15-Mar-2023 00:08
Hi ,
to exploit the logs of the F5 LTM, APM, I would like to use, SPLUNK, and to avoid doing TCPDUMP on an environment of F5, do you know which keywords I could use on splunk.
Thanks,
15-Mar-2023 05:47
@Poseidon1974 I don't believe you can have the level of detail on a SPLUNK server that you can on a tcpdump on the F5, you will receive log messages but nothing as informative as a tcpdump.
16-Mar-2023 01:29
Thanks
19-Mar-2023 05:05
If that was the correct answer for you, please flag it as such.
I totally agree on the answer btw, logging and tcpdump are different things. won't be possible to pull that traffic logging into Splunk.
19-Mar-2023 09:03
Thanks