Forum Discussion
Simon_Blakely
Apr 28, 2020Employee
You might start with a Request Logging Profile:
AskF5 | Manual Chapter: Configuring Request Logging
Also look at
Adding the body of requests/responses to the data being logged to Splunk via iRule.
which has a pretty comprehensive irule for sending detailed information formatted for Splunk (ignoring the attempt to send the payload).
> I personally do not believe that the F5’s should be part of Cyberfusions security suite relative to the detailed information that is being requested to be sent externally.
In many cases, the BigIP is supplying required information (such as client IP) via headers and other insertions, and so the logging on webservers should be configured to use things like X-Forwarded-For as the client IP address.