Forum Discussion

Nimbostratus

Apr 11, 2014

Pool status in Splunk for F5 Networks

Hi all, I made some tests on Splunk with the 11.5.0 TMOS version. My tests were on AFM, LTM and also syslog events. LTM (with the iRule included) and AFM work fine, but for syslog events ther...

Historic F5 Account

Sep 19, 2014

I tried the following to see if it would grab it, but no luck yet...

In Splunk my syslog message was <133>1 2014-09-19T15:29:05-06:00 localhost.localdomain mcpd 6649 01070727:5: [F5@12276 hostname="localhost.localdomain" errdefs_msgno="01070727:5:"] Pool /Common/dvwa_pool member /Common/192.168.0.217:80 monitor status up. [ /Common/dvwa_monitor: up ] [ was down for 0hr:0min:10sec ]

My RegEX = REGEX = /\serrdefs_msgno="(........:.)\S+\sPool\s(\S+)\smember\s(\S+)\smonitor\sstatus\s(\S+).\s?[?\s?(?:\S+)?:?\s?(?:\S+)?\s?]?\s+?[\swas\s(\S+)\sfor\s(\S+)/

In RegEx teter it loks good, but no joy here. I will keep trying....

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Pool status in Splunk for F5 Networks

Recent Discussions

Background Tasks

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

F5 Health Monitor Receive String as JSON

SSL bridging without SSL proxy forward

Related Content

Setting up F5 Telemetry Streaming with Splunk Cloud

What is Multi-Cloud Networking?

Demo Guide & Video Series for F5 Distributed Cloud Network Connect (Multi-Cloud Networking)

Check a Virtual Server's SSL Status

Simplify Network Segmentation for Hybrid Cloud

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS