Forum Discussion

Icon for Altocumulus rank

Altocumulus

Oct 07, 2022

BIGIP ASM audit logging

Hello all ,

We want to remote log the ASM application security Audit log . Is this possible .

Like we do for Asm Event logs with logging profile .

Thanks

Suraj Upadhaya

application delivery

Nikoolayy1
Oct 07, 2022

Have you enabled HSL logging for the F5 system with a log filter (not a log profile as you have done for the ASM policy)? The log filter can be set to "all" and you should see any F5 system/event log on the remote syslog/SIEM server.

https://techdocs.f5.com/en-us/bigip-14-0-0/external-monitoring-of-big-ip-systems-implementations-14-...

Nikoolayy1
MVP
Oct 07, 2022

Have you enabled HSL logging for the F5 system with a log filter (not a log profile as you have done for the ASM policy)? The log filter can be set to "all" and you should see any F5 system/event log on the remote syslog/SIEM server.

https://techdocs.f5.com/en-us/bigip-14-0-0/external-monitoring-of-big-ip-systems-implementations-14-...
Nikoolayy1
MVP
Oct 13, 2022
If you managed to get the needed answers, please flag the question as answered.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming