Forum Discussion

Nimbostratus

Jun 28, 2016

Using two Virtual Servers to limit duplicate syslog messages reaching a Splunk Forwarder.

I have a requirement to limit duplicate syslog messages reaching our dual site splunk deployment and to only forward logging messages received at a second site if the first site has an issue. A...

Employee

Jun 30, 2016

Hi,

use an irule on both.
create pool A and Pool B on both.
you can test pool member availability in the irule with LB::status
you can drop a connection with irule command drop/discard/reject

so this way you can on the backup site B test if the primary pool member A is available and drop the request accordingly.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Using two Virtual Servers to limit duplicate syslog messages reaching a Splunk Forwarder.

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs

F5 BIG IP laboratory license

F5 mssql health monitor failing

How can I get started with iCall

Connection Rest f5

Related Content

UDP TCP Packet Duplication

Duplicating BIG-IP Objects

Load Balancing TCP TLS Encrypted Syslog Messages

Massive DDoS, DanaBot Dismantled, Scraped Discord Messages and Signal Blocks Windows Recall

Performance optimalization of message based load balancing.

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS