Bug ID 708389: BADOS monitoring with Grafana requires admin privilege

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
13.1.0,,,,,, 14.0.0,,,,

Fixed In:

Opened: Mar 01, 2018

Severity: 3-Major


Current Grafana monitoring requires admin privilege. Grafana stores its internal database in unencrypted format, so the admin password can be extracted from a compromised computer.


Guest user cannot access data needed for Grafana.


Monitoring using Grafana.



Fix Information

There is now a REST call to pool the Grafana statistics. This allows any user (including guest), not just admin or root, to access data needed for Grafana.

Behavior Change

This release introduces the following tmsh commands: -- tmsh run util admdb - for help + list-element path_folder - lists folder + view-element path_file - view file contents + list-metrics path vs + table-query base_path db sRate tsfiles ts metric_columns_aliases The path must be under /shared/admdb, for example: -- run util admdb list-element /shared/admdb/default/_a_l_l -- run util admdb view-element /shared/admdb/default/_a_l_l/info.sysinfo/1000/1522229248000.txt -- run util admdb table-query /shared/admdb default 1000 '[1522233344000]' '[1522234774492,1522235074492]' '[["info.attack",["v0"],"Attack"],["sig.health",["v0"],"Health"],["info.learning",["v0"],"Learning"],["info.learning",["v2"],"Learned samples"]]'

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips