07-Mar-2021 01:09
There is no logs received from ASM, how to solve it ?
And how to check the utilization?
Solved! Go to Solution.
07-Mar-2021 22:52
You can't view /var/log/ts/pabnagd.log?
Is it a permission issue, no bash access? Or you did not know where the file is located?
Did you check that your BIG-IP version is matching the versions listed in "Applies to (see versions):" in K93091504?
Also yesterday you mentioned that "mysql -uasm -p`perl -MF5::Cfg -e 'print F5::Cfg::get_mysql_password()'` -e "select COUNT(*) from PRX.REQUEST_LOG"" returned a count of 0. Did you recently update the box? Even in my lab machines I have a count of >1000.
07-Mar-2021 02:14
I think we need a bit more details.
Did it work before? Are you logging locally or remote? Both?
Are you logging violations only or all requests?
What kind of utilization do you want to check? Connections to the VS? CPU utilization on the BIG-IP device?
Some easy checks:
Best of luck
07-Mar-2021 02:21
Did it work before? yes, only today has been stopped
Are you logging locally or remote? Both? we have both , but the issue with local logs under Event log.
Are you logging violations only or all requests? we have different profile ( all request , illegal requests)
What kind of utilization do you want to check? Connections to the VS? CPU utilization on the BIG-IP device? i don't know of this issue related to utilization, i mean i wanna check the root cause of logs issue if it is because of memory/cpu or what.
07-Mar-2021 02:28
Ok, so remote logging is OK, but local logging is not fully OK.
Check for stuck daemons and check if the event logs are in the MySQL db.
For CPU / Memory utilization follow this KB
07-Mar-2021 02:30
Is there any command to check the stuck deamons?
07-Mar-2021
02:42
- last edited on
04-Jun-2023
21:01
by
JimmyPackets
Try
tmsh show sys service
07-Mar-2021 04:52
no asmlogd is listed when above command execute, but for asm is running.
07-Mar-2021
05:06
- last edited on
04-Jun-2023
21:01
by
JimmyPackets
Check like this
ps | grep asmlogd
tail -f var/log/ts/asmlogd.log
07-Mar-2021 05:12
I got sth like
9237 ? S< 308:12 /usr/bin/perl /usr/share/ts/bin/asmlogd
16505 pts/0 S+ 0:00 grep asmlogd
07-Mar-2021 05:46
Yes, this looks OK. At least it's running.
Do you see anything odd in the log?
Did you check the steps and values mentioned in K05372587 and K06821426?
07-Mar-2021 05:52
Also, since remote logging is working, there are two more simple checks you could perform.
07-Mar-2021 07:48
I have run below command
mysql -uasm -p`perl -MF5::Cfg -e 'print F5::Cfg::get_mysql_password()'` -e "select COUNT(*) from PRX.REQUEST_LOG"
In active node : count 0
and in standby : count 5xxx
so it seems the issue with the active node, i will try to offline the active node to double check.
07-Mar-2021 07:52
when the active node forced to be standby , the logs are display on the other node and works as expected. so the issue with the node, but how to investigate the root cause and how to solve it?
07-Mar-2021 08:39
I have mentioned a couple of steps above.
07-Mar-2021 10:30
restart asmlogd will cause any issue ?
pkill -f pabnagd
and pkill -f asmlogd
or better to use tmsh restart /sys service asm ?
07-Mar-2021 11:07
If this node is still in standby, it is safe to apply this procedure.
However, I am from the school that would rather like to figure out the root cause before I restart daemons. Did you find any log entry that points to a known bug, that can be worked around by restarting pabnagd and asmlogd?
07-Mar-2021 20:02
according to https://support.f5.com/csp/article/K93091504 it might be the issue ,
but i'm not able to view pabnagd.log to check if there is any warning.
However, in security > Event Logs > Application > Requests it display empty no message is displayed.
07-Mar-2021 22:52
You can't view /var/log/ts/pabnagd.log?
Is it a permission issue, no bash access? Or you did not know where the file is located?
Did you check that your BIG-IP version is matching the versions listed in "Applies to (see versions):" in K93091504?
Also yesterday you mentioned that "mysql -uasm -p`perl -MF5::Cfg -e 'print F5::Cfg::get_mysql_password()'` -e "select COUNT(*) from PRX.REQUEST_LOG"" returned a count of 0. Did you recently update the box? Even in my lab machines I have a count of >1000.
08-Mar-2021 09:42
@BLUE did you resolve the issue?
21-Mar-2021 22:09
yes the issue is fixed, many thanks for your support .
21-Mar-2021 23:11
Will you please share with us how you resolved the issue?
If any of my answer provided the solution, would you mind to mark it as best answer, so that this thread is marked as answered?