I am seeing lot of logs as below filling the ltm log files
slot1/hostname info tmm[14479]: Hostname="name",SlotId="1",errdefs_msgno="22282261",Entity="DosVisibilityVips",AggrInterval="300",EOCTimestamp="1616413200",HitCount="1",VipName="/Common/https-vs",ServerLatency="0",ServerLatencyHitCount="0",ClientConcurrentConns="0",ServerConcurrentConns="0",MaxClientConcurrentConns="0",MaxServerConcurrentConns="0",ClientNewConns="0",ServerNewConns="0",FailedConns="0",ExpiredConns="0",AbandonedConns="0",ClientBytesIn="0",ServerBytesOut="0",ServerBytesIn="0",ClientOutBytes="0",ClientPktsIn="0",ServerPktsOut="0",ServerPktsIn="0",ClientPktsOut="0",ConcurrentIps="0",ConcurrentBlockedIps="0",ConcurrentIpsParticipatingInAttacks="0",ConcurrentAttacks="0",ServerLatencyHealth="0",ConcurrentConnectionsHealth="0",ThroughputHealth="0",specialConcurrentIpsForAllVips="8"
I do not have analytics module enabled, no debugs on the GUI.
Removed the dos logging, ip intelligence.
Please let me know why it is generating these statistics, how to find them.
Do you have AFM or ASM with Layer 4 or Layer 7 DDOS?
If your device is working and there is no high CPU memry or any real issue also check if someone has set the tmm log to informational state as by default it should notice and maybe this is why you see this issue:
Have you checked the GUI DDOS statistics or if the same messages are in /var/log/dosl7?
https://support.f5.com/csp/article/K45156590
If you have removed the logging profile for https-vs you may check if this VIP is created by an iApp or it has a an irule that could generate such logs or something else?
You may raise a case to the vendor as it could be a bug. The log level "info tmm[14479]: " but the tmm logs are set to notice and this is the strange thing.
Other think is to test seting the ASM log log.ts.level to Notice level from th GUI or CLI just as a test.
