Filtering specific SSH connections from log messages

Hello,

 

To monitor the SSH service on our F5 boxes, our monitoring server periodically conducts SSH connection attempts that are logged locally (/var/log/ltm) and remotely via a Syslog server. Since these logs are not really useful, we would like to not display them locally and not send them to the syslog server

 

Mon Sep 5 04:27:30 CEST 2016 info F5-DEVICE sshd[5138] Did not receive identification string from IP_MONITORING_SERVER

 

Mon Sep 5 04:32:30 CEST 2016 info F5-DEVICE sshd[5179] Did not receive identification string from IP_MONITORING_SERVER

 

Mon Sep 5 04:37:30 CEST 2016 info F5-DEVICE sshd[5194] Did not receive identification string from IP_MONITORING_SERVER

 

Mon Sep 5 04:42:30 CEST 2016 info F5-DEVICE sshd[5233] Did not receive identification string from IP_MONITORING_SERVER

 

I know that with the include command "filter filter_name {..}; log {filter (filter_name)};" it's possible to apply filters to the logs but I do not find a way to filter for this scenario.

 

Is there a way to suppress these specific SSH connections initiated from our monitoring server?

 

I found an example (sol16932) that might look like what I want but in my opinion, we should have the good arguments to put in the filter command.

 

Thanking you in advance