For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Poseidon1974's avatar
Poseidon1974
Icon for Cirrostratus rankCirrostratus
Mar 15, 2023

SPLUNK

Hi ,

to exploit the logs of the F5 LTM, APM,  I would like to use, SPLUNK, and to avoid doing TCPDUMP on an environment of  F5, do you know which keywords I could use on splunk.

Thanks,

application delivery

4 Replies

  • Paulius's avatar
    Paulius
    Icon for MVP rankMVP
    Mar 15, 2023

    Poseidon1974 I don't believe you can have the level of detail on a SPLUNK server that you can on a tcpdump on the F5, you will receive log messages but nothing as informative as a tcpdump.

      • boneyard's avatar
        boneyard
        Icon for MVP rankMVP
        Mar 19, 2023

        If that was the correct answer for you, please flag it as such.

        I totally agree on the answer btw, logging and tcpdump are different things. won't be possible to pull that traffic logging into Splunk.