Last Modified: Nov 07, 2022
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4
Fixed In:
14.1.0, 14.0.0.5, 13.1.0.6
Opened: Mar 01, 2018 Severity: 3-Major
Current Grafana monitoring requires admin privilege. Grafana stores its internal database in unencrypted format, so the admin password can be extracted from a compromised computer.
Guest user cannot access data needed for Grafana.
Monitoring using Grafana.
None.
There is now a REST call to pool the Grafana statistics. This allows any user (including guest), not just admin or root, to access data needed for Grafana.
This release introduces the following tmsh commands: -- tmsh run util admdb - for help + list-element path_folder - lists folder + view-element path_file - view file contents + list-metrics path vs + table-query base_path db sRate tsfiles ts metric_columns_aliases The path must be under /shared/admdb, for example: -- run util admdb list-element /shared/admdb/default/_a_l_l -- run util admdb view-element /shared/admdb/default/_a_l_l/info.sysinfo/1000/1522229248000.txt -- run util admdb table-query /shared/admdb default 1000 '[1522233344000]' '[1522234774492,1522235074492]' '[["info.attack",["v0"],"Attack"],["sig.health",["v0"],"Health"],["info.learning",["v0"],"Learning"],["info.learning",["v2"],"Learned samples"]]'