Telemetry Streaming With AWS Cloudwatch

In this lab we will configure our Telemetry Streaming JSON declaration to establish a connection between our AWS consumer and our BIG-IP.

Exercise 1 - Login to AWS Cloudwatch

  1. Navigate to UDF class view

  2. Click on Cloud Accounts and copy the Console Username and Console Password (keep this tab open for the next section). Click the Console URL. Paste in the Console Username and Console Password.

    ../../_images/cw1.png

  3. Once logged in, click the Services dropdown, search and select Cloudwatch

    ../../_images/cw2.png

  4. On the left pane, under Logs select Log groups. Under the Actions dropdown select Create log group.

    ../../_images/cw3.png

  5. Name the log group (ie my_log_group) and select the Create log group blue button.

  6. Click on the log group you just created. Select Create Log Stream and name your log stream (ie my_log_stream)

    ../../_images/cw4.png

Exercise 2 - Edit the AWS Cloudwatch TS Declaration

  1. Navigate to UDF class view

  2. Click on Jumphost and login with the credentials from previous sections.

  3. Launch Postman

  4. Open the Collection titled Create AWS Cloudwatch Consumer. Open the AWS Cloudwatch request. Open the Body tab of the request

    ../../_images/cw5.png

  5. We will need to edit the My_Consumer. Go back to the Cloud Accounts tab you left open. Copy and paste the region. Edit logGroup to match your log group. Edit logStream to match your log stream. Edit username to match the API Key. Edit the cipherText to match the API Secret.

    ../../_images/cw1.png ../../_images/cw7.png

  6. Click the blue Send to POST the Telemetry Streaming declaration. Ensure a 200 OK response.

Exercise 3 - Generate Traffic on OpenCart

  1. From the UDF page, find the host named Traffic Gen and select Web Shell from the dropdown
  2. Type su for sudo user access. If prompted, the password is toor.
  3. Change director to /home/ec2-user
  4. Run ./baseline_menu.sh
  5. From the menu, choose 2) Alternate and let it run while you continue with the labs

Exercise 4 – View the logs in AWS Cloudwatch

  1. Navigate back to the UDF class view

  2. Log back into AWS Cloudwatch

  3. Navigate to the log stream you created.

  4. Notice that logs have been populated in the log stream.

    ../../_images/cw6.png

  5. Expand the log. Scroll down and you will find data on the virtual servers, pools, and various other objects.

Exercise 5 – Manipulate the Search

  1. On the left pane, select the subcategory Log Insights

    ../../_images/cw8.png

  2. Click into the Select log group(s) search bar and select your group. Then click the Run query button.

    ../../_images/cw9.png

  3. You can manipulate the search field with our examples.

    fields @timestamp, @message, system.hostname, system.cpu, system.tmmCpu
    | stats avg(system.cpu) as SystemCpu, avg(system.tmmCpu) as TmmCpu by bin(5m), system.hostname

    fields @timestamp, @message, system.hostname
     |parse @message "clientSideTraffic.bitsIn\":*," as clientsin
     |parse @message "clientSideTraffic.bitsOut\":*," as clientsout

  4. Paste the code blocks in and click Run Query