Forum Discussion

Altostratus

Feb 04, 2020

Solved

Source IP logging for AFM DDoS attacks

Hello everyone. I'm configuring AFM DDoS Device Protection and using local-db-publisher for logging. Looking at the events generated when AFM detects an attack, I can only see the destination...

AFM

security

Simon_Blakely
Feb 04, 2020
The answer is in the name - DDoS Device Protection

The identified attacks are from multiple distributed source IPs, all targeted at a Destination IP.
Because of the distributed nature of the attack, the large number of Source IPs are considered not relevant, and so are not logged.

Simon_Blakely

Employee

Feb 04, 2020

The answer is in the name - DDoS Device Protection

The identified attacks are from multiple distributed source IPs, all targeted at a Destination IP.

Because of the distributed nature of the attack, the large number of Source IPs are considered not relevant, and so are not logged.

Forum Discussion

Source IP logging for AFM DDoS attacks

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

Log-in attacks, Ransomware gangs, Autohack with LLMs-Feb 18-24, 2024- F5 SIRT- This Week in Security

ESRP Strategies: DNS Water Torture Attack

Application attack from different source IPs

Juice jacking attack and State-funded attacks - April 15th - 21st - This Week in Security

Change original source IP to random in ASM logs