Default node monitor is not configured-f5-False

error
f5
best-practices
false
Default node monitor is not configured-f5-False
0

#1

Default node monitor is not configured-f5-False

Vendor: f5

OS: False

Description:
It is good practice to have a basic check for node monitors as it’s easier to fast establish correlations between multiple failing members during an outage. Indeni will alert when a device that supports node monitoring does not have it configured.

Remediation Steps:
Log in to the web interface. Click on “Local Traffic” -> “Nodes” -> “Default Monitor” and then assign a default monitor.
|This particular monitor should determine status on a node level and thus ICMP is recommended.
|
|Make sure to do this during a scheduled service window as a failed node monitor brings down all members that the node is associated to.

How does this work?
This alert uses the iControl REST interface to extract the default node monitors.

Why is this important?
It is good practice to have a basic check for node monitors as it’s easier to fast establish correlations between multiple failing members during an outage.

Without Indeni how would you find this?
Login to the device’s web interface and click on “Local Traffic” -> “Nodes” -> “Default Monitor”. This would show the default monitor configuration for nodes.

f5-rest-mgmt-tm-ltm-default-node-monitor

 #! META
name: f5-rest-mgmt-tm-ltm-default-node-monitor
description: Determine node default monitors
type: monitoring
monitoring_interval: 60 minutes
requires:
    vendor: "f5"
    product: "load-balancer"
    rest-api: "true"

#! COMMENTS
f5-default-node-monitor-configured:
    why: |
        It is good practice to have a basic check for node monitors as it's easier to fast establish correlations between multiple failing members during an outage.
    how: |
        This alert uses the iControl REST interface to extract the default node monitors.
    without-indeni: |
        Login to the device's web interface and click on "Local Traffic" -> "Nodes" -> "Default Monitor". This would show the default monitor configuration for nodes.
    can-with-snmp: fase
    can-with-syslog: false

#! REMOTE::HTTP
url: /mgmt/tm/ltm/default-node-monitor
protocol: HTTPS

#! PARSER::JSON

_metrics:

    - # Check if a default monitor has been configured
        _tags:
            "im.name":
                _constant: "f5-default-node-monitor-configured"
            "im.dstype.displaytype":
                _constant: "boolean"
        _temp:
            "monitorCount":
                _count: "$.rule"
        _transform:
            _value.complex:
                value: |
                    {
                        if(temp("monitorCount") > 0){
                            print "true"
                        } else {
                            print "false"
                        }
                    }

f5_compliance_check_default_node_monitor_configured

package com.indeni.server.rules.library.templatebased.f5.compliance

import com.indeni.server.rules.RuleContext
import com.indeni.server.rules.library.templates.SingleSnapshotComplianceCheckTemplateRule
case class F5ComplianceCheckDefaultNodeMonitorConfigured() extends SingleSnapshotComplianceCheckTemplateRule(
  ruleName = "f5_compliance_check_default_node_monitor_configured",
  ruleFriendlyName = "F5 Compliance Check: Default node monitor is not configured",
  ruleDescription = "It is good practice to have a basic check for node monitors as it's easier to fast establish correlations between multiple failing members during an outage. Indeni will alert when a device that supports node monitoring does not have it configured.",
  metricName = "f5-default-node-monitor-configured",
  parameterName = "Should Default Node Monitors Be Configured",
  parameterDescription = "If this is set to \"on\" or ticked, Indeni will alert when a device that supports node monitoring does not have it configured.",
  expectedValue = true,
  baseRemediationText = """Log in to the web interface. Click on "Local Traffic" -> "Nodes" -> "Default Monitor" and then assign a default monitor.
											 |This particular monitor should determine status on a node level and thus ICMP is recommended.
											 |
											 |Make sure to do this during a scheduled service window as a failed node monitor brings down all members that the node is associated to.""".stripMargin)()