<iframe src="//www.googletagmanager.com/ns.html?id=GTM-PPZPQ6" height="0" width="0" style="display:none;visibility:hidden"></iframe>
Learn F5 Technologies, Get Answers & Share Community Solutions
F5 Cloud Services
F5 Rules for AWS WAF
IP Intelligence Services
Secure Web Gateway
Clear all filters
Back to List
Logging HTTP traffic to Splunk
Originally posted on 20-Apr-2011 by
Im researching on how to log HTTP traffic via syslog to SPlunk server.
Im not sure where to start, but my basic approach is configuring the BigIP to send all syslog to the Splunk IP,, then configure an IRule later that captures the traffic and send it via syslog.
Has anybody done anything like this?
The first problem Im having is that I have Splunk listening for SYSLOG on port 2000 instead of 514 and I dont know how to change the BigIP so it send the syslog to that port.
Im running LTM 10.X on a 3600 box.
Rate this Question
Answers to this Question
USER ACCEPTED ANSWER
F5 ACCEPTED ANSWER
Originally posted on 21-Apr-2011 by
This article should help you: http://devcentral.f5.com/Tutorials/TechTips/tabid/63/articleType/ArticleView/articleId/155/LTM-942-Custom-Syslog-Configuration.aspx
You must be logged in to answer. You can login
Specify an image to upload:
Your post has been identified as spam. If this is not the case, please contact