F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Priyesh_MP's avatar
Priyesh_MP
Icon for Nimbostratus rankNimbostratus
Jan 16, 2020
Solved

F5 ASM Auditlogs for all Policy Changes apart from normal Login Logout details

Dear Team,   Good day!   Can anyone confirm whether F5 ASM Auditlogs give information about configuration changes other than normal login logout data? Requirement is customer wants Auditlogs ...
ASM Advanced WAF
BIG-IP
security
  • Yoann_Le_Corvi1's avatar
    Yoann_Le_Corvi1
    Jan 23, 2020

    Hi

     

    Sorry for the delay. Admin/root are very likely to be linked.

    Try creating a dedicated account.

     

    Also what you are reading is the system audit log.

     

    You also have the ASM Audit Log in Security -> Application Security -> Policy -> Audit -> Logs.

     

    Yoann

Priyesh_MP's avatar
Priyesh_MP
Icon for Nimbostratus rankNimbostratus
Jan 23, 2020

Dear Yoann,

 

Thank you for your reply.

 

I got it. Will ASM forward ASM Audit Log in Security -> Application Security -> Policy -> Audit -> Logs to Syslog Server same like System Auditlogs? or it will only available locally in the device?

 

Best Regards,

Priyesh MP

Yoann_Le_Corvi1's avatar
Yoann_Le_Corvi1
Icon for Cumulonimbus rankCumulonimbus
Jan 23, 2020

Hi

I had a quick look, but it seems to be in the SM DB, not managed by syslog.

So as far as I can tell, it seems to be local only. Only illegal requests logs can be sent to syslog.

 

Yoann