cancel
Showing results for 
Search instead for 
Did you mean: 

BIG-IQ 7.0 - Discovery Error for ASM Service - (java.lang.NullPointerException)

Dave311
Altocumulus
Altocumulus

I'm running BIG-IQ 7.0 and I'm unable to Discover the ASM module on 2 BIG-IP's, (running 12.1.2 and 13.1.0.4). LTM and DNS modules are discovered and configs imported with no issues. Below is the error messages from restjavad.0.log. Has anyone ever run into this issue? Thanks, Dave.

 

[INFO][04 Feb 2020 09:08:42 CST][/cm/security-shared/tasks/discover-config/60e17daf-bf8b-43b7-ab9f-340f8898271c/worker SharedDiscoveryTaskWorker] Discover: Elapsed times in mSec: GET_BIG_IP_INFO:2 GET_PROVISIONING_INFO:121 VERIFY_PROVISIONING:57 UPDATE_INPROCESS_STATE:66 WORKER_SPECIFIC_PREPROCESSING:66 CHECK_BULK_DISCOVERY_SUPPORT:58 DISCOVER_OBJECTS:2970 POST_DISCOVERY_PROCESSING:59 UPDATE_DISCOVERED_STATE:69 UPDATE_DEVICE:58 (Total 3526)

[ERROR][04 Feb 2020 09:08:44 CST][/cm/asm/tasks/discover-config/5cf10f82-3af1-4a7f-95e6-bcb2648b218c/worker AsmDiscoveryTaskWorker] java.lang.NullPointerException

at java.util.concurrent.ConcurrentHashMap.putVal(ConcurrentHashMap.java:1011)

at java.util.concurrent.ConcurrentHashMap.put(ConcurrentHashMap.java:1006)

at com.f5.rest.workers.asm.utils.ImportExportConversionUtil.addLocalAttackTypeSelfLinkToId(ImportExportConversionUtil.java:841)

at com.f5.rest.workers.asm.utils.AsmUtils$8.completed(AsmUtils.java:982)

at com.f5.rest.workers.asm.utils.AsmUtils$8.completed(AsmUtils.java:972)

at com.f5.rest.common.RestOperation.complete(RestOperation.java:2713)

at com.f5.rest.common.RestCollectionItemsLoadedCompletion.expandCollectionItems(RestCollectionItemsLoadedCompletion.java:128)

at com.f5.rest.common.RestCollectionItemsLoadedCompletion.completed(RestCollectionItemsLoadedCompletion.java:62)

at com.f5.rest.common.RestCollectionItemsLoadedCompletion.completed(RestCollectionItemsLoadedCompletion.java:25)

at com.f5.rest.common.RestOperation.complete(RestOperation.java:2713)

at com.f5.rest.workers.storage.StorageWorker$8.completed(StorageWorker.java:814)

at com.f5.rest.workers.storage.StorageWorker$8.completed(StorageWorker.java:810)

at com.f5.rest.workers.storage.TransactionRunnable$TxRunCompletion.run(TransactionRunnable.java:644)

at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)

at java.util.concurrent.FutureTask.run(FutureTask.java:266)

at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180)

at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)

at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)

at java.lang.Thread.run(Thread.java:748)

 

[ERROR][04 Feb 2020 09:08:44 CST][/cm/asm/tasks/discover-config/5cf10f82-3af1-4a7f-95e6-bcb2648b218c/worker AsmDiscoveryTaskWorker] no message: java.lang.NullPointerException

[ERROR][04 Feb 2020 09:08:44 CST][/cm/global/tasks/device-discovery/afd4319a-8114-49b1-be50-44b17031a007/worker DiscoverySuperTaskWorker] Failed to process module tasks for device xx-bigip-13.1.0.4.labs.wwtatc.local (10.253.x.x): At least one module has failed

[ERROR][04 Feb 2020 09:08:45 CST][/cm/global/tasks/device-discovery/afd4319a-8114-49b1-be50-44b17031a007/worker DiscoverySuperTaskWorker] Failed to process module tasks for device xx-bigip-13.1.0.4.labs.wwtatc.local (10.253.x.x): At least one module has failed

1 ACCEPTED SOLUTION
11 REPLIES 11

Pantelis
Nimbostratus
Nimbostratus

Hello there,

 

We are also experiencing the same issue, with version 14.1.2.x importing ASM into BIG-IQ 7.0.0.

 

I've engaged support, hopefully they will get back to us shortly with an answer.

 

--Pantelis

Dave311
Altocumulus
Altocumulus

Thanks Pantelis! Sharing the fix would be much appreciated once you find out. This issue is happening on an HA pair of BIG-IQ's with DCD as witness. I built a standalone BIG-IQ and it doesn't have this issue at all. Not sure if HA vs. standalone is related but just something I noticed.

Derek1
Nimbostratus
Nimbostratus

Same issue with BigIQ 7.01 with 3 x DCD, on BigIP ASM 14.1.2.. Please share the fix..

Thanks..

 

Also, anyone have experience how to use DCD as ASM log?

Also, anyone have experience how to use DCD as ASM log?  

after adding the DCD's in bigiq , you need to enable the services in each DCD.

there will 4 or 5 services, ACCESS, ASM(web applicaiton sercurity, DDOS, AFM, FPS

each service listen on specific port for ASM logs its 8514 tcp.

 

once enabled, in ASM create a new Logging profile with port 8514 and DCD IP.

Once logs sent to DCD, you can see very good report under BIGIQ - monitoring - web applicaiton -events also under reporting.

mf5
Nimbostratus
Nimbostratus

We faced the same issue, as we didn't have support we downgraded to 6.1.0. Please share the fix

Bilal
Nimbostratus
Nimbostratus

Also we have the same issue,strangely Big-IQ (7.0.0.1) could discover the ASM module on the first active but not on the standby.

Dave311
Altocumulus
Altocumulus

Hi all, checking back to see if anyone has had any luck with a fix? If so, when you have a chance please let us know. I will do the same. Our support contract is currently expired so pursuing a renewal so I can open a support case. Once I do, I will post results here. Thanks Guys!

ragunath154
Cirrus
Cirrus

i too added similar issue with bigiq 6.1.0 , f5 tag advised to increase my resources ie 4core 16Gb ram or 8core 32gb ram , after 4core 16gb ram ASM got imported

Dave311
Altocumulus
Altocumulus

thanks for the reply ragunath154! I'll increase resources in the lab and try it again.

Kyle_Oliver
F5 Employee
F5 Employee

Thanks Kyle, really appreciate the help! I tried the steps in the knowledge article and it didn’t work for me, however, it lead me down a path to a fix:

 

1) Deleted all the attack signatures on the CM (restcurl -X DELETE /cm/asm/attack-types/)

2) Discovered/Imported the ASM (12.x)

3) On CM, manually downloaded/installed the latest attack signature to make sure I was up to date.

4) Had to repeat the process again to discover/import the 13.x BIG-IP as it ran into same issue.