IRONMAN
Nov 13, 2020Cirrostratus
Solved
F5 Sending syslogs with two hostname to remote syslog server
HI All,
we have F5 Device (LTM + AFM), we configured syslog sever splunk via linux syslog server as forwarder.
in Linux server each F5 creating two syslog files, only with just host name and another one is FQDN name.
Both are different logs , not duplicate .
I am not sure, where to merge it or make it single, any one guide me please!
HI ,
We have solution for this.
https://support.f5.com/csp/article/K76259573
Recommended Actions
Include "options {use_fqdn(yes); keep_hostname(no); };" to syslog configuration :
Use following command in CLI:
tmsh modify sys syslog include "options {use_fqdn(yes); keep_hostname(no); };"
F5 has option to mark his host name in (only host name or FQDN name) in syslog message.