SSL VPN Login/Logout Logging

Question

In our current SSL VPN solution, we are able to log everytime a user logs in and logs out. This was a requirement on the F5 SSL VPN solution as well through APM.&nbsp;
I posted the question in a different forum and wanted to share it here -&nbsp;
https://devcentral.f5.com/community...065/asg/50&nbsp;

seth_cooper · Answer

Kevin,   
&nbsp;  
&nbsp; The information is in the /var/log/apm file... 
&nbsp;  
&nbsp; [root@apm-device:Active:Standalone] log   grep ca0767ca apm | egrep "Session deleted due|AD agent: Auth" 
&nbsp; Feb 26 14:58:51 apm-device info apd[5720]: 01490017:6: ca0767ca: AD agent: Auth (logon attempt:0): authenticate with 'scoope' successful 
&nbsp; Feb 26 15:14:06 apm-device notice tmm[8414]: 01490502:5: ca0767ca: Session deleted due to user inactivity or errors. 
&nbsp; [root@apm-device:Active:Standalone] log  
&nbsp;  
&nbsp; You can write a script to parse the logs and get all the information you need... 
&nbsp;  
&nbsp; Thanks, 
&nbsp; Seth Cooper

angrycat_52750 · Answer

What level of logging do you have enabled for APM??

Forum Discussion

SSL VPN Login/Logout Logging

2 Replies

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

F5 AWAF/ASM learning only from Trusted traffic?

OWA File Upload URIs for WAF Bypass

irule execution error

Curl 7.10.5 < 8.12.0 Integer Overflow (CVE-2025-0725)

Show or List F5 XC Routes in the Web

Related Content

Forwarding Logs to SIEM Tools via HTTP Proxy for F5 Distributed Cloud Global Log Receiver

SSL Orchestrator Enhanced Uses Case: Remote Logging

SSL Orchestrator Service Extensions: DoH Guardian

F5 Distributed Cloud Telemetry (Logs) - Loki

SSL Profiles Part 6: SSL Renegotiation

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS