user name in LTM logs

Question

Hi All,

We have enabled AD authentication in F5 and provided operator access to user based on criteria . Now when they perform some action related to LTM for e.g. Pool member (enable/disable/force offline) , username in LTM logs , user who is doing these operation is not logged in . How can i do it as it is important to know who has done operations for security purpose . please let me know if i need to enable any function for the same .

Thanks

lidev · Answer

Hi Shashank,&nbsp;Check audit log in /var/log/audithttps://support.f5.com/csp/article/K5532&nbsp;About audit loggingAudit logging is an optional feature that logs messages whenever a BIG-IP® system object, such as a virtual server or a load balancing pool, is configured (that is, created, modified, or deleted). The BIG-IP system logs the messages for these auditing events in the file /var/log/audit.There are three ways that objects can be configured:By user actionBy system actionBy loading configuration dataWhenever an object is configured in one of these ways, the BIG-IP system logs a message to the audit log.&nbsp;Regards

Forum Discussion

user name in LTM logs

Recent Discussions

AS3 Limitations

Diameter iRules attachment?

Help needed with iRule (connection closed log )

Use of SSL Decryption.

VLAN Failsafe Functionality

Related Content

DEVCENTRAL END-USER LICENSE AGREEMENT

Securing the LLM User Experience with an AI Firewall

Logging DNS Requests

CEF logs F5

F5 XC Session tracking with User Identification Policy

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS