Skip to content

jmagudo/Graylog_Content_Pack_BIGIP_ASM

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 
 
 

Repository files navigation

F5 Big-IP ASM Content Pack

This content pack is used to capture log data from F5's Big-IP Application Security Module. This module creates an input to parse ASM syslog data.

Includes

  • Input (Syslog TCP 1514)

##TO DO I have been struggling to get ASM's logs into Graylog for awhile. I finaly sat down and learned GROK filters. I really shouldn't be using the DATA grok pattern for all fields.

##Logging Profile A logging profile will have to be created. Then you will have to select the logging profile on the virtual servers that you are wanting. I have included a screenshot of my logging profile for reference.

Important Logging Profile Settings:

  • "Protocol" set to "TCP"
  • "Remote Storage Type" set to "Reporting Server"
  • "Server Address" set to "graylogserver:1514"

Alt text

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published