cancel
Showing results for 
Search instead for 
Did you mean: 

Assign new security log profile to related VS on cli

olguarabaci
Nimbostratus
Nimbostratus

Hi everyone, I am looking for the cli command to modify security log profile in related VS. if there is, i would like to do this for my all Vs in bulk. Because it is so waste of time to doing this from gui one by one.

1 REPLY 1

You can check this:

 

 

https://clouddocs.f5.com/cli/tmsh-reference/v15/modules/security/security_log_profile.html

 

 

 

create security log profile "{{ asm_default_logging_profile }}" application replace-all-with

{ "{{ asm_default_logging_profile }}" { servers replace-all-with { <server_ip>:<port> } filter replace-all-with { request-type { values replace-all-with { illegal } } } logger-type remote logic-operation and protocol tcp remote-storage remote ma

ximum-entry-length 2k response-logging illegal format { fields { attack_type date_time dest_ip dest_port device_id geo_location http_class_name ip_address_intelligence ip_client ip_with_route_domain is_truncated management_ip_address method policy_a

pply_date policy_name protocol query_string request request_status response response_code route_domain session_id severity sig_ids sig_names sig_set_names slot_number src_port sub_violations support_id unit_hostname uri username violation_details vi

olation_rating violations virus_name websocket_direction websocket_message_type } } } }

 

 

 

 

 

Or try using rest-api or Big-IQ for mass change on many devices.

 

 

 

https://clouddocs.f5.com/api/icontrol-rest/APIRef_tm_security_log_profile_application.html

 

 

 

Example how to get idea on what to modify as you may use postman rest-api client:

 

 

https://devcentral.f5.com/s/question/0D51T00006i7kHo/how-to-get-asm-dos-and-logging-profiles-applied-to-a-virtual-server

 

 

https://clouddocs.f5.com/training/community/automation/html/class01/module1/lab2.html