ASM Reporting in BIG IQ
Single BIG IP device managed by Single BIG IQ device at a client.
BIG IP was used to send daily scheduled reports including top attacks in the day, most affected virtual servers, top triggered security policies, bot traffic for the day, dos traffic for the day, top attacks by geo-location and such.
Client wanted a BIG IQ, we provided and all the data is being sent to the BIG IQ.
All the configurations have been properly set up and we can view all the data from BIG IQ. We also set up a scheduling report and now, unlike BIG IP, there is no way we can create such reports and schedule them. Either that or we havent found the proper ways to do so. The only report that can be sent is a very generic overview with how much traffic the whole system has been getting and nothing much.
If we go back to BIG IP and send the report from there, the BIG IQ doesnot display its graphs in the monitoring tab, and removing the whole centralized monitoring part. (We get that the need of BIG IQ is not apparent in the scenario, but such is the case)
The BIG IQ will be used to centrally monitor the lonesome BIG IP and BIG IQ has to be able to send the scheduled report as BIG IP used to.
Is there a way to do so? or is it a lost cause?
If it helps, we have configured all the security policies, logging profiles and such from BIG IP and simply imported them to BIG IQ.