Forum Discussion

Icon for Cirrostratus rank

Cirrostratus

Jan 23, 2020

Does anyone did traffic logging?

Hi guys

I`m searching method which can logging or inspecting traffic information.

Target license are LTM and CGNAT.

I have looking for Telemetry streaming but that seems providing sampling information.

I need full traffic information not sampling data. also don`t need mirroring.

I think using i-Rule with HSL can be a method but I`m wondering how much traffic can be logging.

-> how much means about CPS 150K.

-> and BIGIP`s disk can be able to hold the logs.

application delivery

NUT2889
Jan 23, 2020
Hi,

Yes, the purpose of HSL is for syslog protocol. You can forward to external syslog server by TCP / UDP based on syslog receiver.

NUT2889
Cirrostratus
Jan 23, 2020
Hi,

F5 not suggest to store log locally. From my experience F5 support recommend customer forward log to SIEM / Big Data Solution / BIG-IQ instead.
- SWJO
  Cirrostratus
  Jan 23, 2020
  Hi.
  
  Then is there possible method not store logs in box but forward to remote?
  - NUT2889
    Cirrostratus
    Jan 23, 2020
    Hi,
    
    Yes, the purpose of HSL is for syslog protocol. You can forward to external syslog server by TCP / UDP based on syslog receiver.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming