Forum Discussion

Nimbostratus

Dec 11, 2023

Multiline logs in F5 Big

I am trying to Audit F5 ASM Logs in SIEM platform. The issue is, it seems like F5 is storing some of the logs with multiline description: This makes it very difficult to parse in SIEM as they...

application delivery

devops

zamroni777

MVP

Dec 12, 2023

i guess they are in json or xml format.
if it is, the parser should not process them as plain text but as json/xml

Utkc137

Nimbostratus

Dec 13, 2023

I don't think so, here's a screenshot from F5 backend:

Any way to make F5 store these as a single line event?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Multiline logs in F5 Big

Welcome! a la Communidad DevCentral LATAM de F5!

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

Recent Discussions

Efficient Method to Compare F5 Configurations

F5 Big-IQ read-only API username creation.

email alert when service restarts

all possible Domain names that F5 may need to communicate to

irule that presents certificate doesn´ t run in TLSv1.3

Related Content

Implementing BIG-IP WAF logging and visibility with ELK

Mitigating OWASP Web Application Risk : Security Logging & Monitoring Failures using F5 BIG-IP

F5 BIG-IP Zero Trust with BIG-IP SSL Orchestrator

How I did it - "Remote logging with F5 BIG-IP Next and OpenTelemetry"

What is BIG-IP Next?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS