Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

GeoffG's avatar
GeoffG
Icon for Altostratus rankAltostratus
Feb 06, 2020

High Speed Logging to SumoLogic Collector not Working

HI,   I am trying to get some values from a HTTP header to be sent to a SumoLogic Collector and am having difficulties with how the messages end up at the SumoLogic box.   I can see the data bein...
application delivery
big-ip
LTM
Smithy's avatar
Smithy
Icon for Cirrostratus rankCirrostratus
Feb 11, 2020

I'm not familiar with Sumo Logic, but for my 3 node ELK cluster with 2 logstash servers, I just use HSL. See below.

create ltm node elk1.f5.demo { address 10.1.30.111 description "ELK Logstash/Data/Master Node" }
create ltm node elk2.f5.demo { address 10.1.30.112 description "ELK Kibana/Master Node" }
create ltm node elk3.f5.demo { address 10.1.30.113 description "ELK Logstash/Data/Master Node" }
 
create ltm pool elk_log_5401_pool { members replace-all-with { elk1.f5.demo:5401 elk3.f5.demo:5401 } }
 
create sys log-config destination remote-high-speed-log elk_hsl_5401_dest { pool-name elk_log_5401_pool protocol udp distribution balanced }
 
create sys log-config publisher elk_log_5401_pub destinations replace-all-with { elk_hsl_5401_dest }