Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

What is the best log Log Analysis Tool for F5 AFM/APM?

Go to solution
Netztester
Nimbostratus
Nimbostratus

‎21-Dec-2022 22:13 - edited ‎21-Dec-2022 23:01

At the moment we use Graylog as a Log Analysis Tool. But we are not happy with it.

Very difficult to install and to maintain when you are not a linux freak. After updating our Linux System Graylog isn't working anymore.

Best solution would be an appliance.

any advice?

 

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Nikoolayy1
MVP
MVP

‎25-Dec-2022 02:58 - edited ‎25-Dec-2022 12:22

If you have many F5 devices, you may consider using the F5 BIG-IQ central managment platform as it can collect statistics and manage many F5 devices with all their modules like AFM/APM. BIG-IQ with DCD can monitor your LTM/APM. There is a trial version of BIG-IQ or you can ask the F5 sales for a Demo to see if it is what you want and need

https://techdocs.f5.com/en-us/bigiq-8-1-0/big-iq-monitoring-and-reports/configuring-statistics-colle...

 

Other options that were already mentioned to you are SIEM solutions like QRadar or Splunk but for a small company ELK is also an option as there is a free option and if you want vendor support then you pay for it. With the SIEM solutions you may need to build dashboards for AFM and APM as F5 has pluggins for most SIEM solution but primary for LTM/ASM(AWAF) and BIG-IQ already has prebuild dashboard.

https://www.elastic.co/guide/en/welcome-to-elastic/current/getting-started-guides.html

https://www.elastic.co/security/siem

 

 

View solution in original post

2 REPLIES 2

Go to solution
Mohamed_Ahmed_Kansoh
MVP
MVP

‎23-Dec-2022 16:50

Hi @Netztester , 

What about using Qradar or Splunk ? 
it’s an easy deployed monitoring and log analysis solutions and I think both of them is the most effective. 


_______________________
Regards
Mohamed Kansoh

Go to solution
Nikoolayy1
MVP
MVP

‎25-Dec-2022 02:58 - edited ‎25-Dec-2022 12:22

If you have many F5 devices, you may consider using the F5 BIG-IQ central managment platform as it can collect statistics and manage many F5 devices with all their modules like AFM/APM. BIG-IQ with DCD can monitor your LTM/APM. There is a trial version of BIG-IQ or you can ask the F5 sales for a Demo to see if it is what you want and need

https://techdocs.f5.com/en-us/bigiq-8-1-0/big-iq-monitoring-and-reports/configuring-statistics-colle...

 

Other options that were already mentioned to you are SIEM solutions like QRadar or Splunk but for a small company ELK is also an option as there is a free option and if you want vendor support then you pay for it. With the SIEM solutions you may need to build dashboards for AFM and APM as F5 has pluggins for most SIEM solution but primary for LTM/ASM(AWAF) and BIG-IQ already has prebuild dashboard.

https://www.elastic.co/guide/en/welcome-to-elastic/current/getting-started-guides.html

https://www.elastic.co/security/siem

 

 

Copyright © 2023 Khoros, LLC