Forum Discussion

Cirrocumulus

Jul 01, 2021

How can I exclude a cookie from being logged to the external log server

Hi; With an AWAF Logging Profile for the purpose of sending Request log messages to a Splunk Server, how can I log all headers except a cookie? Kindly Wasfi

ASM Advanced WAF

security

Daniel_Wolf
Jul 01, 2021
Hi Wasfi,

you could mask the cookie value in the logs. The process is described in K52154401.
It should look similar to this:

KR
Daniel

Wasfi_Bounni

Cirrocumulus

Thank you Daniel. Although my intention is not to log the Cookie due to its length, not due to its private content. It is consuming most of the log message.

Would masking it reduce its length too?

Daniel_Wolf

MVP

Jul 02, 2021

Nothing that comes to my mind instantaneously. Maybe a filter on the log server rather than on the BIG-IP?

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

How can I exclude a cookie from being logged to the external log server

Recent Discussions

F5 - AS3 - BIGIQ / BIGIP SchemaVersion Missunderstanding

F5OS API - not able to create vlan

F5 APM - limiting access to the bandwidth for network Access

Change LB priority based on status

High CPU utilization (100%).

Related Content

iRule exclude URI

CSV to Address External Datagroup File

Cookie-based DDoS protection

External Monitor Information and Templates

TACACS+ External Monitor (Python)

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS