For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Vshah's avatar
Vshah
Icon for Nimbostratus rankNimbostratus
Jul 24, 2024

Old logs of backend nodes on F5

There was some issue on application where backend node were flapping so I want to check the back logs for that pool to share with them. Please help me with the F5 CLI command to check the old logs o...
application delivery
devops
f5 ltm
node
pool status
security
jaikumar_f5's avatar
jaikumar_f5
Icon for Noctilucent rankNoctilucent
Jul 24, 2024

How old is the incident. Depending upon the logs that has been flowing in the respective F5, the logs get rotated/archived.

 

Try the 1st command to see how old files you could see. 

The second cmd checks the ip 1.1.1.1 (it could be assumed as node ip Or any ip as a matter of fact) in the uncompressed ltm files. 

The last cmd checks on the archived files. 

ls -ltrh /var/log/ltm*
cat /var/log/ltm* | grep 1.1.1.1
zcat /var/log/ltm* | grep 1.1.1.1

 

If you get zero hits, presumably the logs are rotated.