Forum Discussion

SWJO's avatar
SWJO
Icon for Cirrostratus rankCirrostratus
Jan 23, 2020
Solved

Does anyone did traffic logging?

Hi guys

 

I`m searching method which can logging or inspecting traffic information.

 

Target license are LTM and CGNAT.

 

I have looking for Telemetry streaming but that seems providing sampling information.

I need full traffic information not sampling data. also don`t need mirroring.

 

I think using i-Rule with HSL can be a method but I`m wondering how much traffic can be logging.

-> how much means about CPS 150K.

-> and BIGIP`s disk can be able to hold the logs.

application delivery
BIG-IP
cgnat
devops
iRules
  • NUT2889's avatar
    NUT2889
    Jan 23, 2020

    Hi,

     

    Yes, the purpose of HSL is for syslog protocol. You can forward to external syslog server by TCP / UDP based on syslog receiver.

6 Replies

Sort By
  • NUT2889's avatar
    NUT2889
    Icon for Cirrostratus rankCirrostratus
    Jan 23, 2020

    Hi,

     

    F5 not suggest to store log locally. From my experience F5 support recommend customer forward log to SIEM / Big Data Solution / BIG-IQ instead.

    • SWJO's avatar
      SWJO
      Icon for Cirrostratus rankCirrostratus
      Jan 23, 2020

      Hi.

       

      Then is there possible method not store logs in box but forward to remote?

      • NUT2889's avatar
        NUT2889
        Icon for Cirrostratus rankCirrostratus
        Jan 23, 2020

        Hi,

         

        Yes, the purpose of HSL is for syslog protocol. You can forward to external syslog server by TCP / UDP based on syslog receiver.