BIG-IP 184.108.40.206 Build 0.0.10 Point Release 5
Curious if ASM security policy Traffic Learning suggestions has logging, as in what user may have accepted what suggestion, deleted another, etc.
Also, if it has logging around security policy changes. I believe this does occur, but interested in if these (and the above logs, if they exist) can be syslog'd out. If that is the case, may need a quick run-down of where to turn on/expect this type of audit logging configuration.
every single ASM policy change is logged including traffic learning suggestion acceptance and yes it is sysloged into /var/log/asm - simply search it for a keyword "audit".
Excellent thank you! Is there any option within the F5 to setup syslog to external IP/Syslog server/etc. or will it have to be SSH'd into F5 to get the log?