Forum Discussion

Nimbostratus

Jun 25, 2025

Exced Timeout in Event Logs WAF

I have a issue with a customer WAF, in the Event Logs, it shows me an error in the "triggered violation (I attached a screenshot).", & the request show the status: ilegal. we modify the maximun ...

Employee

Jul 01, 2025

Hello,

Are you using local logging? Local logging can lag due to various performance metrics. Best practice is to setup and configure WAF events for an external log collector WAF Logging

Stan_Marsh
Nimbostratus
Jul 02, 2025
Hi jeffrey,
Thanks,
Yes, I verified it and indeed the local log is being used. Any recommendations on how to apply the WAF event log to an external collector?
- Jeffrey_Granier
  Employee
  Jul 02, 2025
  Hi Stan,
  
  you will need to create a waf logging profile to use a remote log: Although this is an older doc its still relevant Configuring Application Security Event Logging

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Exced Timeout in Event Logs WAF

Security Best Practices for F5 Products

F5 AppWorld 2026 Registration - early bird pricing.

Kostas Injeyan - October 2025 Featured Member

Recent Discussions

NGINX event logs send to F5 Data Collection Device and analysis from BIG-IQ it possible or not?

Cannot ping external interface

Dump all host running services during APM logon

Failed to execute iptable cmd: ," CMD="iptables -A SSH_ALLOW_RULES error

HA Failover between two Datacenters

Related Content

iRule Event Order Flowchart

Need help. What is exc?

big3d timeouts

iRule Event Order

iRules: Disabling Event Processing

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS