Poseidon1974
Mar 15, 2023Cirrostratus
SPLUNK
Hi ,
to exploit the logs of the F5 LTM, APM, I would like to use, SPLUNK, and to avoid doing TCPDUMP on an environment of F5, do you know which keywords I could use on splunk.
Thanks,
Hi ,
to exploit the logs of the F5 LTM, APM, I would like to use, SPLUNK, and to avoid doing TCPDUMP on an environment of F5, do you know which keywords I could use on splunk.
Thanks,
Poseidon1974 I don't believe you can have the level of detail on a SPLUNK server that you can on a tcpdump on the F5, you will receive log messages but nothing as informative as a tcpdump.
Thanks
If that was the correct answer for you, please flag it as such.
I totally agree on the answer btw, logging and tcpdump are different things. won't be possible to pull that traffic logging into Splunk.