Forum Discussion
3 Replies
Sort By
- hooleylistCirrostratusDo you mean admin traffic to the BIG-IP's GUI or CLI interfaces, or client access which is being load balanced through the BIG-IP?
- Arnaud_Ciron_12NimbostratusI mean I want to log any operator accessing the BIGIP through the HTTS interface (just like ssh accesses are logged into /var/log/secure).
- hooleylistCirrostratusAccess to the admin GUI is logged according to the syslog-ng.conf (/etc/syslog-ng/syslog-ng.conf). You should see log entries in /var/log/httpd/ssl_access_log and ssl_request_log. Depending on exactly how you want to handle the log entries, you could create a new filter, destination and log statement in the syslog-ng. The filter would look for the string(s) which indicate a successful and/or failed login attempt. Take a look at the existing syslog-ng.conf entries for some examples or give it a shot and reply with any questions.