Forum Discussion

Cirrus

Dec 02, 2020

Sent WAF event from BIG-IQ to Remote server ( SOC arcsight)

Dear all We had a BIG-IP System running WAF. At this time all event WAF log was sending to BIG-IQ. So. Do you know solution sent WAF event from BIG-IQ to Remote Sever ( SOC=arcsight) Note. One tim...

Cirrostratus

Dec 23, 2020

Hi,

you can send to both together.

TIP:

Create a Pool with your IP of ArcSight
Create Log Destination HighSpeed with the pool
Create Log Destination Remote Syslog with the HSL above
Inside of remote-logging-publisher of WAF, insert destination create above

See if works, for me works in QRadar

Forum Discussion

Sent WAF event from BIG-IQ to Remote server ( SOC arcsight)

Recent Discussions

Disk space full - what files, folders are safe to delete?

ASM instance creation

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

Related Content

Security Best Practices for BIG-IP & BIG-IQ systems

Insufficient permissions BIG-IQ login error

Re: Get Started with BIG-IP Virtual Edition (VE), BIG-IQ VE or BIG-IP Cloud Edition Trial

What is BIG-IQ?

Managing BIG-IP Licensing With BIG-IQ