Implementing BIG-IP WAF logging and visibility with ELK

Scope This technical article is useful for BIG-IP users familiar with web application security and the implementation and use of the Elastic Stack. This includes, application security professionals,...
Published Sep 21, 2020
Version 1.0
ASM Advanced WAF
dashboard
elastic
Elastic Stack
elk
logging
NGINX WAF
security
series-visibility-and-orchestration-with-f5
Romain's avatar
Icon for Employee rankEmployee
I've been an F5'er since 2012 and an F5 enthusiast for longer than that! I am also an motorcycle enthusiast based out of the San Francisco Bay Area.
View Profile
Romain's avatar
Icon for Employee rankEmployee
I've been an F5'er since 2012 and an F5 enthusiast for longer than that! I am also an motorcycle enthusiast based out of the San Francisco Bay Area.
View Profile
Romain's avatar
Romain
Icon for Employee rankEmployee
Jan 11, 2021

For LTM - the best bet is to use F5's Telemetry Streaming (TS): https://clouddocs.f5.com/products/extensions/f5-telemetry-streaming/latest/ - Elasticsearch can then ingest the formatted JSON and you can get things going for your dashboard -