Overview: NGINX instance metrics

Overview

F5 NGINX Instance Manager collects two types of data:

  • System metrics: Data about the data plane system, such as CPU and memory usage.
  • Traffic metrics: Data from processed traffic, including NGINX OSS, NGINX Plus, and NGINX logs.

The NGINX Agent collects metrics every 15 seconds and publishes them every 60 seconds.

For a full list of available metrics, see the Metrics Catalog Reference.

How metrics are collected and reported

The NGINX Agent collects metrics every 15 seconds while running on the host. Metrics are then downsampled and sent to the Manager server once per minute.

NGINX Instance Manager stores historical data in an analytics database and applies roll-ups:

  • Data up to 8 days old is stored with 1-minute resolution.
  • Data 8 to 30 days old is stored with 5-minute resolution.
  • Data 30 days to 15 months old is stored with 1-hour resolution.
  • Data older than 15 months is stored with 1-day resolution.

F5 NGINX Plus metrics

To collect comprehensive metrics for NGINX Plus, including bytes streamed, information about upstream systems and caches, and counts of all HTTP status codes, add the following to your NGINX Plus configuration file, for example /etc/nginx/nginx.conf or an included file:

# This block enables the NGINX Plus API and dashboard
# For configuration and security recommendations, see:
# https://docs.nginx.com/nginx/admin-guide/monitoring/live-activity-monitoring/#configuring-the-api
server {
    # Change the listen port if 9000 conflicts
    # (8080 is the conventional API port)
    listen 9000;

    location /api/ {
        # To restrict write methods (POST, PATCH, DELETE), uncomment:
        # limit_except GET {
        #     auth_basic "NGINX Plus API";
        #     auth_basic_user_file /path/to/passwd/file;
        # }

        # Enable API in write mode
        api write=on;

        # To restrict access by network, uncomment and set your network:
        # allow 192.0.2.0/24   # replace with your network
        # deny  all;
    }

    # Serve the built-in dashboard at /dashboard.html
    location = /dashboard.html {
        root /usr/share/nginx/html;
    }
}
Security tip
  • By default, all clients can call the API.
  • To limit who can access the API, uncomment the allow and deny lines under api write=on and replace the example CIDR with your trusted network.
  • To restrict write methods (POST, PATCH, DELETE), uncomment and configure the limit_except GET block and set up HTTP basic authentication.

For more details, see the NGINX Plus API module documentation and Configuring the NGINX Plus API.

NGINX Open Source metrics

To collect basic metrics about server activity for NGINX Open Source, add the following to your NGINX configuration file:

server {
    listen 127.0.0.1:8080;
    location /api {
        stub_status;
        allow 127.0.0.1;
        deny all;
    }
}

This configuration:

  • Enables the stub status API.
  • Allows requests only from 127.0.0.1 (localhost).
  • Blocks all other requests for security.

For more details, see the NGINX Stub Status module documentation.

After saving the changes, reload NGINX to apply the new configuration:

nginx -s reload

NGINX access log metrics

Enable access logging to collect traffic metrics by parsing logs. Use the following log format:

log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                  '$status $body_bytes_sent "$http_referer" '
                  '"$http_user_agent" "$http_x_forwarded_for" '
                  '"$bytes_sent" "$request_length" "$request_time" '
                  '"$gzip_ratio" $server_protocol ';

access_log  /var/log/nginx/access.log  main;

Troubleshooting

System metrics are collected automatically by the NGINX Agent. To collect NGINX-specific metrics, additional configuration is required.