# Report usage data to F5 (connected)


> Configure NGINX Plus to report usage data to F5 NGINX Instance Manager, and submit the report to F5 for verification in a connected (internet-accessible) environment.


**Note:** For disconnected environments, see [Report usage data to F5 (disconnected)](nim/licensing-and-reporting/report-usage-disconnected-deployment.md).

## Overview

In environments where F5 NGINX Instance Manager has internet access but NGINX Plus doesn't, NGINX Plus sends usage data to NGINX Instance Manager. NGINX Instance Manager automatically sends the usage reports to F5 for verification, or you can send them manually.

**If usage reporting fails, NGINX Plus stops processing traffic.** Previously reported instances are an exception — see [handling outages](#handling-outages) for details.

Use the steps below to configure NGINX Plus to report usage data to NGINX Instance Manager and submit the report to F5 for verification.

---

## Before you begin

Before submitting usage data to F5, open the required network ports and configure NGINX Plus to report to NGINX Instance Manager.

### Configure network ports for reporting usage

#### NGINX Instance Manager 2.22 and later

Open port 443 for `https://product.connect.nginx.com/api/nginx-usage/batch`.

**Note:** 
   There is no [Manual reporting](/nim/licensing-and-reporting/report-usage-connected-deployment.md#manual-reporting) option for connected mode in NGINX Instance Manager 2.22 and later versions (The "licensing page", "Enable Continuous Connection" toggle and "Send Usage to F5" button are not available).
   

#### NGINX Instance Manager 2.21 and earlier

Open port `443` for these URLs:

- `https://product.apis.f5.com/`
- `https://product-s.apis.f5.com/ee`

### Configure NGINX Plus to report usage to NGINX Instance Manager

To configure NGINX Plus (R33 and later) to report usage data to NGINX Instance Manager:

1. Allow NGINX Plus instances to connect to NGINX Instance Manager over HTTPS (TCP `443`).

1. On each NGINX Plus instance, set the [`usage_report`](https://nginx.org/en/docs/ngx_mgmt_module.html#usage_report) directive in the [`mgmt`](https://nginx.org/en/docs/ngx_mgmt_module.html) block of `/etc/nginx/nginx.conf` to point to your NGINX Instance Manager host:

    ```nginx
    mgmt {
     usage_report endpoint=<NGINX-INSTANCE-MANAGER-FQDN>;
    }
    ```

1. Reload NGINX:

    ``` bash
    systemctl reload nginx
    ```

**Note:** 
If you’re using self-signed certificates with NGINX Instance Manager,  
see [Configure SSL verification for self-signed certificates](nim/system-configuration/secure-traffic.md#configure-ssl-verify) for additional steps.

---

## Submit usage report to F5

### Automatic reporting

When you [add your JSON Web Token (JWT)](nim/licensing-and-reporting/add-license-connected-deployment.md) to NGINX Instance Manager, usage reporting is enabled by default. NGINX Instance Manager automatically reports subscription entitlement and usage data to F5.

### Manual reporting

**Note:** Report usage to F5 regularly. **If usage isn't reported for 180 days, NGINX Plus stops processing traffic**. See [About subscription licenses](solutions/about-subscription-licenses.md) for details.

To submit usage reports manually:

1. Log in to NGINX Instance Manager (`https://<NIM_FQDN>/ui/`).
1. Select the **Settings** (gear) icon.
1. On the **Licenses > Overview** page, turn off **Enable Continuous Connection**.
1. Select **Send Usage to F5**.

---

## What's reported

By default, NGINX Plus sends usage data to F5 every hour in a `POST` request. The report includes information such as traffic volume, runtime, and instance activity.  

Here’s an example of a usage report:

```json
{
    "version": "<nginx_version>",
    "uuid": "<nginx_uuid>",
    "nap": "<active/inactive>", // F5 WAF for NGINX status
    "http": {
        "client": {
            "received": 0, // bytes received
            "sent": 0,     // bytes sent
            "requests": 0  // HTTP requests processed
        },
        "upstream": {
            "received": 0, // bytes received
            "sent": 0      // bytes sent
        }
    },
    "stream": {
        "client": {
            "received": 0, // bytes received
            "sent": 0      // bytes sent
        },
        "upstream": {
            "received": 0, // bytes received
            "sent": 0      // bytes sent
        }
    },
    "workers": 0,       // number of worker processes running
    "uptime": 0,        // seconds the instance has been running
    "reloads": 0,       // number of reloads
    "start_time": "epoch", // start of data collection
    "end_time": "epoch"    // end of data collection
}

---

## Error log location and monitoring {#log-monitoring}

All usage reporting logs are written by the `nms-integrations` process. Where you find them depends on your deployment:

| Deployment | Log location |
|------------|--------------|
| Linux (systemd) | `journalctl -u nms-integrations` or `/var/log/nms/nms.log` |
| Container | `docker logs <integrations-container>` or `kubectl logs <pod> -c integrations` |

Monitor the following log prefixes to identify issues with automatic usage reporting to F5.

**`[INT-NC]`** — usage report polling and submission:

```text
[error] [INT-NC] failed to get pending count: <error>
[error] [INT-NC] failed to process NC usage batch: <error>
[info]  [INT-NC] successfully processed NC usage batch
[error] [INT-NC] failed to upsert telemetry event: <error>
[info]  [INT-NC] stopping NC usage subscriber (context done)
```

**`[AIDF-SUB]`** — usage message processing:

```text
[error] [AIDF-SUB] corrupted proto msg[<i>]: <error>; terminating message
[error] [AIDF-SUB] msg[<i>] missing jwt_token; terminating unprocessable message
[warn]  [AIDF-SUB] no valid reports after parsing <n> messages
[error] [AIDF-SUB] failed to create NC client for jwt group: <error>
[warn]  [AIDF-SUB] NC submission failed for chunk <start>-<end>: <error>
[error] [AIDF-SUB] failed to ack msg after NC success: <error>
[warn]  [AIDF-SUB] completed with <n> errors: <errors>
[info]  [AIDF-SUB] successfully processed <n> valid messages
```

**`[NC-POST]` / `[NC-RETRY]`** — HTTP communication with F5:

```text
[info]  [NC-POST]  NC response status=<code> batch_size=<n>
[warn]  [NC-RETRY] retrying after error: <error> wait=<duration>
[error] [NC-SUBMIT] failed to convert report <i>: <error>
```

**`[AIDF-PUB]`** — usage data publishing from the data plane manager:

```text
[error] [AIDF-PUB] failed to marshal proto report: <error>
[error] [AIDF-PUB] failed to publish proto report: <error>
[info]  [AIDF-PUB] published proto report seq=<n> nginx_version=<ver>
```

Monitor the [NGINX error log](https://nginx.org/en/docs/ngx_core_module.html#error_log), usually at `/var/log/nginx/error.log`, to identify subscription issues early. The log records problems such as failed usage reports or licenses that are about to expire. Check it regularly to avoid downtime and stay compliant.

You can also use the [license API endpoint](https://demo.nginx.com/api/9/license) to check license status programmatically. For details, see the [ngx_http_api_module docs](https://nginx.org/en/docs/http/ngx_http_api_module.html#def_nginx_license_object).

Examples of log entries:

- **Failed usage reports:**

  ``` text
  [error] 36387#36387: server returned 500 for <fqdn>:<port> during usage report
  [error] 36528#36528: <fqdn>:<port> could not be resolved (host not found) during usage report
  [error] 36619#36619: connect() failed (111: Connection refused) for <fqdn>:<port> during usage report
  [error] 38888#88: server returned 401 for <ip_address>:443 during usage report
  ```

- **License nearing expiration:**

  ``` text
  [warn] license will expire in 14 days
  ```

- **License expired:**

  ``` text
  [alert] license expiry; grace period will end in 89 days
  [emerg] license expired
  ```

**Note:** 
NGINX Plus stops processing traffic if the license has been expired for more than 90 days.