Bug ID 925161: Errors with Access Remote Logging configuration on BIG-IQ

Last Modified: May 03, 2021

Bug Tracker

Affected Product:  See more info
BIG-IQ Access(all modules)

Known Affected Versions:
7.1.0, 7.1.0.1, 7.1.0.2, 7.1.0.3, 7.1.6, 7.1.6.1, 7.1.7, 7.1.7.1, 7.1.7.2, 7.1.8, 7.1.8.1, 7.1.8.2, 7.1.8.3, 7.1.8.4, 7.1.8.5, 7.1.9, 7.1.9.7, 7.1.9.8, 7.1.9.9

Opened: Jul 07, 2020
Severity: 2-Critical

Symptoms

After you click the 'Configure' button on the Monitoring > DASHBOARDS >> Access >> Remote Logging Configuration page, you see the following text displayed under the 'Status' column: "Failed - Failed to create Access-Remote-Syslog-Node-x.x.x.x"

Impact

Access Remote Logging remains in an error state. As a result, Access Policy Manager (APM) logs will not aggregate in the BIG-IQ. APM logs are the primary source of data for Access dashboards and are used to record and monitor Access statistics. The Access dashboards in BIG-IQ will fail to display data. For example, Monitoring >> DASHBOARDS >> Access >> Access Summary displays "No Data Available" under the chart "Access Sessions Over Time."

Conditions

This happens when a managed BIG-IP device is configured for ASM Remote Logging, and you attempt to configure Access Remote Logging on BIG-IQ using the following steps: 1. Navigate to the Monitoring >> DASHBOARDS >> Access >> Remote Logging Configuration. 2. Select the check box next to a managed BIG-IP device to enable remote logging on that device. 2. Click the 'Configure' button.

Workaround

You will need to reconfigure Access Remote Logging directly on the managed BIG-IP device. For more information, follow the steps for configuring APM Remote Logging in the BIG-IP guide of the relevant version. For example, for BIG-IP version 15.1.0 devices, see https://techdocs.f5.com/en-us/bigip-15-1-0/big-ip-access-policy-manager-portal-access/logging-and-reporting.html You might also need to enable two additional settings from the managed BIG-IP device using the below API calls. 1. Policy Tracing BIG-IP API : /mgmt/tm/sys/db/tmm.access.policytrace PATCH with { "value" : "enabled" } Policy trace is a dB variable which, when enabled, logs policy trace messages on the managed BIG-IP device. This log message is used to generate Denied Reasons and Authentication Failure reports. 2. VPN Statistics BIG-IP API: /mgmt/tm/sys/db/vpn.logstats PATCH with { "value" : "enabled" } VPN stats is a dB variable that needs to be enabled to received Bytes Transferred log message for VPN Sessions. These log messages are generated periodically.

Fix Information

None

Behavior Change