Forum Discussion

Priyesh_MP's avatar
Priyesh_MP
Icon for Nimbostratus rankNimbostratus
6 years ago
Solved

F5 ASM Auditlogs for all Policy Changes apart from normal Login Logout details

Dear Team,   Good day!   Can anyone confirm whether F5 ASM Auditlogs give information about configuration changes other than normal login logout data? Requirement is customer wants Auditlogs ...
ASM Advanced WAF
BIG-IP
security
  • Yoann_Le_Corvi1's avatar
    Yoann_Le_Corvi1
    6 years ago

    Hi

     

    Sorry for the delay. Admin/root are very likely to be linked.

    Try creating a dedicated account.

     

    Also what you are reading is the system audit log.

     

    You also have the ASM Audit Log in Security -> Application Security -> Policy -> Audit -> Logs.

     

    Yoann

Yoann_Le_Corvi1's avatar
Yoann_Le_Corvi1
Icon for Cumulonimbus rankCumulonimbus
6 years ago

Hello

 

It does. It logs ever modification to the policy. That also include changes made by the policy builder itself.

URL, Response page, Attack signtature... and so on.

 

Yoann

  • Priyesh_MP's avatar
    Priyesh_MP
    Icon for Nimbostratus rankNimbostratus
    6 years ago

    Dear Yoann,

     

    Thank you for your response. Is there any document available from F5 on this?

     

    Best Regards,

    Priyesh MP