Debug mode enabled for F5




Indeni will alert if one of the debug mechanisms on a device is enabled when the default is for it to be disabled.

Remediation Steps

Turn off the debug as soon as possible.Follow the applicable remediation steps. mcpd-force-reload: Delete the file /service/mcpd/forceload (, tm.rstcause.log:, tm.rstcause.pkt:

How does this work?

This alert logs into the F5 load balancer and verifies that the debug daemon is not activated by checking where the sym link /etc/alternatives/tmm is pointing to.

Why is this important?

The tmm.debug daemon can be enabled in order to gather additional metrics when the F5 unit crashes. However, this state is not desireable in a normal set-up as the tmm debug daemon performs slower than the default version.

Without Indeni how would you find this?

Login to the device with SSH and run "ls -l /etc/alternatives/tmm" and verify that the sym link is not pointing to "/usr/bin/tmm.debug"

View Source Code