APIRef_tm_security_log_profile

mgmt/tm/security/log/profile

/tm/security/log

Virtual server Security log profile configuration

REST Endpoints

Collection URI
/mgmt/tm/security/log/profile
Collection Methods
OPTIONS, GET
Resource URI
/mgmt/tm/security/log/profile/~resource id
Resource Methods
OPTIONS, GET, PUT, PATCH, DELETE, POST
Resource Natural Key
name, partition, subPath

Properties

Name Type Default Value Required Access Description
appService string   optional read/write The application service that the object belongs to.
builtIn string disabled optional read/write  
description string   optional read/write User defined description.
dosNetworkPublisher string   optional read/write Specifies the name of the log publisher used for DoS Network events.
tmPartition string Common optional read/write Displays the administrative partition within which this profile resides.
protocolDnsDosPublisher string   optional read/write Specifies the name of the log publisher used for DNS DoS events.
protocolSipDosPublisher string   optional read/write Specifies the name of the log publisher used for SIP DoS events.

Subcollections

Name Type Default Value Required Access Description
application array_structure   optional read/write  
network array_structure   optional read/write  
protocol-dns array_structure   optional read/write  
protocol-sip array_structure   optional read/write  

Structures

Name Type Default Value Required Access Description
/ip-intelligence array_structure   optional read/write  
/ip-intelligence/aggregate-rate integer -1 optional read/write Aggregate rate limit for all IP Intelligence log messages.
/ip-intelligence/log-publisher string   optional read/write Specifies the name of the log publisher used for IP Intelligence events.
/ip-intelligence/log-rtbh string disabled optional read/write Enables or disables logging of IP Intelligence rtbh events.
/ip-intelligence/log-scrubber string disabled optional read/write Enables or disables logging of IP Intelligence scrubber events.
/ip-intelligence/log-shun string disabled optional read/write Enables or disables logging of IP Intelligence shun events.
/ip-intelligence/log-translation-fields string disabled optional read/write Enables or disables logging of translation fields in IP Intelligence events.
/ip-intelligence/aggregate-rate integer -1 optional read/write Aggregate rate limit for all IP Intelligence log messages.
/ip-intelligence/log-publisher string   optional read/write Specifies the name of the log publisher used for IP Intelligence events.
/ip-intelligence/log-rtbh string disabled optional read/write Enables or disables logging of IP Intelligence rtbh events.
/ip-intelligence/log-scrubber string disabled optional read/write Enables or disables logging of IP Intelligence scrubber events.
/ip-intelligence/log-shun string disabled optional read/write Enables or disables logging of IP Intelligence shun events.
/ip-intelligence/log-translation-fields string disabled optional read/write Enables or disables logging of translation fields in IP Intelligence events.
/nat array_structure   optional read/write  
/nat/end-inbound-session string disabled optional read/write Event for end of incoming connection to a translated address.
/nat/errors string disabled optional read/write Event for errors encountered while attempting source or destination translation.
/nat/log-publisher string   optional read/write Specifies the name of the log publisher used for logging NAT related events.
/nat/lsn-legacy-mode string disabled optional read/write Specifies whether translation events are logged in existing CGNAT formats (for backward compatibility with LSN events).
/nat/quota-exceeded string disabled optional read/write Event for when client exceeded allocated resource limit.
/nat/start-inbound-session string disabled optional read/write Event for start of incoming connection to a translated address.
/nat/end-outbound-session array_structure   optional read/write  
/nat/end-outbound-session/action string disabled optional read/write Specifies what action is taken at the time of logging the event.
/nat/end-outbound-session/elements string   optional read/write Optional elements that can be logged for the event. This is applicable only if ‘lsn-legacy-mode’ is enabled.
/nat/end-outbound-session/action string disabled optional read/write Specifies what action is taken at the time of logging the event.
/nat/end-outbound-session/elements string   optional read/write Optional elements that can be logged for the event. This is applicable only if ‘lsn-legacy-mode’ is enabled.
/nat/rate-limit array_structure   optional read/write  
/nat/rate-limit/aggregate-rate integer -1 optional read/write Specifies the Aggregate rate limit value for all security nat log events
/nat/rate-limit/end-inbound-session integer -1 optional read/write Specifies the rate limit value for the end inbound session log events
/nat/rate-limit/end-outbound-session integer -1 optional read/write Specifies the rate limit value for the end outbound session log events
/nat/rate-limit/errors integer -1 optional read/write Specifies the rate limit value for the error log events
/nat/rate-limit/quota-exceeded integer -1 optional read/write Specifies the rate limit value for the quota exceeded log events
/nat/rate-limit/start-inbound-session integer -1 optional read/write Specifies the rate limit value for the start inbound session log events
/nat/rate-limit/start-outbound-session integer -1 optional read/write Specifies the rate limit value for the start outbound session log events
/nat/rate-limit/aggregate-rate integer -1 optional read/write Specifies the Aggregate rate limit value for all security nat log events
/nat/rate-limit/end-inbound-session integer -1 optional read/write Specifies the rate limit value for the end inbound session log events
/nat/rate-limit/end-outbound-session integer -1 optional read/write Specifies the rate limit value for the end outbound session log events
/nat/rate-limit/errors integer -1 optional read/write Specifies the rate limit value for the error log events
/nat/rate-limit/quota-exceeded integer -1 optional read/write Specifies the rate limit value for the quota exceeded log events
/nat/rate-limit/start-inbound-session integer -1 optional read/write Specifies the rate limit value for the start inbound session log events
/nat/rate-limit/start-outbound-session integer -1 optional read/write Specifies the rate limit value for the start outbound session log events
/nat/start-outbound-session array_structure   optional read/write  
/nat/start-outbound-session/action string disabled optional read/write Specifies what action is taken at the time of logging the event.
/nat/start-outbound-session/elements string   optional read/write Optional elements that can be logged for the event. This is applicable only if ‘lsn-legacy-mode’ is enabled.
/nat/start-outbound-session/action string disabled optional read/write Specifies what action is taken at the time of logging the event.
/nat/start-outbound-session/elements string   optional read/write Optional elements that can be logged for the event. This is applicable only if ‘lsn-legacy-mode’ is enabled.
/nat/end-inbound-session string disabled optional read/write Event for end of incoming connection to a translated address.
/nat/errors string disabled optional read/write Event for errors encountered while attempting source or destination translation.
/nat/log-publisher string   optional read/write Specifies the name of the log publisher used for logging NAT related events.
/nat/lsn-legacy-mode string disabled optional read/write Specifies whether translation events are logged in existing CGNAT formats (for backward compatibility with LSN events).
/nat/quota-exceeded string disabled optional read/write Event for when client exceeded allocated resource limit.
/nat/start-inbound-session string disabled optional read/write Event for start of incoming connection to a translated address.
/port-misuse array_structure   optional read/write  
/port-misuse/aggregate-rate integer -1 optional read/write Specifies the rate limit for logging of Port Misuse events.
/port-misuse/log-publisher string   optional read/write Specifies the name of the log publisher used for Port Misuse events.
/port-misuse/aggregate-rate integer -1 optional read/write Specifies the rate limit for logging of Port Misuse events.
/port-misuse/log-publisher string   optional read/write Specifies the name of the log publisher used for Port Misuse events.
/traffic-statistics array_structure   optional read/write  
/traffic-statistics/active-flows string disabled optional read/write Enables or disables logging of number of active flows.
/traffic-statistics/log-publisher string   optional read/write Specifies the name of the log publisher used for Traffic Statistics
/traffic-statistics/missed-flows string disabled optional read/write Enables or disables logging of number of packets dropped because of flow miss.
/traffic-statistics/reaped-flows string disabled optional read/write Enables or disables logging of number of reaped flows.
/traffic-statistics/syncookies string disabled optional read/write Enables or disables logging of number of syncookies generated/accepted/rejected.
/traffic-statistics/syncookies-whitelist string disabled optional read/write Enables or disables logging of number of syncookies whitelist hits/accepted/rejected.
/traffic-statistics/active-flows string disabled optional read/write Enables or disables logging of number of active flows.
/traffic-statistics/log-publisher string   optional read/write Specifies the name of the log publisher used for Traffic Statistics
/traffic-statistics/missed-flows string disabled optional read/write Enables or disables logging of number of packets dropped because of flow miss.
/traffic-statistics/reaped-flows string disabled optional read/write Enables or disables logging of number of reaped flows.
/traffic-statistics/syncookies string disabled optional read/write Enables or disables logging of number of syncookies generated/accepted/rejected.
/traffic-statistics/syncookies-whitelist string disabled optional read/write Enables or disables logging of number of syncookies whitelist hits/accepted/rejected.

Array Structures

Name Type Default Value Required Access Description
/bot-defense array_structure   optional read/write  
/bot-defense/app-service string   optional read/write The application service that the object belongs to.
/bot-defense/local-publisher string   optional read/write Specifies the name of the local log publisher used for Bot Defense log messages.
/bot-defense/remote-publisher string   optional read/write Specifies the name of the remote log publisher used for Bot Defense log messages.
/dos-application array_structure   optional read/write  
/dos-application/app-service string   optional read/write  
/dos-application/local-publisher string   optional read/write Specifies the name of the local log publisher used for Application DoS attacks.
/dos-application/remote-publisher string   optional read/write Specifies the name of the remote log publisher used for Application DoS attacks.
/protocol-transfer array_structure   optional read/write  
/protocol-transfer/app-service string   optional read/write  
/protocol-transfer/publisher string   optional read/write Specifies the name of the log publisher used for Protocol Security log messages.
/ssh-proxy array_structure   optional read/write  
/ssh-proxy/allowed-channel-action string disabled optional read/write Enable or disable logging for allowed channel action
/ssh-proxy/app-service string   optional read/write  
/ssh-proxy/disallowed-channel-action string disabled optional read/write Enable or disable logging for disallowed channel action
/ssh-proxy/log-publisher string   optional read/write Specifies the name of the log publisher used for ssh proxy log events
/ssh-proxy/non-ssh-traffic string disabled optional read/write Enable or disable logging for non SSHv2 traffic events
/ssh-proxy/ssh-timeout string disabled optional read/write Enable or disable logging for ssh timeout
/ssh-proxy/successful-client-side-auth string disabled optional read/write Enable or disable logging for successful client side authentication
/ssh-proxy/successful-server-side-auth string disabled optional read/write Enable or disable logging for successful server side authentication
/ssh-proxy/unsuccessful-client-side-auth string disabled optional read/write Enable or disable logging for unsuccessful client side authentication
/ssh-proxy/unsuccessful-server-side-auth string disabled optional read/write Enable or disable logging for unsuccessful server side authentication
Copyright (c) 2016, F5 Networks Inc. All Rights Reserved.

The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.