Forum Discussion

Shashank_jain's avatar
Shashank_jain
Icon for Nimbostratus rankNimbostratus
Jul 29, 2020

user name in LTM logs

Hi All,

We have enabled AD authentication in F5 and provided operator access to user based on criteria . Now when they perform some action related to LTM for e.g. Pool member (enable/disable/force offline) , username in LTM logs , user who is doing these operation is not logged in . How can i do it as it is important to know who has done operations for security purpose . please let me know if i need to enable any function for the same .

Thanks

1 Reply

  • Hi Shashank,

     

    Check audit log in /var/log/audit

    https://support.f5.com/csp/article/K5532

     

    About audit logging

    Audit logging is an optional feature that logs messages whenever a BIG-IP® system object, such as a virtual server or a load balancing pool, is configured (that is, created, modified, or deleted). The BIG-IP system logs the messages for these auditing events in the file /var/log/audit.

    There are three ways that objects can be configured:

    • By user action
    • By system action
    • By loading configuration data

    Whenever an object is configured in one of these ways, the BIG-IP system logs a message to the audit log.

     

    Regards