJBgNVBAoTAkY1MQ0wCwYDVQQLEwREZW1vMB4XDTIyMDgwMzEw\nNDAwMFoXDTI3MDgwMjEwNDAwMFowUDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldh\nc2hpbmd0b24xEDAOBgNVBAcTB1NlYXR0bGUxCzAJBgNVBAoTAkY1MQ0wCwYDVQQL\nEwREZW1vMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8vdRvLZr761D\nhIdQu+vi9senqQBqijcH+/7arF0zpLVY9vKU/gvgy1uiJ7D7FH8f/xESNT4lTKZ8\n+cMD2TD4q1mwlj5cy7BdyLwEs6Ok+GDxXZWYpsAItEaAJwbt0BBWszAEovQ/fWsb\nX1ZCmiNuihDLatk9mV5HZAuQ9nn0TMXcFelrygVrrn3WbPjT/gck7gY6+lZpHrcW\nmd0eIdU4XdkBGeEdH7wigAFIGvrSjh4FbnMnGLLTScWlceFUgQzQ/6uwJOGKFFh6\nWW7OBl1lOQU7yqJdjLuSj0fzDlqUjiwJeKbldTQXWElkd6DwRadHFA5TqapYwaDs\n22Ae1l0nRwIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB\n/zAdBgNVHQ4EFgQUteb+qsdxoIdaYz1ZEKkFpsUnvUswDQYJKoZIhvcNAQELBQAD\nggEBAIxEQElu1ldsZC/x+mn4DHig0DOcurZmpXY9cLOPG9woucB98z/eaW6uxWKD\nlC+3k+BAohKbjaCtipuELVFHUZXChnsZo3r2VVT3jdmc4kDB4rfMq/1cAWshr6UN\nMgwAyakSm/gVPe5UF3wBmfG3KHDmbjyhuUcihbpXB+Nz2qbIL0es11CGengesjKG\n5JgKmgOypsAknCEzpnHA9fX3BbhJP7bVOjZhWwMs1kJbcyVcXZ3Ytbpr0/g7dWLj\nrzs4OMZMzgzgXvrQ5big1crivFuZuaINxMpIz/ttif0+vOLkMGWe7RY8fNfq5HUp\nu6bGCaegJurMBkvLGE0gOJJAt9c=\n-----END CERTIFICATE-----\n"
}]
}
}
Make a request to a BIG-IP instance API by creating a logging service Use the request below:
Curl command uses the variables populated previouly
${token}: HTTP auth token expires after 5 minutes
${target}: IP address od BIG-IP instance
PUT body data from JSON file /var/tmp/example_log_service.json
curl -sk -H "Authorization: Bearer ${token}" -H "Content-Type: application/json" https://${target}:5443/api/v1/services -X PUT --upload-file /var/tmp/example_log_service.json | jq .
List all log services to see the new service: This command retrieves all the services and uses jq to filter name, id, and service details:
curl -sk -H "Authorization: Bearer ${token}" -H "Content-Type: application/json" https://${target}:5443/api/v1/services | jq '. | ._embedded.services[] | .name,.id,.analytics'
Sample output
The follwing BIG-IP instance API response shows three log services configured:
% curl -sk -H "Authorization: Bearer ${token}" -H "Content-Type: application/json" https://${target}:5443/api/v1/services | jq '. | ._embedded.services[] | .name,.id,.analytics'
"Petes Better than Tims Telemetry Service"
"b9150916-b032-4c84-b597-82d415416d8f"
{
"servers": [
{
"associatedAddress": "203.0.113.67",
"hostname": "telemetry.example.com",
"port": 443,
"serverType": "OtlpServer",
"tls": true
}
]
}
"Default Service"
"c3aeab15-3c8a-4d46-9a7f-31cd68d358d0"
{
"servers": [
{
"associatedAddress": "10.154.73.138",
"hostname": "server.ado.svc",
"port": 443,
"serverType": "OtlpServer",
"tls": true
}
]
}
"Tims Telemetry Service"
"f5f3b965-fa68-4232-a1fd-9c022e5e307b"
{
"servers": [
{
"associatedAddress": "192.0.2.10",
"hostname": "telemetry.example.com",
"port": 443,
"serverType": "OtlpServer",
"tls": true
}
]
}
Go to the remote logging server to access the logs from the BIG-IP Next instance.