Forum Discussion
NimbostratusUnable to Forward APM and AFM Logs to AWS CloudWatch Using Telemetry Streaming
Hello Team,
I am trying to forward AFM (Network Firewall) logs and APM logs from F5 BIG-IP to Amazon CloudWatch using F5 Telemetry Streaming.
F5 BigIP version - BIG-IP 17.1.0.1 Build 0.0.4 Point Release 1
Current Behavior
When I configure the security logging profile with local-db-publisher, I am able to see logs on the BIG-IP dashboard:
Security → Event Logs → Network Firewall
Security → Event Logs → Access
However, when I change the logging profile to use a remote log publisher, I am unable to receive the logs in CloudWatch.
My Decalartion
{
"class": "Telemetry",
"My_Listener": {
"class": "Telemetry_Listener",
"port": 6514
},
"My_Consumer": {
"class": "Telemetry_Consumer",
"type": "AWS_CloudWatch",
"region": "us-east-1",
"logGroup": "loggrpname",
"logStream": "logstreamname",
"username": "Access Key",
"passphrase": {
"cipherText": "Secret Key"
}
}
}
Telemetry Architecture for AFM
Security Log Profile → Log Publisher → Remote High Speed Log → telemetry_pool → 127.0.0.1:6514 → Telemetry Listener → Telemetry Consumer → CloudWatch
Configuration Summary
- AFM policy and APM access policy attached to the virtual server
- Security logging profile attached to the virtual server
- Log Publisher configured
- Remote High-Speed Log destination configured
- Pool member configured as 127.0.0.1:6514
- Telemetry Streaming declaration deployed.
1 Reply
- Melissa_C
Moderator
Hello jainzeel13
Noticed that you hadn't received any responses in a while on your post and wanted to check if you had resolved your issue outside of your post. If you have I would like to encourage you to update your post with those details. If not then we can see what options you may have available for support to assist.
-Melissa
