Forum Discussion
Hi Shorton88,
Well I think it depends on who is familiar with which product. Graylog is powerful log management software, but it was not created for advanced analytics and correlations, so I personally prefer to forward logs from f5 to any Enterprise SIEM solutions like QRadar, ArcSight or Splunk. As those solution gives you more functionality on log manipulation, investigation, monitoring, alerts, etc.
Also you can try f5's BIG-IQ solution, which basicaly is for centralized management of several BIG-IP devices, but one of its feature is Application analytics, which gives truly good dashboards with traffic information per application, like active connections, http transaction, application response and etc.
But as I said, it's my personal opinion :)