We are trying to setup alerts to Splunk so that in case any member becomes unavailable for any reason within a particular virtual server then we can see it on Splunk. There is recommended way to use use Splunk Universal forwarded/agent but are not allowed to install so have to use Splunk heavy forwarder instead. I have come across below article to set up syslog messages but its generic and not based on individual virtual server: https://my.f5.com/manage/s/article/K15316506
I believe this can be acheiveable with iRules and with some research , I've found an example which is using to generate syslog when client tries to connect to specific virtual server but not addressing my issue.https://network-knowledge.work/bigip-irules-syslog/
I was wondering if this is even acheivable with this approach or even supported by Big-IP at all? I have very little experience with this technology and unsure if I can acheive this task or not?
The first link is helpful and in conjunction with the following two links I believe you can configure the appropriate filter for all pool members if they go down or come back up. Please keep in mind that this will not be for a specific virtual server but for all pools having a pool member go down or up. If you look at the following link you can see that the IDs you will most likely want to filter on are 01070638 and 01070727 with a severity of notice.