Reporting DoS events through syslog not work

Hi, I am trying to send syslog formatted DoS events to a remote server. I proceeded as follows:

I created syslog pool, which contains one member listening on x.x.x.x:6514. The pool is completely accessible, UDP monitoring is green
I created HSL log destination with pool from step 1.; protocol - UDP; Distribution - adaptive. Then I created another log destination with syslog format and with forwarding to the created HSL log destination
Next, I created a log publisher, which contains only "syslog log destination"
At the last, in Security Event logs I created a new logging profile where I enabled "DoS protection" and set remote publisher to publisher created in the 3. step

When I generate some test DoS attack (via hping), I see this attack at the DoS real-time dashboard, but none event is sent to the remote syslog server (verified by tcpdump). What confuses me is that I don't see any DoS events in DoS event logs neither. Am I missing something?

BigIp version: 15.1.2.1

AFM

BIG-IP

security

Forum Discussion

Reporting DoS events through syslog not work

Recent Discussions

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Related Content

Re: BigIP Report

BigIP Report Old

iRule Event Order Flowchart

Leveraging Ansible Rulebooks for Streamlined Event Triggers: Advantages and Benefits

Get started with F5 Distributed Cloud WAAP Scheduled Reports