cancel
Showing results for 
Search instead for 
Did you mean: 

user name in LTM logs

Shashank_jain
Nimbostratus
Nimbostratus

Hi All,

We have enabled AD authentication in F5 and provided operator access to user based on criteria . Now when they perform some action related to LTM for e.g. Pool member (enable/disable/force offline) , username in LTM logs , user who is doing these operation is not logged in . How can i do it as it is important to know who has done operations for security purpose . please let me know if i need to enable any function for the same .

Thanks

1 REPLY 1

Lidev
MVP
MVP

Hi Shashank,

 

Check audit log in /var/log/audit

https://support.f5.com/csp/article/K5532

 

About audit logging

Audit logging is an optional feature that logs messages whenever a BIG-IP® system object, such as a virtual server or a load balancing pool, is configured (that is, created, modified, or deleted). The BIG-IP system logs the messages for these auditing events in the file /var/log/audit.

There are three ways that objects can be configured:

  • By user action
  • By system action
  • By loading configuration data

Whenever an object is configured in one of these ways, the BIG-IP system logs a message to the audit log.

 

Regards