Request Logging - VMWare LogInsight

Question

Good morning all,&nbsp;  I am curious what everyone is using for traffic visibility. I currently have vmware loginsight setup with the F5 content pack. I get decent information but it doesn't always feel like the whole story. I've used graylog before with a request logging profile on the LTM VS, one I figured out the grok pattern it provided good information but again didn't feel like an enterprise solution. &nbsp;I'm curious what everyone else is using, how is it working for you?

giorgi_gujabidz · Answer

Hi Shorton88,&nbsp;Well I think it depends on who is familiar with which product. Graylog is powerful log management software, but it was not created for advanced analytics and correlations, so I personally prefer to forward logs from f5 to any Enterprise SIEM solutions like QRadar, ArcSight or Splunk. As those solution gives you more functionality on log manipulation, investigation, monitoring, alerts, etc.&nbsp;Also you can try f5's BIG-IQ solution, which basicaly is for centralized management of several BIG-IP devices, but one of its feature is Application analytics, which gives truly good dashboards with traffic information per application, like active connections, http transaction, application response and etc.&nbsp;But as I said, it's my personal opinion :)

Forum Discussion

Request Logging - VMWare LogInsight

1 Reply

Recent Discussions

Import PKCS 12 SSL to Device Certificate via API/Script or CLI on BIG-IP

Help with URL Masking

F5 iRule to replace host to path

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5 Rseries R2600 Tenant sizing

Related Content

Logging DNS Requests

Logging of DNS Requests and Responses without a DNS license

send Request Logging through Management IP

Beware, your logs - how blocked log4shell, Spring4Shell etc requests can still lead to compromise

Distributed caching of authentication requests with NGINX Ingress Controller