Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

kridsana's avatar
kridsana
Icon for Cirrocumulus rankCirrocumulus
Nov 29, 2023

Can BIG-IQ forward ASM event log which receive from BIG-IP to syslog server?

Hi Right now we have all BIG-IP send ASM event log to BIG-IQ.  Question is Can BIG-IQ forward ASM event log which receive from BIG-IP to syslog server? or I need to config on each BIG-IP to s...
advanced waf
application delivery
BIG-IQ
log
syslog
F5_Design_Engineer's avatar
F5_Design_Engineer
Icon for MVP rankMVP
Nov 30, 2023

Most of the time I use MGMT interface to send the ASM logs to internal SYLOG server or any internal or external client SPLUNK or any other log servers

Its best to export the ASM event log to both (BIG-IQ and syslog server) independently rather than first send the logs from ASM to BIGIQ and then from BIGIQ to SYSLOG, as there you have to select on BIGIQ what logs to export to SYSLOG as it may be getting logs from multiple LTMs / ASM or other BIGIP devices.

Also there is a known issue that BIGIQ face issues sending logs to SYSLOG.

BIG-IQ not sending logs to configured syslog server

https://my.f5.com/manage/s/article/K000135937

HTH

🙏