Forum Discussion

Nimbostratus

Jun 25, 2025

Exced Timeout in Event Logs WAF

I have a issue with a customer WAF, in the Event Logs, it shows me an error in the "triggered violation (I attached a screenshot).", & the request show the status: ilegal. we modify the maximun ...

Employee

Jul 01, 2025

Hello,

Are you using local logging? Local logging can lag due to various performance metrics. Best practice is to setup and configure WAF events for an external log collector WAF Logging

Stan_Marsh
Nimbostratus
Jul 02, 2025
Hi jeffrey,
Thanks,
Yes, I verified it and indeed the local log is being used. Any recommendations on how to apply the WAF event log to an external collector?
- Jeff_Granieri
  Employee
  Jul 02, 2025
  Hi Stan,
  
  you will need to create a waf logging profile to use a remote log: Although this is an older doc its still relevant Configuring Application Security Event Logging

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Exced Timeout in Event Logs WAF

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

block a specific user

which virtual server will be hit?

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

APM - Portal access - Issue

F5 bot defense - false positives

Related Content

iRule Event Order Flowchart

Need help. What is exc?

big3d timeouts

iRule Event Order

iRules: Disabling Event Processing

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS