Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Aviv's avatar
Aviv
Icon for Cirrus rankCirrus
May 27, 2021

bigip sending logs without being configured to send

i have configured bigip to send log to kibana syslog. i have deleted the setting. i still getting asm logs from the bigip.   i do not see the kibana setting at the bigip.   d u know what el...
application delivery
ASM Advanced WAF
big-ip
AlexBCT's avatar
AlexBCT
Icon for Cumulonimbus rankCumulonimbus
May 28, 2021

Hi Aviv,

 

Interesting one... Here is a list of all the location where you can configure logs to remote destinations that I can remember from the top of my head, maybe one of them is still configured;

  • ASM logs; Security ›› Event Logs : Logging Profiles
  • LTM logs (legacy); System ›› Logs : Configuration : Remote Logging
  • HSL logs; System ›› Logs : Configuration : Log Destinations
  • iRule legacy remote logging; look for something like "log 10.10.231.1 local0.info "Client Connected, IP: [IP::client_addr]"
  • iRule HSL logging; look for something like "set hsl [HSL::open -proto UDP -pool syslog_server_pool]"

 

If still no luck finding it, can you post a log message so we can see the formatting of the log message? it may give some clues as well.

 

Hope you find the culprit ;)