Forum Discussion

neeeewbie's avatar
Apr 21, 2022

how long days f5 can store asm policy audit logs ?

hi guys 


how long days f5 can store asm policy audit logs ?

I found asm can stored 3M logs 

but I can't find any documents relate to asm policy audti log 

please let me know if you have some documents ! 


thank you 

4 Replies

  • Hello neeeewbie.

    "By default, the local log storage is finite with a maximum capacity of 3 million records stored across all BIG-IP ASM security policies and a maximum database table size of 2 GB on virtual systems and 5 GB on physical systems."

    I bet audit logs are included in this sizing.


    • neeeewbie's avatar
      Icon for MVP rankMVP

      thank you for your warm attention 

      I mean this audit log located at Security ›› Application Security : Audit : Log

      do you know about that ?

      • Hello neeewbie.

        As I mentioned, I bet audit logs are included in this sizing 😊


  • Hi Neeeewbie, 

    The ASM audit logs are indeed stored in /var/log, rather than in the database. (When you view the Audit log within ASM, it filters specific messages from /var/log/asm). As such, you're limited to however much space you've got on the /var/log partition and what the retention policy for the /var/log files are. I believe they are kept for 24 days by default (just checked, on my system I indeed have 24 files) but depends on the disk space as well as some other things. See here for more details:

    Hope this helps.