APM Cookbook: Monitoring APM

I have a customer who recently needed to monitor the APM logon page but noticed the default HTTP monitor was eating up APM access sessions. To address this issue we need the HTTP monitor to retain the MRHSession cookie as it follows the redirect from / to /my.policy. After the monitor determines the health of the APM logon page it needs to also access the logout page to delete it's current access session.

To accomplish this we can use the cookie jar option in curl:
-c create the cookie jar
-b uses an existing cookie jar

We also tell curl to follow redirects with the -L argument.

In the example code below the monitor is looking for the F5 licensing statement at the bottom of the APM logon page. If you've customized the APM logon page this monitor can easily be modified to fit your specific requirements.

#!/bin/sh
#
# (c) Copyright 1996-2014 F5 Networks, Inc.
#
# This software is confidential and may contain trade secrets that are the
# property of F5 Networks, Inc.  No part of the software may be disclosed
# to other parties without the express written consent of F5 Networks, Inc.
# It is against the law to copy the software.  No part of the software may
# be reproduced, transmitted, or distributed in any form or by any means,
# electronic or mechanical, including photocopying, recording, or information
# storage and retrieval systems, for any purpose without the express written
# permission of F5 Networks, Inc.  Our services are only available for legal
# users of the program, for instance in the event that we extend our services
# by offering the updating of files via the Internet.
#
# @(#) $Id: http_monitor_cURL+GET,v 1.0 2007/06/28 16:10:15 deb Exp $
# (based on sample_monitor,v 1.3 2005/02/04 18:47:17 saxon)
#
# these arguments supplied automatically for all external monitors:
# $1 = IP (IPv6 notation. IPv4 addresses are passed in the form 
#                         ::ffff:w.x.y.z
#                         where "w.x.y.z" is the IPv4 address)
# $2 = port (decimal, host byte order)
#

# remove IPv6/IPv4 compatibility prefix (LTM passes addresses in IPv6 format)
IP=`echo ${1} | sed 's/::ffff://'`
PORT=${2}

PIDFILE="/var/run/`basename ${0}`.${IP}_${PORT}.pid"
# kill of the last instance of this monitor if hung and log current pid
if [ -f $PIDFILE ]
then
   echo "EAV exceeded runtime needed to kill ${IP}:${PORT}" | logger -p local0.error
   kill -9 `cat $PIDFILE` > /dev/null 2>&1
fi
echo "$$" > $PIDFILE

# send request & check for expected response
curl -Lsk https://${IP}:${PORT} -c cookiejar.txt | grep "This product is licensed from F5 Networks" > /dev/null

# mark node UP if expected response was received
if [ $? -eq 0 ]
then
    rm -f $PIDFILE
    echo "UP"
else
    rm -f $PIDFILE
fi

# delete APM session
curl -Lsk https://${IP}:${PORT}/my.logout.php3 -b cookiejar.txt > /dev/null
exit

You can save this monitor to your F5 by following SOL13423 and for information on implementing external monitors click here.

Updated Jun 06, 2023
Version 2.0
application delivery
availability
BIG-IP Access Policy Manager (APM)
BIG-IP DNS
LTM
security
  • chuffaker_11557's avatar
    chuffaker_11557
    Icon for Nimbostratus rankNimbostratus
    Aug 21, 2014
    Cody - It was great to see you at F5 Agility 2014.... You cleared up a lot of things in my head! Wait, that's not possible!