APIRef_tm_security_log_profile¶
mgmt/tm/security/log/profile
Virtual server Security log profile configuration
REST Endpoints
- Collection URI
/mgmt/tm/security/log/profile
- Collection Methods
OPTIONS, GET
- Resource URI
/mgmt/tm/security/log/profile/~resource id
- Resource Methods
OPTIONS, GET, PUT, PATCH, DELETE, POST
- Resource Natural Key
name, partition, subPath
Properties
Name | Type | Default Value | Required | Access | Description |
---|---|---|---|---|---|
appService |
string | optional | read/write | The application service that the object belongs to. | |
builtIn |
string | disabled | optional | read/write | |
description |
string | optional | read/write | User defined description. | |
dosNetworkPublisher |
string | optional | read/write | Specifies the name of the log publisher used for DoS Network events. | |
tmPartition |
string | Common | optional | read/write | Displays the administrative partition within which this profile resides. |
protocolDnsDosPublisher |
string | optional | read/write | Specifies the name of the log publisher used for DNS DoS events. | |
protocolSipDosPublisher |
string | optional | read/write | Specifies the name of the log publisher used for SIP DoS events. |
Subcollections
Name | Type | Default Value | Required | Access | Description |
---|---|---|---|---|---|
application |
array_structure | optional | read/write | ||
network |
array_structure | optional | read/write | ||
protocol-dns |
array_structure | optional | read/write | ||
protocol-sip |
array_structure | optional | read/write |
Structures
Name | Type | Default Value | Required | Access | Description |
---|---|---|---|---|---|
/ip-intelligence |
array_structure | optional | read/write | ||
/ip-intelligence/aggregate-rate |
integer | -1 | optional | read/write | Aggregate rate limit for all IP Intelligence log messages. |
/ip-intelligence/log-publisher |
string | optional | read/write | Specifies the name of the log publisher used for IP Intelligence events. | |
/ip-intelligence/log-rtbh |
string | disabled | optional | read/write | Enables or disables logging of IP Intelligence rtbh events. |
/ip-intelligence/log-scrubber |
string | disabled | optional | read/write | Enables or disables logging of IP Intelligence scrubber events. |
/ip-intelligence/log-shun |
string | disabled | optional | read/write | Enables or disables logging of IP Intelligence shun events. |
/ip-intelligence/log-translation-fields |
string | disabled | optional | read/write | Enables or disables logging of translation fields in IP Intelligence events. |
/ip-intelligence/aggregate-rate |
integer | -1 | optional | read/write | Aggregate rate limit for all IP Intelligence log messages. |
/ip-intelligence/log-publisher |
string | optional | read/write | Specifies the name of the log publisher used for IP Intelligence events. | |
/ip-intelligence/log-rtbh |
string | disabled | optional | read/write | Enables or disables logging of IP Intelligence rtbh events. |
/ip-intelligence/log-scrubber |
string | disabled | optional | read/write | Enables or disables logging of IP Intelligence scrubber events. |
/ip-intelligence/log-shun |
string | disabled | optional | read/write | Enables or disables logging of IP Intelligence shun events. |
/ip-intelligence/log-translation-fields |
string | disabled | optional | read/write | Enables or disables logging of translation fields in IP Intelligence events. |
/nat |
array_structure | optional | read/write | ||
/nat/end-inbound-session |
string | disabled | optional | read/write | Event for end of incoming connection to a translated address. |
/nat/errors |
string | disabled | optional | read/write | Event for errors encountered while attempting source or destination translation. |
/nat/log-publisher |
string | optional | read/write | Specifies the name of the log publisher used for logging NAT related events. | |
/nat/lsn-legacy-mode |
string | disabled | optional | read/write | Specifies whether translation events are logged in existing CGNAT formats (for backward compatibility with LSN events). |
/nat/quota-exceeded |
string | disabled | optional | read/write | Event for when client exceeded allocated resource limit. |
/nat/start-inbound-session |
string | disabled | optional | read/write | Event for start of incoming connection to a translated address. |
/nat/end-outbound-session |
array_structure | optional | read/write | ||
/nat/end-outbound-session/action |
string | disabled | optional | read/write | Specifies what action is taken at the time of logging the event. |
/nat/end-outbound-session/elements |
string | optional | read/write | Optional elements that can be logged for the event. This is applicable only if ‘lsn-legacy-mode’ is enabled. | |
/nat/end-outbound-session/action |
string | disabled | optional | read/write | Specifies what action is taken at the time of logging the event. |
/nat/end-outbound-session/elements |
string | optional | read/write | Optional elements that can be logged for the event. This is applicable only if ‘lsn-legacy-mode’ is enabled. | |
/nat/rate-limit |
array_structure | optional | read/write | ||
/nat/rate-limit/aggregate-rate |
integer | -1 | optional | read/write | Specifies the Aggregate rate limit value for all security nat log events |
/nat/rate-limit/end-inbound-session |
integer | -1 | optional | read/write | Specifies the rate limit value for the end inbound session log events |
/nat/rate-limit/end-outbound-session |
integer | -1 | optional | read/write | Specifies the rate limit value for the end outbound session log events |
/nat/rate-limit/errors |
integer | -1 | optional | read/write | Specifies the rate limit value for the error log events |
/nat/rate-limit/quota-exceeded |
integer | -1 | optional | read/write | Specifies the rate limit value for the quota exceeded log events |
/nat/rate-limit/start-inbound-session |
integer | -1 | optional | read/write | Specifies the rate limit value for the start inbound session log events |
/nat/rate-limit/start-outbound-session |
integer | -1 | optional | read/write | Specifies the rate limit value for the start outbound session log events |
/nat/rate-limit/aggregate-rate |
integer | -1 | optional | read/write | Specifies the Aggregate rate limit value for all security nat log events |
/nat/rate-limit/end-inbound-session |
integer | -1 | optional | read/write | Specifies the rate limit value for the end inbound session log events |
/nat/rate-limit/end-outbound-session |
integer | -1 | optional | read/write | Specifies the rate limit value for the end outbound session log events |
/nat/rate-limit/errors |
integer | -1 | optional | read/write | Specifies the rate limit value for the error log events |
/nat/rate-limit/quota-exceeded |
integer | -1 | optional | read/write | Specifies the rate limit value for the quota exceeded log events |
/nat/rate-limit/start-inbound-session |
integer | -1 | optional | read/write | Specifies the rate limit value for the start inbound session log events |
/nat/rate-limit/start-outbound-session |
integer | -1 | optional | read/write | Specifies the rate limit value for the start outbound session log events |
/nat/start-outbound-session |
array_structure | optional | read/write | ||
/nat/start-outbound-session/action |
string | disabled | optional | read/write | Specifies what action is taken at the time of logging the event. |
/nat/start-outbound-session/elements |
string | optional | read/write | Optional elements that can be logged for the event. This is applicable only if ‘lsn-legacy-mode’ is enabled. | |
/nat/start-outbound-session/action |
string | disabled | optional | read/write | Specifies what action is taken at the time of logging the event. |
/nat/start-outbound-session/elements |
string | optional | read/write | Optional elements that can be logged for the event. This is applicable only if ‘lsn-legacy-mode’ is enabled. | |
/nat/end-inbound-session |
string | disabled | optional | read/write | Event for end of incoming connection to a translated address. |
/nat/errors |
string | disabled | optional | read/write | Event for errors encountered while attempting source or destination translation. |
/nat/log-publisher |
string | optional | read/write | Specifies the name of the log publisher used for logging NAT related events. | |
/nat/lsn-legacy-mode |
string | disabled | optional | read/write | Specifies whether translation events are logged in existing CGNAT formats (for backward compatibility with LSN events). |
/nat/quota-exceeded |
string | disabled | optional | read/write | Event for when client exceeded allocated resource limit. |
/nat/start-inbound-session |
string | disabled | optional | read/write | Event for start of incoming connection to a translated address. |
/port-misuse |
array_structure | optional | read/write | ||
/port-misuse/aggregate-rate |
integer | -1 | optional | read/write | Specifies the rate limit for logging of Port Misuse events. |
/port-misuse/log-publisher |
string | optional | read/write | Specifies the name of the log publisher used for Port Misuse events. | |
/port-misuse/aggregate-rate |
integer | -1 | optional | read/write | Specifies the rate limit for logging of Port Misuse events. |
/port-misuse/log-publisher |
string | optional | read/write | Specifies the name of the log publisher used for Port Misuse events. | |
/traffic-statistics |
array_structure | optional | read/write | ||
/traffic-statistics/active-flows |
string | disabled | optional | read/write | Enables or disables logging of number of active flows. |
/traffic-statistics/log-publisher |
string | optional | read/write | Specifies the name of the log publisher used for Traffic Statistics | |
/traffic-statistics/missed-flows |
string | disabled | optional | read/write | Enables or disables logging of number of packets dropped because of flow miss. |
/traffic-statistics/reaped-flows |
string | disabled | optional | read/write | Enables or disables logging of number of reaped flows. |
/traffic-statistics/syncookies |
string | disabled | optional | read/write | Enables or disables logging of number of syncookies generated/accepted/rejected. |
/traffic-statistics/syncookies-whitelist |
string | disabled | optional | read/write | Enables or disables logging of number of syncookies whitelist hits/accepted/rejected. |
/traffic-statistics/active-flows |
string | disabled | optional | read/write | Enables or disables logging of number of active flows. |
/traffic-statistics/log-publisher |
string | optional | read/write | Specifies the name of the log publisher used for Traffic Statistics | |
/traffic-statistics/missed-flows |
string | disabled | optional | read/write | Enables or disables logging of number of packets dropped because of flow miss. |
/traffic-statistics/reaped-flows |
string | disabled | optional | read/write | Enables or disables logging of number of reaped flows. |
/traffic-statistics/syncookies |
string | disabled | optional | read/write | Enables or disables logging of number of syncookies generated/accepted/rejected. |
/traffic-statistics/syncookies-whitelist |
string | disabled | optional | read/write | Enables or disables logging of number of syncookies whitelist hits/accepted/rejected. |
Array Structures
Name | Type | Default Value | Required | Access | Description |
---|---|---|---|---|---|
/bot-defense |
array_structure | optional | read/write | ||
/bot-defense/app-service |
string | optional | read/write | The application service that the object belongs to. | |
/bot-defense/local-publisher |
string | optional | read/write | Specifies the name of the local log publisher used for Bot Defense log messages. | |
/bot-defense/remote-publisher |
string | optional | read/write | Specifies the name of the remote log publisher used for Bot Defense log messages. | |
/dos-application |
array_structure | optional | read/write | ||
/dos-application/app-service |
string | optional | read/write | ||
/dos-application/local-publisher |
string | optional | read/write | Specifies the name of the local log publisher used for Application DoS attacks. | |
/dos-application/remote-publisher |
string | optional | read/write | Specifies the name of the remote log publisher used for Application DoS attacks. | |
/protocol-transfer |
array_structure | optional | read/write | ||
/protocol-transfer/app-service |
string | optional | read/write | ||
/protocol-transfer/publisher |
string | optional | read/write | Specifies the name of the log publisher used for Protocol Security log messages. | |
/ssh-proxy |
array_structure | optional | read/write | ||
/ssh-proxy/allowed-channel-action |
string | disabled | optional | read/write | Enable or disable logging for allowed channel action |
/ssh-proxy/app-service |
string | optional | read/write | ||
/ssh-proxy/disallowed-channel-action |
string | disabled | optional | read/write | Enable or disable logging for disallowed channel action |
/ssh-proxy/log-publisher |
string | optional | read/write | Specifies the name of the log publisher used for ssh proxy log events | |
/ssh-proxy/non-ssh-traffic |
string | disabled | optional | read/write | Enable or disable logging for non SSHv2 traffic events |
/ssh-proxy/ssh-timeout |
string | disabled | optional | read/write | Enable or disable logging for ssh timeout |
/ssh-proxy/successful-client-side-auth |
string | disabled | optional | read/write | Enable or disable logging for successful client side authentication |
/ssh-proxy/successful-server-side-auth |
string | disabled | optional | read/write | Enable or disable logging for successful server side authentication |
/ssh-proxy/unsuccessful-client-side-auth |
string | disabled | optional | read/write | Enable or disable logging for unsuccessful client side authentication |
/ssh-proxy/unsuccessful-server-side-auth |
string | disabled | optional | read/write | Enable or disable logging for unsuccessful server side authentication |
Copyright (c) 2016, F5 Networks Inc. All Rights Reserved.
The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.