Agility 2017 Hands-on Lab Guide

F5 Analytics
Presented by: Ashish Zalani
 Agility 2017 F5 Analytics Lab Guide

What’s inside

Introduction 1
Lab Environment Setup 1
Accessing the Lab Environment 2

Lab 1: Introduction to AVR 3

Configuring AVR to generate on-box Analytics reports 3
Understanding the setup 7
Viewing the Analytics data 9
Bonus Lab: 11

Lab 2: Integration with Splunk 12

Configuring Splunk to use the F5 Splunk app 12
Configuring the BIG-IP to send analytics data to Splunk 19
Understanding the setup 25
Viewing the Analytics Data in Splunk 27

f5.com i
 Agility 2017 F5 Analytics Lab Guide

Introduction

In this lab session, you will be introduced to a few different ways to gather,
visualize and analyze traffic information available on a BIG-IP platform. It is
assumed that you are familiar with the basics of setting up a BIG-IP device for
various ADC functions. Hence, in order to focus maximum time on the Analytics
portion of the lab, the lab environment has been setup with an HA pair of BIG-IP
Virtual Editions (VEs) that have been pre-configured for a few web applications.
Your task will be to configure the BIG-IPs to generate Analytics data so that you
may visualize and analyze this data.

Lab Environment Setup

In the interest of time, the following components have been setup with basic
configurations for you:

 Cloud-based lab environment complete with a Windows client, (2) BIG-IP

Virtual Editions (VEs), and a Linux Web Server.

 The Windows client is used as a jump host to access the BIG-IPs as well as
the Linux server. It also has a traffic generator, pre-configured to generate a
significant volume of traffic for the web applications.

 The BIG-IP Virtual Editions are running BIG-IP version 12.1.2 (HF2) and
have been pre-licensed and provisioned for Local Traffic Manager (LTM),
as well as Analytics Visibility and Reporting (AVR). The BIG-IPs have also
been paired together in an Active/Standby HA device cluster.

 The Linux server serves up a web application on multiple IP addresses

(used as pool members on the BIG-IPs). The server is also running an
instance of Splunk Enterprise version 6.3.9, which is used in the latter part
of the lab for gathering and visualizing Analytics data in Splunk.

f5.com 1
 Agility 2017 F5 Analytics Lab Guide

Accessing the Lab Environment

To access the lab environment, you will require a web browser and Remote
Desktop Protocol (RDP) client software. The web browser will be used to access
the Lab Training Portal to retrieve the IP address for your Windows jump host that
you will RDP into to access the entire lab environment.

1. Connect to the Training Portal (details provided by lab instructor)

2. Retrieve Windows jump box (Win7 Client) IP Address

3. Establish an RDP connection to your jump box with the IP address retrieved
from Step 2 and login with the following credentials:

 User: external_user

 Password: password

4. Launch Chrome from the desktop shortcut.

5. Click the bookmark (in the bookmark bar) for BIGIP_A

6. Login into BIG-IP Configuration Utility with the following credentials:

 User: admin

 Password: AgilityLab17

f5.com 2
 Agility 2017 F5 Analytics Lab Guide

Lab 1: Introduction to AVR

The Application Visibility and Reporting (AVR) module provides detailed charts
and graphs to give you more insight into the performance of web applications,
TCP traffic, DNS traffic, as well as system performance (CPU, memory, etc.). You
can use this module to visualize the traffic being processed by your BIG-IP device,
and gain a better understanding of where the traffic is originating from (client IP
addresses / subnets as well as geographical regions), the nature and volume of
request and response traffic (Total Transactions as well as Average and Max
Transactions/sec), the most commonly requested URLs, Server Latency and
Page Load times, Virtual Server and Pool member performance, and many more
metrics. This lab will give you a brief introduction on how to setup the AVR module
to generate these charts / reports and how to visualize them on your BIG-IP.

Configuring AVR to generate on-box Analytics reports

In this lab, you will first configure an Analytics profile to attach to your existing
applications (Virtual Servers), and then generate some traffic for these
applications. You will then view the analytics graphs and charts on the BIG-IP to
gain more insight into the traffic patterns for incoming traffic for your applications.

You will perform all configuration tasks from the Windows jump box

On the Windows Jump box, open the Chrome browser, and then use the
bookmark in the bookmark bar to access BIGIP_A.

Login to the BIG-IP with these credentials:

Username: admin
Password: AgilityLab17

f5.com 3
 Agility 2017 F5 Analytics Lab Guide

Task 1 – Create a new Analytics profile and attach it to your Virtual Servers

1. Go to Local Traffic > Profiles > Analytics > HTTP Analytics.

2. Click Create

3. Click the Custom checkbox in the top-right

4. Type in Custom_HTTP_Analytics for the Profile Name

f5.com 4
 Agility 2017 F5 Analytics Lab Guide

5. Under the Statistics Gathering Configuration, checkmark the following

options:

a. Max TPS and Throughput

b. URLs
c. Countries
d. Client IP Addresses
e. User Agents

6. Leave Response Codes and Methods check-marked

7. Click Finished

8. Go to Local Traffic > Virtual Servers

9. Click on F5_Demo_HTTPS_VS

10. Use the pull-down menu to change the Configuration from Basic to
Advanced

f5.com 5
 Agility 2017 F5 Analytics Lab Guide

11. Scroll down and change the HTTP Analytics Profile from None to
Custom_HTTP_Analytics

12. Click Update at the bottom to save the Virtual Server configuration

13. Repeat Steps 8 – 12 for the F5_Demo_HTTP_VS as well.

Task 2 – Generate some traffic for your applications

1. Minimize the Chrome browser window, and launch JMeter from the
Desktop shortcut

2. Once the Apache JMeter window opens, go to File > Open, and open the
F5_Analytics_Demo.jmx file

3. From the JMeter menu bar, click Run > Start

f5.com 6
 Agility 2017 F5 Analytics Lab Guide

Understanding the setup

While you wait for the traffic to be generated and sent to the BIG-IPs, and for AVR
to gather and analyze the data, let us use this time to explore the setup we have.

JMeter – Generating the user traffic

Apache JMeter is a traffic generator that we are using in this lab in order to
simulate user traffic, since we do not have any actual traffic hitting our applications
or BIG-IPs. In your own environment, you probably would not need to use JMeter,
since you presumably have actual users accessing your applications through your
BIG-IP devices.

AVR Module – Analyzing the user data.

The Application Visibility and Reporting (AVR) module is a built-in module that is
available on all BIG-IP platforms starting software version 11.x onwards. This is a
special module that does not need a separate license (it is included by default).
However, it does need to be provisioned as a module on your BIG-IP in order to
use it. You can verify that we have the module provisioned on our BIG-IPs by
going to the BIG-IP GUI (in the Chrome browser), and going to System >
Resource Provisioning, and verifying that AVR is provisioned (check marked
under the Provisioning column). In your own environment, you will need to
provision the AVR module on your BIG-IPs before you can use it. Note that
provisioning (or de-provisioning) any module will re-start some services on the
BIG-IP, which could disrupt some traffic, hence you may want to only do so during
a maintenance window.

BIG-IP Virtual Servers – randomizing the client source IPs and User Agents

Since we do not have actual user traffic in the lab environment, we have setup the
lab to simulate traffic originating from several different client source IP addresses
and HTTP User Agent strings. This allows us to get some more interesting

f5.com 7
 Agility 2017 F5 Analytics Lab Guide

reports for Analytics. The way this is accomplished is by using “proxy” Virtual
Servers (Src_IP_Randomizer_HTTP / Src_IP_Randomizer_HTTPS) which
intercept the incoming traffic from the Win7_Client, change the source IP to a
randomly chosen IP address, and then forward the request to the actual
application Virtual Server that will process the traffic. The application Virtual
Servers (F5_Demo_HTTP_VS / F5_Demo_HTTPS_VS) then further change the
HTTP User-Agent header to a randomly chosen value before forwarding the
request to the pool member (application web server). All of this is accomplished
via iRules attached to these Virtual Servers. We encourage you to take a look at
how the whole setup works by going to Local Traffic > Network Map. Look at the
configuration for the virtual servers named Src_IP_Randomizer_HTTP/HTTPS.
There is just a simple iRule (Src_IP_Randomizer / _HTTPS) attached to these.
Click on the iRule name to view its details. Similarly, view the
Src_UA_Randomizer iRule attached the application Virtual Servers. Ask the
instructor if you would like help understanding how these iRules work.

In order to see all this in action, open a new tab in the Chrome browser window,
and click on either the Demo1 (HTTP) or Demo2 (HTTPS) bookmarks in the
browser bookmark bar. When the page loads, scroll down to the HTTP Request
and Response Information section and click the link for Request and
Response Headers. Now refresh this page several times (Ctrl-Shift-R), and
observe the Client IP address/port field and the User-Agent field displayed on
the page, and notice how they change every time you refresh the page.

NOTE: in your own environment, you will not need to use these tricks to change
the client Source IPs and User Agent strings, since you would presumably have
traffic from actual users originating from different IP addresses and using different
HTTP User-Agent strings.

f5.com 8
 Agility 2017 F5 Analytics Lab Guide

Viewing the Analytics data

Task 3: Generate detailed charts and reports to visualize the analytics data

Once we have had some traffic received by the application Virtual Servers and
processed by the Analytics profile, we can now go in and view and analyze this
data.

1. In the BIG-IP GUI, go to Statistics > Analytics > HTTP > Overview

2. In the Override time range to pull-down menu at the top, change the
value to Last Hour

3. This page now shows you details about the traffic received by all the
Virtual Servers that had the HTTP Analytics profile attached.

f5.com 9
 Agility 2017 F5 Analytics Lab Guide

4. You can change the settings of any of the charts/graphs/tables by clicking

on the Settings button on the corresponding widget. You can also change
the chart type and the time range for any chart by clicking the Chart Type
or Time Range menus at the top of any widget. You can click on any
portion of a chart to view more details of the object you clicked on. You
can also click the View Details link in any chart to get a detailed chart.

5. You can move the widgets around and re-arrange the page by simply
dragging-and-dropping the widgets from the top-left corner of each widget.
add more widgets on the page by clicking the Add Widget button at the
bottom of the page.

f5.com 10
 Agility 2017 F5 Analytics Lab Guide

6. Similarly, you can modify the tables on the right side of the page, and add
another table by clicking the Add Widget button below the last table on
the right.

7. Once you have updated the page to show you the data you want, you can
create a report by clicking the Export button at the top-right of the page.

8. We encourage you to explore the different tabs (Overview, Transactions,

Latency, Throughput, etc.) on the page, and change the settings on
each page to view and analyze the data by various metrics.

Bonus Lab:

Similar to the HTTP Analytics profile that we used in this lab, create a custom TCP
Analytics profile, attach it to your virtual servers, generate some more traffic, and
then view the results in the Analytics pages on your BIG-IP.

f5.com 11
 Agility 2017 F5 Analytics Lab Guide

Lab 2: Integration with Splunk

Splunk is a 3rd-party Security Information and Event Management (SIEM) solution

that is used by a large number of organizations to assimilate information and
event logs from a large number of disparate sources, and store and analyze it
from a single central location in order to correlate data across all devices in the
organization.

In this lab, we will integrate our BIG-IPs to send data into Splunk, and use Splunk
to visualize and analyze the data from a single centralized location rather than
viewing/analyzing it on an individual BIG-IP.

Configuring Splunk to use the F5 Splunk app

In order to get Splunk to process and display Analytics data from your BIG-IPs,
you need to configure it to accept this data, parse and process it, and display it in
a meaningful way for you to get the most out of it. In order to help with this, F5
has written a Splunk app that is available as a free add-on to your Splunk
deployment. This F5 Analytics Splunk app can be downloaded from the
Splunkbase web-site here:

https://splunkbase.splunk.com/app/3161/

For your convenience, we have already downloaded this Splunk app onto the
Windows jump box, so we can just go ahead and install it within our Splunk
instance.

f5.com 12
 Agility 2017 F5 Analytics Lab Guide

Task 1: Install the F5 Splunk app in Splunk

1. In the Chrome browser on your Windows jump box, click the bookmark for
Splunk to launch the Splunk web UI

2. On the Splunk Enterprise splash page, click Skip update

3. In the Splunk Web GUI, click on the settings button next to Apps (on the
left) to Manage Apps

4. Click Install app from file

5. Click Choose File

6. In the file browser window, navigate to Desktop > Analytics Lab Files,
and choose the f5-networks-analytics-new_100.tgz file and click Open

f5.com 13
 Agility 2017 F5 Analytics Lab Guide

7. Click Upload

8. Once the upload is complete, you should see the F5 Networks app listed
in the Apps table, with the Status set to Enabled

9. Click the Splunk logo in the top-left to go to the start page. You should
now see the F5 Networks app listed on the left

f5.com 14
 Agility 2017 F5 Analytics Lab Guide

10. Now click the Settings menu in the top-right, and choose Data inputs

11. Click on HTTP Event Collector

12. Click on Global Settings in the top-right

13. In the Edit Global Settings window:

a. Click on Enabled for All Tokens

b. Ensure that Enable SSL is checked

f5.com 15
 Agility 2017 F5 Analytics Lab Guide

c. Ensure that HTTP Port Number is set to 8088

d. Click Save

14. Click New Token in the top-right

15. For the Name, enter F5-Analytics, and then Click Next > at the top

16. On the Input Settings page, scroll down till you see Default Index, and
then click the Create a new index link

f5.com 16
 Agility 2017 F5 Analytics Lab Guide

17. In the New Index window, enter f5-default for the Index Name, and click
Save

18. In the Select Allowed Indexes table, click f5-default to move it to

Selected item(s)

19. Click Review at the Top

20. Ensure your settings match those shown in the screenshot below, then
click Submit

f5.com 17
 Agility 2017 F5 Analytics Lab Guide

21. Once your token has been created, highlight the Token Value for the
newly created Token, and copy it to your clipboard (Ctrl-C or Right-click
> Copy). We will use this later.

NOTE: Your token value will be different from the one shown above

f5.com 18
 Agility 2017 F5 Analytics Lab Guide

22. Click on the Splunk logo in the top-left to go back to the Splunk start
page.

Configuring the BIG-IP to send analytics data to Splunk

In order to simplify the configuration of your BIG-IP to send Analytics data to

remote sources (including Splunk and/or BIG-IQ), F5 has created an iApp that
simplifies the process. Additionally, there is also a deployment guide that walks
you through the steps needed to configure the iApp. Details about the iApp and
deployment guide can be found on the Ask F5 Support site here:

https://support.f5.com/csp/article/K07859431

Note that the F5 Analytics iApp template itself does not ship with the product, but
can be downloaded from the F5 downloads site (https://downloads.f5.com).

For your convenience, we have already downloaded the iApp template on the
Windows jump box, so we can just import it into our BIG-IP.

Task 2: Import and configure the F5 Analytics iApp template on the BIG-IP

1. Open a new tab in your Chrome browser, and click on the bookmark for
BIGIP_A to connect to the BIG-IP GUI

2. Login using the following credentials:

Username: admin
Password: AgilityLab17

3. Go to iApps > Templates

4. Click Import in the top-right

f5.com 19
 Agility 2017 F5 Analytics Lab Guide

5. Click Choose File

6. Navigate to Desktop > Analytics Lab Files, and select the

f5.analytics.v3.7.0.tmpl file. Click Open

7. Click Upload

8. Once the file is finished uploading, you should see it listed in the iApp
Templates table.

9. Go to iApps > Application Services > Applications

f5.com 20
 Agility 2017 F5 Analytics Lab Guide

10. Click Create in the top-right

11. For the Name, enter F5-Analytics

12. From the Template pull-down menu, choose f5.analytics.v3.7.0

13. In the template configuration, in the Welcome to the f5 BIG-IP Analytics

iApp Template section, change the response for the Do you want to see
inline help? Question to No, do not show inline help.

f5.com 21
 Agility 2017 F5 Analytics Lab Guide

NOTE: If you are not familiar with what all the different settings refer to, you
may want to keep the inline help enabled. For now, we have disabled it just to
reduce the amount of additional text on the configuration screen.

14. Under the Information Sources section, set the following:

a. Data Format: Splunk

b. System Statistic: Yes
c. Module High Speed Logging Streams: Yes
d. Local System Logging (syslog): Yes
e. System SNMP Alerts: No
f. iHealth Snapshot Information: No
g. Facility Name: F5 Lab
h. Default Tenant: default
i. Role Based Access Controls: No

15. Under the Analytics System Configuration, enter the following:

a. IP Address or Hostname: 10.1.20.252

b. Port: 8088
c. Protocol: HTTPS
d. API Key: <paste the Token Value that you copied from Splunk>

f5.com 22
 Agility 2017 F5 Analytics Lab Guide

Leave other settings at their default values

16. Leave all settings under Module Log Stream Capture and Local
Logging Capture sections at their default values

17. Under Application Mapping, leave all settings at their default values,
except in the Mapping Table, enter the following:

a. Order: 10
b. Type: App Name
c. From: Virtual Name
d. Regex: (.*)_HTTP[S]*_VS
e. Action: Map
f. AppendPrefix: <leave blank>
g. DirectMapping: <leave blank>

18. Click Finished

f5.com 23
 Agility 2017 F5 Analytics Lab Guide

Task 3 – Generate some traffic for your applications

1. Minimize the Chrome browser window, and launch JMeter from the
Desktop shortcut

2. Once the Apache JMeter window opens, go to File > Open, and open the
F5_Analytics_Demo.jmx file

3. From the JMeter menu bar, click Run > Start

f5.com 24
 Agility 2017 F5 Analytics Lab Guide

Understanding the setup

While you wait for the traffic to be generated and sent to the BIG-IPs, and for
Splunk to gather and analyze the data, let us explore the setup for this lab.

F5.analytics iApp on BIG-IP

This iApp template is designed to gather a large number of statistics and event
information from a variety of different sources, and export the data to different
kinds of data collectors / SIEM systems. The sources of information that the iApp
gathers include system performance metrics (CPU, memory usage, throughput,
connection rates, etc.), tmstats (statistics collected by the Traffic Management
Microkernel / TMM regarding the traffic that is being handled/processed by TMM),
event logs (from the /var/log directory), SNMP trap-related information, and AVR
data. The options in the iApp allow the user fine-grained control on what data will
be collected and bundled up to be sent to external receivers. Further, the iApp
also provides the ability to customize the output format for different receivers,
including F5 BIG-IQ, Splunk, as well as other 3rd-party systems. Lastly, the iApp
provides for options to group together and/or map different pieces of information
(Virtual Servers and their associated objects, etc.) into Facilities (e.g. data
centers), tenants (for multi-tenant environments), and applications, where a single
application could consist of multiple virtual servers (for example, a web application
could consist of both, an HTTP and an HTTPS virtual server that serve the host
the same application). This application mapping can also be applied across
multiple BIG-IPs so that the same application hosted in different locations can be
grouped together under a single application name. For more details on the iApp,
please see the iApp Deployment Guide, which can be found here:

https://www.f5.com/pdf/deployment-guides/f5-analytics-dg.pdf

f5.com 25
 Agility 2017 F5 Analytics Lab Guide

F5 Networks Splunk App for Splunk

Splunk is a very popular Security Information and Event Management (SIEM)

system that has the ability to accept statistics and event data from a large variety
of sources, and visualize and display it in a meaningful way to allow an end-user
to be able to view events and metrics across multiple devices from a single-pane-
of-glass view. Additionally, Splunk allows add-on applications to be integrated into
the Splunk deployment in order to allow customized processing and display of
data from various sources. The F5 Networks Splunk app is just such an add-on
that was created by F5 to allow customized processing of data from F5 BIG-IP
devices, and to produce easy-to-use dashboards that analyze and present the
data in meaningful charts and graphs.

The data presented in the F5 Networks Splunk app includes a lot of data that
cannot be easily visualized on a BIG-IP, such as tmstats information, virtual server
and pool member health stats, system performance information, and even syslog
event information. Additionally, this app provides the ability to collate and present
data across multiple BIG-IP devices, even BIG-IPs in different locations, allowing
a user to view all their devices and their data in one single central location, rather
than having to view it separately on each individual BIG-IP device.

Configuration options for F5.analytics iApp and F5 Networks Splunk app

Note that this lab guide walks you through some simple setup options for both, the
Splunk app as well as the iApp, in order to help you get up-and-running quickly.
However, these configuration options are by no means the only way to configure
these. To get a better understanding of all the configuration options we ask that
you refer to the F5 analytics iApp deployment guide referenced earlier which also
has a section on configuring the Splunk app.

f5.com 26
 Agility 2017 F5 Analytics Lab Guide

Viewing the Analytics Data in Splunk

Task 4: Visualize the analytics data in Splunk

1. In your Chrome browser window, open a new tab, and click on the Splunk
bookmark to launch the Splunk Web UI

2. In Splunk, click on the F5 Networks app on the left to launch the F5

Splunk app

3. On the Home tab of the F5 Splunk app, change the Time pull-down to
Last 60 minutes

f5.com 27
 Agility 2017 F5 Analytics Lab Guide

4. Note that some of the widgets like Non-Responding Hosts or Expiring

SSL Certificates may show No results found. This is because there is
nothing to report for these metrics in this lab environment.

5. Scroll down to view other widgets. You may find that your BIG-IP devices
are shown under the Unhealthy Devices and/or the F5_Demo application
is shown in the Unhealthy Applications. Let’s investigate:

6. Click on the Lab_HA_Pair device group under Unhealthy Devices. This

will open a new browser tab and take you to the Device Cluster
Drilldown dashboard. Here you can see a number of different metrics that
contribute to the overall device health score.

7. Just under the Overview table showing the scores on different metrics,
you can also see a table showing the Device Status, with details on the
devices included in the group

8. If your devices had any error conditions that generated some Diagnostic
information, you could see that in the Diagnostics section.

f5.com 28
 Agility 2017 F5 Analytics Lab Guide

9. Now click on the System Performance tab. This will show you details on
the CPU and Memory usage of your BIG-IP devices, including a
breakdown of processes consuming the most amount of CPU or memory

10. Next, click on Interface Status & Statistics. This will show you detailed
Interface and VLAN stats. You can change the options in the pull-down
menus to view different information.

11. Next, click on the Events tab. This tab shows you Syslog events, with a
time-chart of when different kinds of events occurred. If you see any

f5.com 29
 Agility 2017 F5 Analytics Lab Guide

colored squares in the bigip.syslog.pool.statechange syslog table, click on

those squares. If you then scroll down, you will see the actual syslog
messages from whatever was happening at that time

12. Feel free to explore the other tabs as well to view additional information

13. Now, let us look at our applications to view more details about them. In the
red menu bar at the top, click on Application > Application Dashboard.

14. This will show you a listing of all the applications across all your BIG-IPs,
based on the application grouping and mappings that you defined in the
f5.analytics iApp on the BIG-IP. In our case, we just have a single
application. Click on the F5_Demo application name to go into the
Application Drilldown dashboard

f5.com 30
 Agility 2017 F5 Analytics Lab Guide

15. The Application Drilldown dashboard shows you a lot of detailed statistics
about your application(s). You can view the various metrics for your
application(s) on the Overview tab. To get more details, you can click the
link for the View in Application Health Dashboard, which will give you even
more detailed metrics and charts that are used in calculating the health
scores for the various metrics:

16. In the Application Health Dashboard that opens up in a new browser tab,
you can view the various metrics as well as charts for those metrics that
make up the overall Application Health score

17. Now go back to the browser tab for the Application Drilldown
dashboard, and then click on the Application Resources tab. This tab
shows you various components that make up your applications, including
the facility, virtual servers, pools, pool members, and even iRules. In our
case, our F5_Demo application is hosted in a single Facility (F5 Lab), and
is made up of 2 Virtual Servers: F5_Demo_HTTP_VS and
F5_Demo_HTTPS_VS. Each virtual server has its own pool with their

f5.com 31
 Agility 2017 F5 Analytics Lab Guide

corresponding pool members. You can view details for all these
components in the tables below.

18. Next, click on the Traffic Overview, Latency, & Analytics tab. This tab
shows you detailed traffic-related stats, similar to the data available via the
AVR charts and reports you saw in Lab 1.

19. Next, click on the Client Visibility tab. This tab provides a lot of visibility
into the traffic between the end-clients and the BIG-IP, including
connection stats, throughput information, TCP stats, HTTP information
(HTTP requests, HTTP version, HTTP compression info, etc.), SSL
information (SSL throughput, SSL protocol info, ciphers, SSL
renegotiations, etc.). Similarly, the Server Visibility tab provides similar
information for the traffic between the BIG-IPs and the back-end
application servers.

20. The Pool Statistics tab provides details on the various pools and pool
members across all the BIG-IPs and each application / virtual server on
each BIG-IP.

21. Feel free to explore other tabs including the System Performance and
the Alerts and Logs tabs.

This concludes all the lab steps for the Splunk Integration lab. Feel free to
explore other portions of the F5 Splunk app, or try out other settings in the
f5.analytics iApp. Note that this lab environment does not include other F5
modules (DNS/GTM, AFM, ASM, or APM). However, if you have these other
modules enabled on your BIG-IP devices in your own environment, you can
view data for these modules as well in the F5 Splunk app.

The End

f5.com 32
 F5 Networks, Inc. | f5.com

US Headquarters: 401 Elliott Ave W, Seattle, WA 98119 | 888-882-4447 // Americas: [email protected] // Asia-Pacific: [email protected] // Europe/Middle East/Africa: [email protected] // Japan: f5j [email protected]
©2017 F5 Networks, Inc. All rights reserved. F5, F5 Networks, and the F5 logo are trademarks of F5 Networks, Inc. in the U.S. and in certain other countries. Other F5 trademarks are identified at f5.com. Any other products,
services, or company names referenced herein may be trademarks of their respective owners with no endorsement or affiliation, express or implied, claimed by F5. These training m aterials and documentation are
F5 Confidential Information and are subject to the F5 Networks Reseller Agreement. You may not share these training materials and documentation with any third party without the express written permission of F5.