Contact Us 1-800-596-4880

Monitor Hybrid Runtimes

Install the Anypoint Monitoring agent on an on-premises server to monitor applications that are running on that server and managed in the cloud.

The Anypoint Monitoring agent sends monitoring data to the Anypoint Monitoring cloud endpoint. Anypoint Monitoring data is transferred using an open-source protocol for transferring log data over a highly efficient bidirectional binary channel. Data is securely transmitted using mutual TLS encryption.

To use Anypoint Monitoring across a server group or cluster, you must install Anypoint Monitoring on each individual server.

Before You Begin

If you have an outbound firewall, open port 443.

Outbound connections are made to the following endpoints:

  • US Control Plane




  • US-GOV Control Plane



  • EU Control Plane




Supported Operating Systems

Ensure that Anypoint Monitoring is installed on a server running one of the following operating systems:

  • CentOS 7

  • RedHat Enterprise Linux 7

  • Ubuntu 16.04 and 18.04

  • Windows Server 2016, Windows Server 2019

To install the agent, you must have root or administrative privileges.

Supported Versions of Mule Runtime Engine

Use the following Mule runtime engine versions with Anypoint Monitoring:

  • Mule 3 versions 3.8.7 and later
    Versions 3.8.6 and earlier are not supported. Additionally, all runtime versions that have the -AM suffix are deprecated.
    Inbound and outbound metrics are unavailable for hybrid proxy apps that use Mule runtime engine version 3.9.5 or earlier.

  • Mule 4
    To use enhanced metrics for API Analytics, use Mule runtime engine version 4.1.6 or later.

Supported Versions of Mule Runtime Manager Agent

Ensure that one of the following Mule Runtime Manager agent versions is installed in the Mule runtime engine running on the server:

  • 2.5.x

  • 2.4.x

  • 2.3.0

  • 2.2.x

  • 2.1.9

  • 2.1.7

  • 2.1.6

  • 1.14.x

  • 1.13.0

  • 1.12.x

  • 1.11.x

  • 1.10.0

Mule deployments must be visible and managed in the Runtime Manager user interface. To ensure they appear, use the Runtime Manager user interface or the ARM REST API for new deployments.

Hardware Prerequisites

Ensure that the server has the minimum hardware requirements for Anypoint Monitoring, which are:

  • 2GHz CPU or 1 virtual CPU

  • 1GB RAM

  • 4GB disk space

  • Intel x86 or x64 compatible CPU architecture

Install the Anypoint Monitoring agent

Instructions for downloading and installing the Anypoint Monitoring agent on-premises are located on the Settings page of the Anypoint Monitoring user interface. You can also download the Anypoint Monitoring installation file from the Settings page.

When installing the Anypoint Monitoring agent, note the following:

  • When you extract the file, a folder called am is created in the location where you extracted the ZIP.

  • The installation script asks if you want Anypoint Monitoring installed as a service.

    • If you don’t want to have it preset as a service by the installer, select No.

    • You can call the installation script with the -x argument to skip this prompt. If you skip the prompt, Anypoint Monitoring is not installed as a service.

  • You cannot install the Anypoint Monitoring agent on a server that has an existing filebeat instance running.

  • When you install the Anypoint Monitoring agent on a hybrid server in a server group, use Runtime Manager to restart the server to enable Anypoint Monitoring to begin collecting metrics.

SOCKS5 Proxy Setting

If you need to proxy your monitoring data as it leaves the data center, you can use the command line parameter -p when you install the Anypoint Monitoring agent.

To use the SOCKS5 protocol for monitoring, you must:

  1. Set up Runtime Manager with a proxy. See Create a Server in Runtime Manager.

  2. To perform the SOCKS5 proxy configuration step, you must have a compatible server deployed to your environment.

  3. Install the Anypoint Monitoring agent and use the -p option. For example, on a Windows server, at the command line, enter:

<location-of-am-folder\bin>powershell -file install.ps1 -p socks5://user:password@socks5-server:1080

For a Linux server, enter:

$ ./install -p socks5://user:password@socks5-server:1080

If the user or password of the SOCKS5 proxy configuration contains URI reserved characters, it must be percent-encoded following the encoding rules of RFC 3986.

Verify the Anypoint Monitoring Agent is Running

  1. Wait 10 minutes for the configuration to propagate.

  2. Log in to Anypoint Platform.

  3. In the navigation bar or the main Anypoint Platform screen, click Monitoring.

  4. On the Built-in Dashboards page, select an app that is deployed on the server where you installed the Anypoint Monitoring agent.

  5. Check whether the CPU Utilization and Memory Utilization charts are displaying data.
    If you see data in the charts, the Anypoint Monitoring agent is installed and running.
    If you do not see data in the charts, verify that Anypoint Monitoring is able to connect to the endpoint.

    If necessary, you can add the endpoint to an allowlist for outbound firewall rules so your server allows connections. The endpoints to add to the allowlist are listed in Before You Begin.
  6. Log into the server on which the Anypoint Monitoring agent is running.

  7. Open the log file for the data-transfer agent. The log file is in this path: ./am/filebeat/logs

    If you are using Linux and the Anypoint Monitoring agent is running as a service, the log file is in the /var/log/filebeat directory.
  8. Look for entries that mention connection failures or connection retries.

Update the Anypoint Monitoring Agent

When you upgrade the Runtime Manager agent, you must reinstall the Anypoint Monitoring agent.

If you need to update the Anypoint Monitoring agent at some point in the future, follow these steps:

  1. Stop Mule.

  2. In the am folder, run the following command:

  3. Delete the am folder.

  4. Follow the instructions for installing the Anypoint Monitoring agent on-premises.

  5. Restart Mule.

Performance Impact

Enabling monitoring can impact CPU utilization and memory utilization depending on your specific application configuration. Before enabling monitoring in your production environment, test any performance impact in your pre-production environment to ensure optimal performance and sizing.


  • If you find connection failure or retry entries, ensure that port 443 in your outbound firewall is open.

  • If you do not find connection failure or retry entries, contact MuleSoft technical support.

Disable Log Forwarding for Hybrid Runtime Servers

This feature is available only if your organization has the Anypoint Integration Advanced package or a Titanium subscription to Anypoint Platform. For more information, see the Pricing and Packaging documentation.

You can disable log forwarding to Anypoint Monitoring if you have AM installer v.2.5.10 or later. To disable this feature, you must configure a JVM property on each hybrid server for which you want to disable log forwarding. You cannot disable log forwarding per application.

To disable log forwarding:

  1. Upgrade the Anypoint Monitoring agent to a version that supports disabling log forwarding ( or later).

  2. Stop Mule.

  3. Add the following line in the MULE_HOME/conf/wrapper.conf file (where <N> is the next available property index):<N>=-Danypoint.platform.monitoring.logs_forwarding.enabled=false

  4. Restart Mule.