Monitor Application & Network using ACOS Prometheus Exporter

a10tmea10tme Administrator admin
edited January 2021 in DevOps

This article describes how to setup Prometheus and A10 Thunder running pre-ACOS 5.0 version (e.g., 3.2, 4.1.4 or 5.1) using a Prometheus Exporter to gain application network visibility and operational insights.

Prometheus uses the HTTP PULL model to scrape such various data from network devices and store the received values in a time-series database. Using a visualization and analytics tool, like Grafana, the data stored in Prometheus can be tracked to understand various baselines and thresholds that the networks should be operating under, thus enabling event monitoring and alerting.

In this article, we use an ACOS Prometheus Exporter, a python-based script, that acts as a proxy between Prometheus and A10 Thunder. To enable the integration, the exporter listens on port 9734 for HTTP PULL requests from Prometheus. Once the exporter receives the request from Prometheus, it then makes the corresponding API calls to the A10 device to fetch the requested statistics. After the A10 devices has responded, the exporter hands those statistics over to Prometheus thus completing the original Prometheus HTTP PULL request. The Prometheus Exporter python script is maintained on the A10 Networks GitHub page.


  • You will need previous experience with Prometheus, Grafana and A10 Thunder
  • Prometheus
    • Install a Prometheus service on a server. In this example, Prometheus is installed on an Ubuntu virtual machine.
    • For Prometheus installation, refer to Prometheus Installation.
  • Grafana
    • Install a Grafana service on a server. In this example, Grafana is also installed on the same server as the Prometheus using port 3030.
    • Add Prometheus as a data source
    • For Grafana installation, refer to Grafana Installation.
  • Thunder device
    • A10 Thunder (hardware, virtual, bare metal or container)
      • ADC/CGN/CFW - ACOS version 4.1.4 and above
      • TPS - ACOS version 3.2 and above
    • In this example, Thunder TPS is used for DDoS Protection.
    • Get vThunder free trial
    • Note: Thunder have native support for Prometheus in ACOS 5.2.0. A10 device running ACOS 3.x/4.x can be integrated with the use of Prometheus Exporter.
  • Prometheus Exporter for A10 Thunder

ACOS Prometheus Exporter Setup

The ACOS Prometheus exporter module is a python-based script that acts as a proxy between Prometheus and A10 Thunder devices to collect A10 device stats and displays the results as metrics. In order to install ACOS Prometheus Exporter, you can fist clone it from A10 GitHub.

$git clone
$cd PrometheusExporter
$pip install -r requirements.txt

You will find the config.yml in the PrometheusExporter directory and modify it with the A10 Thunder devices to be monitored.

$vi config.yaml
   username: admin
   password: a10
 log_file: logs.log
 log_level: INFO

Finally, run the ACOS Prometheus Exporter

$python ./

Note: You can also run the ACOS Prometheus Exporter as a container or on Kubernetes/ OpenShift using Helm package. For more details, refer to

Prometheus Installation and Configuration

In this example, we install Prometheus on to an Ubuntu server and configure it to collect the data from A10 Thunder device via ACOS Prometheus Exporter.

Note: The installation instruction may vary depending on your environment including OS version and Prometheus release. Please refer to the latest instruction at Prometheus site.

$tar xvfz prometheus-*.tar.gz
$cd prometheus-*

The configuration file defines everything related to scraping jobs and their instances, as well as which rule files to load. The file where these configurations are stored is called prometheus.yml. Over here we define the frequency with which Prometheus is supposed to run certain jobs (scraping network devices for data).

Here is what the beginning of your file should look like:

$cat prometheus.yml
# my global config
 scrape_interval:    30s # Default is every 1 minute.
 evaluation_interval: 30s # Default is every 1 minute.

Further below in prometheus.yml, you will notice the jobs defined. You can add many jobs here, and this is an example job for Thunder TPS.

 - job_name: 'a10tps-job'
   metrics_path: '/metrics'
   - targets: ['localhost:9734']
       host_ip: [""]
       api_endpoint: ["/system/memory/stats", "/system/data-cpu/stats", "/ddos/l7-dns/stats", "/system/bandwidth/stats"]

Here is the detailed explanation of arguments defined in the a10tps-job:

  • Params - This is where the parameters are configured.
    • host_ip: IP of the monitored device that needs to be scraped. In this example, it is IP of the Thunder TPS.
    • api_endpoint: The API endpoint(s) that provides the data/statistics. In this example, this scraps memory consumption, data CPU utilizations, DNS DDoS protection stats and total bandwidth passing through the Thunder TPS. 
    • api_name: A convenient label for the api_endpoints listed above.
  • Targets – IP: port of the target device for Prometheus to communicate. In this example, it is set to the Prometheus Exporter using port 9734.

Once the prometheus.yml is set, start Prometheus service and check the status and collected data.

$ ./prometheus --config.file=prometheus.yml

Grafana Setup

 Once Prometheus starts colleting metrics from Thunder, you can create your own dashboard to visualize application traffic and monitor device and service status using threshold and baselining.

Here is the commands and steps to install and configure Grafana Enterprise edition on the same Ubuntu server. For detailed installation information, refer to

$sudo apt-get install -y apt-transport-https
$sudo apt-get install -y software-properties-common wget
$wget -q -O - | sudo
apt-key add -
$echo "deb stable main" | sudo tee -a /etc/apt/sources.list.d/grafana.list
$sudo apt-get update
$sudo apt-get install grafana-enterprise
$sudo systemctl daemon-reload
$sudo systemctl start grafana-server
$sudo systemctl status grafana-server

In this example, following metrics are used for each data source to visualize DNS service and DDoS protection status. 

  • Traffic Volume
    • input_bytes_per_sec
    • output_bytes_per_sec
  • DNS Traffic Stats
    • dns_pkt_processed
    • dns_query_type_XXX
    • dns_query_class_XXX
  • Dropped DNS Counters
    • dns_qry_any_drop
    • dns_malform_drop
    • dns_nx_drop
    • dns_auth_drop
    • dns_fqdn_label_len_exceed
    • dns_fqdn_rate_by_label_count_exceed
  • and more

You want to watch a demo of the A10 Thunder and Prometheus integration? Go to

Sign In or Register to comment.