Forum Discussion

Nimbostratus

Dec 24, 2017

ASM Logs to Splunk

Hey , I was wondering if i can manipulate the logs that are coming from my F5-ASM and goes to Splunk , that it will be displayed differently. for example i use I want Splu...

ASM Advanced WAF

security

Simon_Blakely

Employee

Dec 24, 2017

Syslog is message-oriented format. The ASM logs are sent as single UDP/TCP records, and the configured CRLF is just a part of the message.

You may be able to configure Splunk to split the messages based on the CRLF separator (I think Splunk has a message preprocessor), but that would be a question to ask Splunk.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

ASM Logs to Splunk

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs

F5 BIG IP laboratory license

F5 mssql health monitor failing

How can I get started with iCall

Connection Rest f5

Related Content

routing to splunk for asm logging

ASM LOGS

ASM logs

Setting up F5 Telemetry Streaming with Splunk Cloud

BIGIP ASM audit logging

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS