diff --git a/content/includes/nginx-one-console/config-snippets/enable-nplus-api-dashboard.md b/content/includes/nginx-one-console/config-snippets/enable-nplus-api-dashboard.md
index 02967dbd9..5f5f7779a 100644
--- a/content/includes/nginx-one-console/config-snippets/enable-nplus-api-dashboard.md
+++ b/content/includes/nginx-one-console/config-snippets/enable-nplus-api-dashboard.md
@@ -36,3 +36,7 @@ server {
}
}
```
+
+{{}}
+Make sure that the `server` and `location` blocks are in the same single configuration file, and not split across multiple files using `include` directives.
+{{}}
diff --git a/content/includes/use-cases/monitoring/enable-nginx-oss-metrics.md b/content/includes/use-cases/monitoring/enable-nginx-oss-metrics.md
new file mode 100644
index 000000000..f7ab489fd
--- /dev/null
+++ b/content/includes/use-cases/monitoring/enable-nginx-oss-metrics.md
@@ -0,0 +1,53 @@
+---
+nd-product: MSC
+nd-files:
+- content/nginx-one-console/getting-started.md
+- content/nginx-one-console/nginx-configs/metrics/enable-metrics.md
+- content/nim/monitoring/overview-metrics.md
+- content/nim/nginx-instances/add-instance.md
+---
+
+To collect basic metrics about server activity for NGINX Open Source:
+
+1. **Enable the stub status API**
+
+Add the following to your NGINX configuration file:
+
+```nginx
+server {
+ listen 127.0.0.1:8080;
+ location /api {
+ stub_status;
+ allow 127.0.0.1;
+ deny all;
+ }
+}
+```
+
+{{}}
+Make sure that the `server` and `location` blocks are in the same single configuration file, and not split across multiple files using `include` directives.
+{{}}
+
+This configuration:
+
+- Enables the stub status API endpoint
+- Allows requests only from `127.0.0.1` (localhost).
+- Blocks all other requests for security.
+
+For more details, see the [NGINX Stub Status module documentation](https://nginx.org/en/docs/http/ngx_http_stub_status_module.html).
+
+2. **Configure access logging**
+
+Enable access logging in your NGINX configuration to collect detailed traffic metrics. Ensure that the following log format is used:
+
+```nginx
+log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+'$status $body_bytes_sent "$http_referer" '
+'"$http_user_agent" "$http_x_forwarded_for" '
+'"$bytes_sent" "$request_length" "$request_time" '
+'"$gzip_ratio" $server_protocol ';
+
+access_log /var/log/nginx/access.log main;
+```
+
+This log format captures key metrics including request timing, response sizes and client information.
diff --git a/content/includes/use-cases/monitoring/enable-nginx-oss-stub-status.md b/content/includes/use-cases/monitoring/enable-nginx-oss-stub-status.md
deleted file mode 100644
index 3b137a8ff..000000000
--- a/content/includes/use-cases/monitoring/enable-nginx-oss-stub-status.md
+++ /dev/null
@@ -1,29 +0,0 @@
----
-nd-product: MSC
-nd-files:
-- content/nginx-one-console/getting-started.md
-- content/nginx-one-console/nginx-configs/metrics/enable-metrics.md
-- content/nim/monitoring/overview-metrics.md
-- content/nim/nginx-instances/add-instance.md
----
-
-To collect basic metrics about server activity for NGINX Open Source, add the following to your NGINX configuration file:
-
-```nginx
-server {
- listen 127.0.0.1:8080;
- location /api {
- stub_status;
- allow 127.0.0.1;
- deny all;
- }
-}
-```
-
-This configuration:
-
-- Enables the stub status API.
-- Allows requests only from `127.0.0.1` (localhost).
-- Blocks all other requests for security.
-
-For more details, see the [NGINX Stub Status module documentation](https://nginx.org/en/docs/http/ngx_http_stub_status_module.html).
\ No newline at end of file
diff --git a/content/includes/use-cases/monitoring/enable-nginx-plus-api-with-ssl.md b/content/includes/use-cases/monitoring/enable-nginx-plus-api-with-ssl.md
new file mode 100644
index 000000000..ae75004b1
--- /dev/null
+++ b/content/includes/use-cases/monitoring/enable-nginx-plus-api-with-ssl.md
@@ -0,0 +1,58 @@
+---
+nd-product: MSC
+nd-files:
+- content/nginx-one-console/getting-started.md
+---
+
+If SSL is enabled on the NGINX Plus API with self-signed certificates like this example:
+
+```nginx
+# This block enables the NGINX Plus API and dashboard with SSL
+# For configuration and security recommendations, see:
+# https://docs.nginx.com/nginx/admin-guide/monitoring/live-activity-monitoring/#configuring-the-api
+server {
+ # Change the listen port if 9000 conflicts
+ # (8080 is the conventional API port)
+ listen 9000 ssl;
+ ssl_certificate /etc/nginx/certs/nginx-selfsigned.crt;
+ ssl_certificate_key /etc/nginx/certs/nginx-selfsigned.key;
+
+ location /api/ {
+ # To restrict write methods (POST, PATCH, DELETE), uncomment:
+ # limit_except GET {
+ # auth_basic "NGINX Plus API";
+ # auth_basic_user_file /path/to/passwd/file;
+ # }
+
+ # Enable API in write mode
+ api write=on;
+
+ # To restrict access by network, uncomment the following lines and set your network:
+ # allow 192.0.2.0/24; # replace with your network
+ # allow 127.0.0.1/32; # allow local NGINX Agent to call the NGINX Plus API to retrieve metrics
+ # deny all;
+ }
+
+ # Serve the built-in dashboard at /dashboard.html
+ location = /dashboard.html {
+ root /usr/share/nginx/html;
+ }
+}
+```
+
+{{}}
+Make sure that the `server` and `location` blocks are in the same single configuration file, and not split across multiple files using `include` directives.
+{{}}
+
+NGINX Agent configuration needs to be update with the following to enable the NGINX Agent to be able to call the NGINX Plus API.
+```
+data_plane_config:
+ nginx:
+ api_tls:
+ ca: "/etc/nginx/certs/nginx-selfsigned.crt"
+```
+
+Here is an example of how to generate self-signed certificates
+```
+openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/certs/nginx-selfsigned.key -out /etc/nginx/certs/nginx-selfsigned.crt -subj "/CN=localhost" -addext "subjectAltName=IP:127.0.0.1"
+```
\ No newline at end of file
diff --git a/content/nginx-one-console/getting-started.md b/content/nginx-one-console/getting-started.md
index dcfbfbc0e..c50934cca 100644
--- a/content/nginx-one-console/getting-started.md
+++ b/content/nginx-one-console/getting-started.md
@@ -161,11 +161,22 @@ The NGINX One Console dashboard relies on APIs for NGINX Plus and NGINX Open Sou
### Enable NGINX Plus API
+{{}}
+
+{{%tab name="without SSL"%}}
{{< include "/use-cases/monitoring/enable-nginx-plus-api.md" >}}
-### Enable NGINX Open Source Stub Status API
+{{% /tab %}}
+{{%tab name="with SSL"%}}
+
+{{< include "/use-cases/monitoring/enable-nginx-plus-api-with-ssl.md" >}}
+
+{{% /tab %}}
+{{% /tabs %}}
-{{< include "/use-cases/monitoring/enable-nginx-oss-stub-status.md" >}}
+### Enable NGINX Open Source Metric
+
+{{< include "/use-cases/monitoring/enable-nginx-oss-metrics.md" >}}
---
@@ -181,10 +192,3 @@ After connecting your NGINX instances to NGINX One, you can monitor their perfor
### Overview of the NGINX One dashboard
{{< include "/use-cases/monitoring/n1c-dashboard-overview.md" >}}
-
-
-
-
-
-
-
diff --git a/content/nginx-one-console/nginx-configs/metrics/enable-metrics.md b/content/nginx-one-console/nginx-configs/metrics/enable-metrics.md
index 9d447eff7..c5ba14394 100644
--- a/content/nginx-one-console/nginx-configs/metrics/enable-metrics.md
+++ b/content/nginx-one-console/nginx-configs/metrics/enable-metrics.md
@@ -15,6 +15,7 @@ nd-product: NONECO
The NGINX One Console dashboard and metrics views present system metrics and detailed NGINX metrics gathered through the NGINX Plus API or the Stub Status API (for NGINX Open Source).
To display metrics, complete the following steps:
+
1. Enable the API
2. Enable metric collection
@@ -28,9 +29,9 @@ To enable the NGINX Plus API and dashboard with [Config Sync Groups]({{< ref "/n
{{< include "use-cases/monitoring/enable-nginx-plus-api-with-config-sync-group.md" >}}
-## Enable NGINX Open Source Stub Status API
+## Enable NGINX Open Source Metrics
-{{< include "/use-cases/monitoring/enable-nginx-oss-stub-status.md" >}}
+{{< include "/use-cases/monitoring/enable-nginx-oss-metrics.md" >}}
## Enable NGINX Plus Metric Collection
diff --git a/content/nim/monitoring/overview-metrics.md b/content/nim/monitoring/overview-metrics.md
index cb1fe13e6..ccd3a1786 100644
--- a/content/nim/monitoring/overview-metrics.md
+++ b/content/nim/monitoring/overview-metrics.md
@@ -36,7 +36,7 @@ NGINX Instance Manager stores historical data in an analytics database and appli
### NGINX Open Source metrics
-{{< include "/use-cases/monitoring/enable-nginx-oss-stub-status.md" >}}
+{{< include "/use-cases/monitoring/enable-nginx-oss-metrics.md" >}}
After saving the changes, reload NGINX to apply the new configuration:
@@ -44,20 +44,6 @@ After saving the changes, reload NGINX to apply the new configuration:
nginx -s reload
```
-### NGINX access log metrics
-
-Enable access logging to collect traffic metrics by parsing logs. Use the following log format:
-
-```nginx
-log_format main '$remote_addr - $remote_user [$time_local] "$request" '
- '$status $body_bytes_sent "$http_referer" '
- '"$http_user_agent" "$http_x_forwarded_for" '
- '"$bytes_sent" "$request_length" "$request_time" '
- '"$gzip_ratio" $server_protocol ';
-
-access_log /var/log/nginx/access.log main;
-```
-
## Troubleshooting
System metrics are collected automatically by the NGINX Agent. To collect NGINX-specific metrics, additional configuration is required.
\ No newline at end of file
diff --git a/content/nim/nginx-instances/add-instance.md b/content/nim/nginx-instances/add-instance.md
index f694dc170..f4d0f75bb 100644
--- a/content/nim/nginx-instances/add-instance.md
+++ b/content/nim/nginx-instances/add-instance.md
@@ -39,9 +39,9 @@ Make sure you have:
{{< include "/use-cases/monitoring/enable-nginx-plus-api.md" >}}
-### Enable NGINX Open Source Stub Status API
+### Enable NGINX Open Source Metrics
-{{< include "/use-cases/monitoring/enable-nginx-oss-stub-status.md" >}}
+{{< include "/use-cases/monitoring/enable-nginx-oss-metrics.md" >}}
## Next steps