Forum Discussion

Ken_113619's avatar
Ken_113619
Icon for Nimbostratus rankNimbostratus
Sep 23, 2009

Firepass logging

Does anyone else have a problem with Firepass logging? Personally I think it's awful. Too difficult to find anything you need. Things you want to report on aren't possible. Especially if users connect to the Network Access Client. Once the connection is made, you can't tell what happened after that until they log off, then all you have are the connection times. I opened a case with F5 and put in a request for improvement and got turned down stating it would be too difficult to code and too CPU intensive on the box which I don't buy. If you think the logging sucks please bang on F5's support about it. Thanks!
APM
remote access
security

3 Replies

Sort By
  • Mike_Ho's avatar
    Mike_Ho
    Icon for Cirrus rankCirrus
    Sep 23, 2009
    Can you describe what kind of logging you're looking for and not finding?

     

     

    There may be other ways to find similar information depending on your environment. For example if you're using a routed subnet for Network Access clients and have access to your router, perhaps using netflow might meet your needs.
  • VictorS_96310's avatar
    VictorS_96310
    Icon for Nimbostratus rankNimbostratus
    Oct 01, 2009
    Just dump the logs to syslog..

     

    Firepass logs on the units are a bear to look thru..

     

    You can adjust how much and what info gets dumped to syslog..

     

    It should meet all your needs.

     

    Thanks

     

    VictorS

     

     

    Enter the settings here to connect to a syslog server and also edit the info above with how much you would like to gather

     

     

     

    Enable Remote Log Server

     

    Enable Extended System Logs

     

    Remote host

     

    Log level

     

    Kernel log level