Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

ASM Bot Defence logs with CEF Format

Cpet
Altocumulus
Altocumulus

‎03-Sep-2023 01:55

Hi all,

I have  a cluster with 2 BIG-IPs Ver 15.1.9.1 and i am using the modules LTM + WAF . I found out that WAF bot defence log is with the format Syslog.My SIEM can read CEF (ArcSight) so my question is if there is a way to change the Syslog format to CEF format or if there is possibility to add a unique identifier on the syslog logs of the Bot Defense so those can be read by the SIEM.

Thanks

Labels:
0 Kudos
2 REPLIES 2

Nikoolayy1
MVP
MVP

‎05-Sep-2023 08:49

Better see this Unable to select Arcsight publisher for bot defense remote logging (f5.com) and open a RFE with the F5 Sales people.

Cpet
Altocumulus
Altocumulus
In response to Nikoolayy1

‎05-Sep-2023 21:18

Thanks

0 Kudos
Copyright © 2023 Khoros, LLC