Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

gutiu_220848's avatar
gutiu_220848
Icon for Nimbostratus rankNimbostratus
Sep 18, 2015

BIG-IP remote logging ASM problem

Hey I´m playing around with the f5 BIG-IP VM v11.6. I want to analyze the attacks on my BIG-IP splunk. Well I built a test environment with kali linux and the LAB lamp server. Everything works prett...
gutiu_220848's avatar
gutiu_220848
Icon for Nimbostratus rankNimbostratus
Sep 18, 2015

I found a way to get at least some signatures. The detected signatures were in "Staging"> After I Enforce them I got the sigantures in my remote-logging (splunk)

 

 

Is this the right way to do that?

 

  • nathe's avatar
    nathe
    Icon for Cirrocumulus rankCirrocumulus
    Sep 18, 2015
    I think you've hit on the issue here, as items, such as Attack Sigs, when in Staging are "legal" requests in the ASM logs. I suspect, based on this, it doesn't then log the signature itself, even if reported in the GUI.