Security::LogProfile¶
Introduced : BIG-IP_v11.3.0
The LogProfile interface enables you to manipulate (security) logging
profiles. A logging profile is used to record requests to the virtual
server. You may use more than one logging profile per virtual server
(see LocalLB::VirtualServer::add_security_log_profile). Logging
profile consists of several parts (layers): Application Security,
Protocol (Transfer and DNS) Security, Network Firewall and DoS
Protection. Each part can be enabled or disabled by means of creating
or deleting the corresponding sub-profile. Note that logging profiles
with same (or mutually exclusive) parts enabled cannot be associated
with one virtual server. In Application Security you can configure
where requests to the virtual server are logged, and which part of
requests are logged. Requests can be logged either locally by the
system and viewed in the Requests screen, or remotely by the
client&aposs server. The system forwards the log messages to the
client&aposs server using the Syslog service. Note that you cannot
modify a system-default logging profile with Application Security
enabled. In Protocol (Transfer) Security you can configure the remote
server where the system sends the Protocol Security log messages. The
settings you configure in this sub-profile apply only to security
profiles (HTTP, FTP and SMTP) associated with the same virtual server
as the logging profile containing it. Note that Application and
Protocol (Transfer) Security are mutually exclusive parts per logging
profile and virtual server. A Network Firewall sub-profile allows you
to configure where to log requests to the virtual server to which the
log profile is attached. The system groups the requests into several
categories (e.g., ACL matches, TCP errors etc). In addition, you can
configure whether the requests need to be locally stored on the system
or sent to an external server (e.g., syslog, ArcSight, Splunk
servers). A Protocol DNS Security sub-profile allows you to configure
where to log DNS requests to the virtual server to which the log
profile is attached. The system groups the requests into several
categories (e.g., malicious, malformed, dropped, rejected etc). In
addition, you can configure whether the requests need to be locally
stored on the system or sent to an external server (e.g., syslog,
ArcSight, Splunk servers). A Protocol SIP Security sub-profile allows
you to configure where to log SIP requests to the virtual server to
which the log profile is attached. The system groups the requests into
several categories (e.g., malformed, dropped etc). In addition, you
can configure whether the requests need to be locally stored on the
system or sent to an external server (e.g., syslog, ArcSight, Splunk
servers). A DoS Network Security log publisher allows you to configure
where to log DoS Network information for the virtual server that the
log profile is attached to. DoS Network is similar to DoS Device, as
it offers DoS attack protection at the virtual server level. The
information can be locally stored on the system or sent to an external
server (e.g., syslog, ArcSight, Splunk servers). See Log::Publisher
for more information.
Methods¶
| Method | Description | Introduced |
| add_application | Adds a list of Application Security sub-profiles to given logging profiles. Note: Only one Application Security sub-profile can exist per logging profile. | BIG-IP_v11.3.0 |
| add_application_request_filter | Adds a list of request filters to the existing list in Application Security. Request filter specifies a fundamental or detailed setting for the type of requests the system, or server logs. Every request filter has a generic form of key/values. For consistent configuration, when creating a new request filter with the specified key you must specify also the values. | BIG-IP_v11.3.0 |
| add_application_request_filter_values | Adds a list of values to the request filters in Application Security. | BIG-IP_v11.3.0 |
| add_application_server_address | Adds a list of IP addresses and ports to the list of remote servers in Application Security. Server addresses specify which remote servers log traffic. You can configure the system to log traffic to multiple remote servers. The default port of the remote machine used to log traffic is 514. | BIG-IP_v11.3.0 |
| add_network | Adds a list of Network Firewall sub-profiles to given logging profiles. Note: Only one Network Firewall sub-profile can exist per logging profile. | BIG-IP_v11.4.0 |
| add_protocol_dns | Adds a list of Protocol (DNS) Security sub-profiles to given logging profiles. Note: Only one Protocol (DNS) Security sub-profile can exist per logging profile. | BIG-IP_v11.4.0 |
| add_protocol_sip | Adds a list of Protocol (SIP) Security sub-profiles to given logging profiles. Note: Only one Protocol (SIP) Security sub-profile can exist per logging profile. | BIG-IP_v11.4.0 |
| add_protocol_transfer | Adds a list of Protocol (Transfer) Security sub-profiles to given logging profiles. Note: Only one Protocol (Transfer) Security sub-profile can exist per logging profile. | BIG-IP_v11.3.0 |
| create | Creates the specified logging profiles. | BIG-IP_v11.3.0 |
| delete_all_log_profiles | Deletes all logging profiles. | BIG-IP_v11.3.0 |
| delete_log_profile | Deletes the specified logging profiles. | BIG-IP_v11.3.0 |
| get_application | Gets a list of Application Security sub-profiles for a list of given logging profiles. | BIG-IP_v11.3.0 |
| get_application_facility | Gets the remote facility in Application Security. | BIG-IP_v11.3.0 |
| get_application_field_delimiter | Gets the field delimiter of the predefined storage format in Application Security. | BIG-IP_v11.3.0 |
| get_application_field_format | Gets the field format of the predefined storage format in Application Security. | BIG-IP_v11.3.0 |
| get_application_fields | Gets the fields of the predefined storage format in Application Security. | BIG-IP_v11.3.0 |
| get_application_format | Gets the storage format type in Application Security. | BIG-IP_v11.3.0 |
| get_application_guarantee_logging_state | Gets the guarantee local logging state in Application Security. | BIG-IP_v11.3.0 |
| get_application_guarantee_response_logging_state | Gets the guarantee local response logging state in Application Security. | BIG-IP_v11.3.0 |
| get_application_local_storage_state | Gets the local storage state in Application Security. | BIG-IP_v11.3.0 |
| get_application_logic_operation | Gets the logic operation in Application Security. | BIG-IP_v11.3.0 |
| get_application_maximum_entry_length | Gets the maximum entry length in Application Security. | BIG-IP_v11.3.0 |
| get_application_maximum_header_size | Gets the maximum headers size value in Application Security. | BIG-IP_v11.3.0 |
| get_application_maximum_query_size | Gets the maximum query string size value in Application Security. | BIG-IP_v11.3.0 |
| get_application_maximum_request_size | Gets the maximum request size value in Application Security. | BIG-IP_v11.3.0 |
| get_application_protocol | Gets the remote protocol in Application Security. | BIG-IP_v11.3.0 |
| get_application_remote_storage | Gets the remote storage type in Application Security. | BIG-IP_v11.3.0 |
| get_application_report_anomalies_state | Gets the report detected anomalies state in Application Security. | BIG-IP_v11.3.0 |
| get_application_request_filter_keys | Gets a list of keys of request (storage) filters in Application Security. | BIG-IP_v11.3.0 |
| get_application_request_filter_values | Gets the values of the request filters in Application Security. | BIG-IP_v11.3.0 |
| get_application_response_logging | Gets the response logging type in Application Security. | BIG-IP_v11.3.0 |
| get_application_server_address | Gets a list of remote servers in Application Security. | BIG-IP_v11.3.0 |
| get_application_user_string | Gets the user string of the user-defined storage format in Application Security. | BIG-IP_v11.3.0 |
| get_description | Gets the descriptions for a set of logging profiles. | BIG-IP_v11.3.0 |
| get_dns_dos_publisher | Gets the DNS DoS log publisher in Logging profile. | BIG-IP_v11.4.0 |
| get_dos_network_publisher | Gets the DoS Network log publisher in Logging profile. | BIG-IP_v11.6.0 |
| get_ip_intelligence_log_aggregate_rate_limit | Gets the aggregate log throttle rate limit for IP Intelligence log messages in logging profile. | BIG-IP_v11.6.0 |
| get_ip_intelligence_log_publisher | Gets the IP Intelligence log publisher in Logging profile. | BIG-IP_v11.4.0 |
| get_ip_intelligence_log_translation_fields_filter_state | Gets the IP Intelligence log translation fields filter state in Logging profile. | BIG-IP_v11.4.0 |
| get_list | Gets a list of all (security) logging profiles configured in the system. | BIG-IP_v11.3.0 |
| get_network | Gets a list of Network Firewall sub-profiles for a list of given logging profiles. | BIG-IP_v11.4.0 |
| get_network_field_format | Gets the field format of the storage format in Network Firewall. | BIG-IP_v11.4.0 |
| get_network_field_list | Gets the list of fields for the field-list storage format in Network Firewall. | BIG-IP_v11.4.0 |
| get_network_field_list_delimiter | Gets the field-list delimiter of the field-list storage format in Network Firewall. | BIG-IP_v11.4.0 |
| get_network_format | Gets the storage format type in Network Firewall. | BIG-IP_v11.4.0 |
| get_network_log_acl_match_accept_filter_state | Gets the ACL match accept log filter state in Nework Security. | BIG-IP_v11.4.0 |
| get_network_log_acl_match_accept_rate_limit | Gets the log throttle rate limit for ACL match accept log messages in Network Firewall. | BIG-IP_v11.6.0 |
| get_network_log_acl_match_drop_filter_state | Gets the ACL match drop log filter state in Nework Security. | BIG-IP_v11.4.0 |
| get_network_log_acl_match_drop_rate_limit | Gets the log throttle rate limit for ACL match drop log messages in Network Firewall. | BIG-IP_v11.6.0 |
| get_network_log_acl_match_reject_filter_state | Gets the ACL match reject log filter state in Nework Security. | BIG-IP_v11.4.0 |
| get_network_log_acl_match_reject_rate_limit | Gets the log throttle rate limit for ACL match reject log messages in Network Firewall. | BIG-IP_v11.6.0 |
| get_network_log_aggregate_rate_limit | Gets the aggregate log throttle rate limit in Network Firewall. | BIG-IP_v11.6.0 |
| get_network_log_ip_errors_filter_state | Gets the IP errors log filter state in Nework Security. | BIG-IP_v11.4.0 |
| get_network_log_ip_errors_rate_limit | Gets the log throttle rate limit for IP error log messages in Network Firewall. | BIG-IP_v11.6.0 |
| get_network_log_publisher | Gets the log publisher in Network Firewall. | BIG-IP_v11.4.0 |
| get_network_log_tcp_errors_filter_state | Gets the TCP errors log filter state in Nework Security. | BIG-IP_v11.4.0 |
| get_network_log_tcp_errors_rate_limit | Gets the log throttle rate limit for TCP error log messages in Network Firewall. | BIG-IP_v11.6.0 |
| get_network_log_tcp_events_filter_state | Gets the TCP events log filter state in Nework Security. | BIG-IP_v11.4.0 |
| get_network_log_tcp_events_rate_limit | Gets the log throttle rate limit for TCP Event log messages in Network Firewall. | BIG-IP_v11.6.0 |
| get_network_log_translation_fields_filter_state | Gets the Network log translation fields state in Logging profile. | BIG-IP_v11.4.0 |
| get_network_user_defined_string | Gets the user defined string of the user-defined storage format in Network Firewall. | BIG-IP_v11.4.0 |
| get_protocol_dns | Gets a list of Protocol (DNS) Security sub-profiles for a list of given logging profiles. | BIG-IP_v11.4.0 |
| get_protocol_dns_field_format | Gets the field format of the storage format in Protocol (DNS) Security. | BIG-IP_v11.4.0 |
| get_protocol_dns_field_list | Gets the list of fields for the field-list storage format in Protocol (DNS) Security. | BIG-IP_v11.4.0 |
| get_protocol_dns_field_list_delimiter | Gets the field-list delimiter of the field-list storage format in Protocol (DNS) Security. | BIG-IP_v11.4.0 |
| get_protocol_dns_format | Gets the storage format type in Protocol (DNS) Security. | BIG-IP_v11.4.0 |
| get_protocol_dns_log_drop_filter_state | Gets the drop log filter state in Protocol (DNS) Security. | BIG-IP_v11.4.0 |
| get_protocol_dns_log_filtered_drop_filter_state | Gets the filtered-drop log filter state in Protocol (DNS) Security. | BIG-IP_v11.4.0 |
| get_protocol_dns_log_malformed_filter_state | Gets the malformed log filter state in Protocol (DNS) Security. | BIG-IP_v11.4.0 |
| get_protocol_dns_log_malicious_filter_state | Gets the malicious log filter state in Protocol (DNS) Security. | BIG-IP_v11.4.0 |
| get_protocol_dns_log_publisher | Gets the log publisher in Protocol (DNS) Security. | BIG-IP_v11.4.0 |
| get_protocol_dns_log_reject_filter_state | Gets the DNS-reject log filter state in Protocol (DNS) Security. | BIG-IP_v11.4.0 |
| get_protocol_dns_user_defined_string | Gets the user defined string of the user-defined storage format in Protocol (DNS) Security. | BIG-IP_v11.4.0 |
| get_protocol_sip | Gets a list of Protocol (SIP) Security sub-profiles for a list of given logging profiles. | BIG-IP_v11.4.0 |
| get_protocol_sip_field_format | Gets the field format of the predefined storage format in Protocol (SIP) Security. | BIG-IP_v11.4.0 |
| get_protocol_sip_field_list | Gets the list of fields for the field-list storage format in Protocol (SIP) Security. | BIG-IP_v11.4.0 |
| get_protocol_sip_field_list_delimiter | Gets the field-list delimiter of the field-list storage format in Protocol (SIP) Security. | BIG-IP_v11.4.0 |
| get_protocol_sip_format | Gets the storage format type in Protocol (SIP) Security. | BIG-IP_v11.4.0 |
| get_protocol_sip_log_drop_filter_state | Gets the drop log filter state in Protocol (SIP) Security. | BIG-IP_v11.4.0 |
| get_protocol_sip_log_global_failures_filter_state | Gets the global-failures log filter state in Protocol (SIP) Security. | BIG-IP_v11.4.0 |
| get_protocol_sip_log_malformed_filter_state | Gets the malformed log filter state in Protocol (SIP) Security. | BIG-IP_v11.4.0 |
| get_protocol_sip_log_publisher | Gets the log publisher in Protocol (SIP) Security. | BIG-IP_v11.4.0 |
| get_protocol_sip_log_redirection_responses_filter_state | Gets the redirection-responses log filter state in Protocol (SIP) Security. | BIG-IP_v11.4.0 |
| get_protocol_sip_log_request_failures_filter_state | Gets the request-failures log filter state in Protocol (SIP) Security. | BIG-IP_v11.4.0 |
| get_protocol_sip_log_server_errors_filter_state | Gets the server-errors log filter state in Protocol (SIP) Security. | BIG-IP_v11.4.0 |
| get_protocol_sip_user_defined_string | Gets the user defined string of the user-defined storage format in Protocol (SIP) Security. | BIG-IP_v11.4.0 |
| get_protocol_transfer | Gets a list of Protocol (Transfer) Security sub-profiles for a list of given logging profiles. | BIG-IP_v11.3.0 |
| get_protocol_transfer_publisher | Gets the log publisher in Protocol (Transfer) Security. | BIG-IP_v11.3.0 |
| get_sip_dos_publisher | Gets the SIP DoS log publisher in Logging profile. | BIG-IP_v11.4.0 |
| get_version | Gets the version information for this interface. | BIG-IP_v11.3.0 |
| is_system_log_profile | Determines whether the specified logging profiles are system logging profiles. A system logging profile is a logging profile pre-configured on the system, ready for use. Non-system logging profiles are logging profiles created or modified by a user. Note that if a system logging profile is modified, it is no longer considered a system logging profile (except those ones that explicitly preserved). | BIG-IP_v11.3.0 |
| remove_all_application_request_filters | Removes all request filters in Application Security. | BIG-IP_v11.3.0 |
| remove_all_application_server_addresses | Removes all remote servers in Application Security. | BIG-IP_v11.3.0 |
| remove_all_applications | Removes all Application Security sub-profiles from the specified logging profiles. | BIG-IP_v11.3.0 |
| remove_all_networks | Removes all Network Firewall sub-profiles from the specified logging profiles. | BIG-IP_v11.4.0 |
| remove_all_protocol_dnses | Removes all Protocol (DNS) Security sub-profiles from the specified logging profiles. | BIG-IP_v11.4.0 |
| remove_all_protocol_sips | Removes all Protocol (SIP) Security sub-profiles from the specified logging profiles. | BIG-IP_v11.4.0 |
| remove_all_protocol_transfers | Removes all Protocol (Transfer) Security sub-profiles from the specified logging profiles. | BIG-IP_v11.3.0 |
| remove_application | Removes specific Application Security sub-profiles from the specified logging profiles. | BIG-IP_v11.3.0 |
| remove_application_request_filter | Removes specific request filters from the existing list in Application Security. | BIG-IP_v11.3.0 |
| remove_application_request_filter_values | Removes specific values from the request filters in Application Security. | BIG-IP_v11.3.0 |
| remove_application_server_address | Removes specific IP addresses and ports from the list of remote servers in Application Security. | BIG-IP_v11.3.0 |
| remove_network | Removes specific Network Firewall sub-profiles from the specified logging profiles. | BIG-IP_v11.4.0 |
| remove_protocol_dns | Removes specific Protocol (DNS) Security sub-profiles from the specified logging profiles. | BIG-IP_v11.4.0 |
| remove_protocol_sip | Removes specific Protocol (SIP) Security sub-profiles from the specified logging profiles. | BIG-IP_v11.4.0 |
| remove_protocol_transfer | Removes specific Protocol (Transfer) Security sub-profiles from the specified logging profiles. | BIG-IP_v11.3.0 |
| replace_application_fields | Replaces the existing fields of the predefined storage format with new ones in Application Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Fields specify which traffic items the server logs, and the order in which the server logs them. The server displays the items in the log sequentially from the first to the last one. | BIG-IP_v11.3.0 |
| replace_application_request_filter_values | Replaces the existing values of the request filters with new ones in Application Security. | BIG-IP_v11.3.0 |
| replace_network_field_list | Replaces the existing fields of the field-list storage format with new ones in Network Firewall. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Fields specify which traffic items the server logs, and the order in which the server logs them. The server displays the items in the log sequentially from the first to the last one. | BIG-IP_v11.4.0 |
| replace_protocol_dns_field_list | Replaces the existing fields of the field-list storage format with new ones in Protocol (DNS) Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Fields specify which traffic items the server logs, and the order in which the server logs them. The server displays the items in the log sequentially from the first to the last one. | BIG-IP_v11.4.0 |
| replace_protocol_sip_field_list | Replaces the existing fields of the field-list storage format with new ones in Protocol (SIP) Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Fields specify which traffic items the server logs, and the order in which the server logs them. The server displays the items in the log sequentially from the first to the last one. | BIG-IP_v11.4.0 |
| set_application_facility | Sets the remote facility in Application Security. The available remote facilities are mentioned under the RemoteFacility enumeration. | BIG-IP_v11.3.0 |
| set_application_field_delimiter | Sets the field delimiter of the predefined storage format in Application Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Field delimiter specifies which delimiter the remote machine uses to separate the fields in the logging file. You may not use the % character. The default delimiter is the comma character, for Comma Separated Value (CSV). | BIG-IP_v11.3.0 |
| set_application_field_format | Sets the field format of the predefined storage format in Application Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Field format specifies which format the remote machine uses for each key/value pair in the logging file. Use %k for key and %v for value. The default format is empty that is interpreted as “%v”, for CSV. | BIG-IP_v11.3.0 |
| set_application_format_predefined | Sets the storage format type to predefined and replaces the fields in Application Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. For consistent configuration, when changing the storage format type to predefined you must specify also the fields. The available storage format types are mentioned under the StorageFormat enumeration. Please see replace_application_fields for more information about the fields setting. | BIG-IP_v11.3.0 |
| set_application_format_user_defined | Sets the storage format type to user-defined and sets the user string in Application Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. For consistent configuration, when changing the storage format type to user-defined you must specify also the user-string. The available storage format types are mentioned under the StorageFormat enumeration. Please see set_application_user_string for more information about every setting. | BIG-IP_v11.3.0 |
| set_application_guarantee_logging_state | Sets the guarantee local logging state in Application Security. Guarantee local logging specifies: - When enabled, that the system logs all requests, even though this may slow your virtual server. - When disabled, that the system logs requests as long as it does not slow your virtual server. The default is disabled. In either case, the system does not drop requests. | BIG-IP_v11.3.0 |
| set_application_guarantee_response_logging_state | Sets the guarantee local response logging state in Application Security. Guarantee local response logging specifies, when enabled, that the system logs all responses, even though this may slow your virtual server. The system may drop requests if the database is too slow to log all responses. In order to enable this setting, you must first enable guarantee local logging, and set response logging to either illegal or all requests. | BIG-IP_v11.3.0 |
| set_application_local_storage_state | Sets the local storage state in Application Security. Local storage specifies, when enabled, that the system stores all traffic in the system and can be viewed in the Requests screen. | BIG-IP_v11.3.0 |
| set_application_logic_operation | Sets the logic operation in Application Security. The available logic operations are mentioned under the LogicOperation enumeration. | BIG-IP_v11.3.0 |
| set_application_maximum_entry_length | Sets the maximum entry length in Application Security. The available entry lengths are mentioned under the EntryLength enumeration. You can change the maximum entry length only for remote servers that support the TCP protocol. | BIG-IP_v11.3.0 |
| set_application_maximum_header_size | Sets the maximum headers size value in Application Security. Maximum headers size specifies how much of the header the server logs. - Any (zero value): Specifies that the server logs the entire header. This is the default. - Length in bytes (positive value): Specifies that the server logs headers up to a particular length that you indicate. | BIG-IP_v11.3.0 |
| set_application_maximum_query_size | Sets the maximum query string size value in Application Security. Maximum query string size specifies how much of the query string the server logs. - Any (zero value): Specifies that the server logs the entire query string. This is the default. - Length in bytes (positive value): Specifies that the server logs query strings up to a particular length that you indicate. | BIG-IP_v11.3.0 |
| set_application_maximum_request_size | Sets the maximum request size value in Application Security. Maximum request size specifies how much of the request the server logs. - Any (zero value): Specifies that the server logs the entire request. This is the default. - Length in bytes (positive value): Specifies that the server logs requests up to a particular length that you indicate. | BIG-IP_v11.3.0 |
| set_application_protocol | Sets the remote protocol in Application Security. The available remote protocols are mentioned under the RemoteProtocol enumeration. | BIG-IP_v11.3.0 |
| set_application_remote_format_predefined | Sets the remote storage type to remote, storage format type to predefined and replaces the fields in Application Security. For consistent configuration, when changing the remote storage type to remote (in particular, for the first time) you must specify also the fields or user-string (for the corresponding format type). Please see set_application_remote_storage, set_application_format_predefined and replace_application_fields for more information about every setting. | BIG-IP_v11.3.0 |
| set_application_remote_format_user_defined | Sets the remote storage type to remote, storage format type to user-defined and sets the user string in Application Security. For consistent configuration, when changing the remote storage type to remote (in particular, for the first time) you must specify also the fields or user-string (for the corresponding format type). Please see set_application_remote_storage, set_application_format_user_defined and set_application_user_string for more information about every setting. | BIG-IP_v11.3.0 |
| set_application_remote_storage | Sets the remote storage type in Application Security. The available remote storage types are mentioned under the RemoteStorage enumeration. | BIG-IP_v11.3.0 |
| set_application_report_anomalies_state | Sets the report detected anomalies state in Application Security. Report detected anomalies specifies, when enabled, that the system sends a report string to the remote system log when a brute force attack, IP enforcer attack, or web scraping attack starts and ends. The default is disabled. | BIG-IP_v11.3.0 |
| set_application_response_logging | Sets the response logging type in Application Security. The available response logging types are mentioned under the ResponseLogging enumeration. | BIG-IP_v11.3.0 |
| set_application_user_string | Sets the user string of the user-defined storage format in Application Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. User string specifies the format in which the server logs traffic items. You can use free text between the traffic items enclosed in % on both sides. | BIG-IP_v11.3.0 |
| set_description | Sets the description for a set of logging profiles. This is an arbitrary field which can be used for any purpose. | BIG-IP_v11.3.0 |
| set_dns_dos_publisher | Sets the DNS DoS log publisher in a Logging profile. | BIG-IP_v11.4.0 |
| set_dos_network_publisher | Sets the DoS Network log publisher in a Logging profile. This determines where the DoS Network log information is sent. | BIG-IP_v11.6.0 |
| set_ip_intelligence_log_aggregate_rate_limit | Sets the aggregate log throttle rate limit for IP Intelligence log messages in logging profile. When set, the system allows logging of IP Intelligence log messages up to the configured number of log messages per second, beyond which log messages are dropped. The default rate limit is unlimited. | BIG-IP_v11.6.0 |
| set_ip_intelligence_log_publisher | Sets the IP Intelligence log publisher in a Logging profile. | BIG-IP_v11.4.0 |
| set_ip_intelligence_log_translation_fields_filter_state | Sets the IP Intelligence log translation fields filter state in a Logging profile. When enabled, the system logs all translated fields in IP Intelligence logs. Translated fields include Source Address/Port, Destination Address/Port, IP Protocol, Route Domain, Vlan, Source Address translation reason and Source Address translation Pool. When disabled, the system does not log the translated fields. The default is disabled. | BIG-IP_v11.4.0 |
| set_network_field_format | Sets the field format of the storage format in Network Firewall. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Field format specifies which format the remote machine uses for each key/value pair in the logging file. Use %k for key and %v for value. The default format is empty that is interpreted as “%v”, for CSV. | BIG-IP_v11.4.0 |
| set_network_field_list_delimiter | Sets the field-list delimiter of the field-list storage format in Network Firewall. Field delimiter specifies which delimiter the remote machine uses to separate the fields in the logging file. You may not use the % character. The default delimiter is the comma character, for Comma Separated Value (CSV). | BIG-IP_v11.4.0 |
| set_network_format_field_list | Sets the storage format type to field list and sets the fields list in Network Firewall. For consistent configuration, when changing the storage format type to field list one must specify also the fields list. The available storage format types are mentioned under the NetworkStorageFormat enumeration. Please see replace_network_field_list for more information about the field list setting. | BIG-IP_v11.4.0 |
| set_network_format_user_defined | Sets the storage format type to user-defined and sets the user-defined string in Network Firewall. For consistent configuration, when changing the storage format type to user-defined one must specify also the user-defined string. The available storage format types are mentioned under the NetworkStorageFormat enumeration. Please see set_network_user_defined_string for more information about every setting. | BIG-IP_v11.4.0 |
| set_network_log_acl_match_accept_filter_state | Sets the ACL match accept log filter state in Network Firewall. When enabled, the system logs all requests that are accepted due to an ACL match. When disabled, the system does not log. The default is disabled. | BIG-IP_v11.4.0 |
| set_network_log_acl_match_accept_rate_limit | Sets the log throttle rate limit for ACL match accept log messages in Network Firewall. When set, the system allows logging of ACL match log messages up to the configured number of log messages per second, beyond which log messages are dropped. The default rate limit is unlimited. | BIG-IP_v11.6.0 |
| set_network_log_acl_match_drop_filter_state | Sets the ACL match drop log filter state in Network Firewall. When enabled, the system logs all requests that are dropped due to an ACL match. When disabled, the system does not log. The default is disabled. | BIG-IP_v11.4.0 |
| set_network_log_acl_match_drop_rate_limit | Sets the log throttle rate limit for ACL match drop log messages in Network Firewall. When set, the system allows logging of ACL match drop log messages up to the configured number of log messages per second, beyond which log messages are dropped. The default rate limit is unlimited. | BIG-IP_v11.6.0 |
| set_network_log_acl_match_reject_filter_state | Sets the ACL match reject log filter state in Network Firewall. When enabled, the system logs all requests that are rejected due to an ACL match. When disabled, the system does not log. The default is disabled. | BIG-IP_v11.4.0 |
| set_network_log_acl_match_reject_rate_limit | Sets the log throttle rate limit for ACL match reject log messages in Network Firewall. When set, the system allows logging of ACL match reject log messages up to the configured number of log messages per second, beyond which log messages are dropped. The default rate limit is unlimited. | BIG-IP_v11.6.0 |
| set_network_log_aggregate_rate_limit | Sets the aggregate log throttle rate limit for all log messages in network firewall. When set, the system allows logging up to the configured number of log messages per second, beyond which network log messages are dropped. The default rate limit is unlimited. | BIG-IP_v11.6.0 |
| set_network_log_ip_errors_filter_state | Sets the IP errors log filter state in Network Firewall. When enabled, the system logs all IP errors (eg. IP error checksum). When disabled, the system does not log any IP errors. The default is disabled. | BIG-IP_v11.4.0 |
| set_network_log_ip_errors_rate_limit | Sets the log throttle rate limit for IP error log messages in Network Firewall. When set, the system allows logging of IP error log messages up to the configured number of log messages per second, beyond which log messages are dropped. The default rate limit is unlimited. | BIG-IP_v11.6.0 |
| set_network_log_publisher | Sets the log publisher in Network Firewall. The publisher name is the only configuration in this sub-profile that encapsulates all remote logging settings in a generic way. Please see the Publisher interface in the Log module for more information. | BIG-IP_v11.4.0 |
| set_network_log_tcp_errors_filter_state | Sets the TCP errors log filter state in Network Firewall. When enabled, the system logs all TCP errors (eg. BAD TCP checksum). When disabled, the system does not log any TCP errors. The default is disabled. | BIG-IP_v11.4.0 |
| set_network_log_tcp_errors_rate_limit | Sets the log throttle rate limit for TCP error log messages in Network Firewall. When set, the system allows logging of TCP error log messages up to the configured number of log messages per second, beyond which log messages are dropped. The default rate limit is unlimited. | BIG-IP_v11.6.0 |
| set_network_log_tcp_events_filter_state | Sets the TCP events log filter state in Network Firewall. When enabled, the system logs all TCP connection established and closed events. When disabled, the system does not log any TCP event. The default is disabled. | BIG-IP_v11.4.0 |
| set_network_log_tcp_events_rate_limit | Sets the log throttle rate limit for TCP Event log messages in Network Firewall. When set, the system allows logging of TCP Event log messages up to the configured number of log messages per second, beyond which log messages are dropped. The default rate limit is unlimited. | BIG-IP_v11.6.0 |
| set_network_log_translation_fields_filter_state | Sets the Network log translation fields filter state in a Logging profile. When enabled, the system logs all translated fields in Network logs. Translated fields include Source Address/Port, Destination Address/Port, IP Protocol, Route Domain, Vlan, Source Address translation reason and Source Address translation Pool. When disabled, the system does not log the translated fields. The default is disabled. | BIG-IP_v11.4.0 |
| set_network_user_defined_string | Sets the user defined string of the user-defined storage format in Network Firewall. You can use free text between the traffic items enclosed in % on both sides. | BIG-IP_v11.4.0 |
| set_protocol_dns_field_format | Sets the field format of the storage format in Protocol (DNS) Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Field format specifies which format the remote machine uses for each key/value pair in the logging file. Use %k for key and %v for value. The default format is empty that is interpreted as “%v”, for CSV. | BIG-IP_v11.4.0 |
| set_protocol_dns_field_list_delimiter | Sets the field-list delimiter of the field-list storage format in Protocol (DNS) Security. Field delimiter specifies which delimiter the remote machine uses to separate the fields in the logging file. You may not use the % character. The default delimiter is the comma character, for Comma Separated Value (CSV). | BIG-IP_v11.4.0 |
| set_protocol_dns_format_field_list | Sets the storage format type to field list and sets the fields list in Protocol (DNS) Security. For consistent configuration, when changing the storage format type to field list one must specify also the fields list. The available storage format types are mentioned under the DNSStorageFormat enumeration. Please see replace_protocol_dns_field_list for more information about the field list setting. | BIG-IP_v11.4.0 |
| set_protocol_dns_format_user_defined | Sets the storage format type to user-defined and sets the user-defined string in Protocol (DNS) Security. For consistent configuration, when changing the storage format type to user-defined one must specify also the user-defined string. The available storage format types are mentioned under the DNSStorageFormat enumeration. Please see set_protocol_dns_user_defined_string for more information about every setting. | BIG-IP_v11.4.0 |
| set_protocol_dns_log_drop_filter_state | Sets the drop log filter state in Protocol (DNS) Security. When enabled, the system logs all DNS requests that are dropped. When disabled, the system does not log. The default is disabled. | BIG-IP_v11.4.0 |
| set_protocol_dns_log_filtered_drop_filter_state | Sets the filtered-drop log filter state in Protocol (DNS) Security. When enabled, the system logs all DNS requests that are dropped due to security filtering. When disabled, the system does not log. The default is disabled. | BIG-IP_v11.4.0 |
| set_protocol_dns_log_malformed_filter_state | Sets the malformed log filter state in Protocol (DNS) Security. When enabled, the system logs all DNS requests that are malformed. When disabled, the system does not log. The default is disabled. | BIG-IP_v11.4.0 |
| set_protocol_dns_log_malicious_filter_state | Sets the malicious log filter state in Protocol (DNS) Security. When enabled, the system logs all DNS requests that are malicious. When disabled, the system does not log. The default is disabled. | BIG-IP_v11.4.0 |
| set_protocol_dns_log_publisher | Sets the log publisher in Protocol (DNS) Security. The publisher name is the only configuration in this sub-profile that encapsulates all remote logging settings in a generic way. Please see the Publisher interface in the Log module for more information. | BIG-IP_v11.4.0 |
| set_protocol_dns_log_reject_filter_state | Sets the DNS-reject log filter state in Protocol (DNS) Security. When enabled, the system logs all DNS requests that are rejected. When disabled, the system does not log. The default is disabled. | BIG-IP_v11.4.0 |
| set_protocol_dns_user_defined_string | Sets the user defined string of the user-defined storage format in Protocol (DNS) Security. You can use free text between the traffic items enclosed in % on both sides. | BIG-IP_v11.4.0 |
| set_protocol_sip_field_format | Sets the field format of the predefined storage format in Protocol (SIP) Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Field format specifies which format the remote machine uses for each key/value pair in the logging file. Use %k for key and %v for value. The default format is empty that is interpreted as “%v”, for CSV. | BIG-IP_v11.4.0 |
| set_protocol_sip_field_list_delimiter | Sets the field-list delimiter of the field-list storage format in Protocol (SIP) Security. Field delimiter specifies which delimiter the remote machine uses to separate the fields in the logging file. You may not use the % character. The default delimiter is the comma character, for Comma Separated Value (CSV). | BIG-IP_v11.4.0 |
| set_protocol_sip_format_field_list | Sets the storage format type to field list and sets the fields list in Protocol (SIP) Security. For consistent configuration, when changing the storage format type to field list one must specify also the fields list. The available storage format types are mentioned under the SIPStorageFormat enumeration. Please see replace_protocol_sip_field_list for more information about the field list setting. | BIG-IP_v11.4.0 |
| set_protocol_sip_format_user_defined | Sets the storage format type to user-defined and sets the user-defined string in Protocol (SIP) Security. For consistent configuration, when changing the storage format type to user-defined one must specify also the user-defined string. The available storage format types are mentioned under the SIPStorageFormat enumeration. Please see set_protocol_sip_user_defined_string for more information about every setting. | BIG-IP_v11.4.0 |
| set_protocol_sip_log_drop_filter_state | Sets the drop log filter state in Protocol (SIP) Security. When enabled, the system logs all SIP requests that are dropped. When disabled, the system does not log. The default is disabled. | BIG-IP_v11.4.0 |
| set_protocol_sip_log_global_failures_filter_state | Sets the global-failures log filter state in Protocol (SIP) Security. When enabled, the system logs all SIP requests that failed due to global failures (all 6XX response codes). When disabled, the system does not log. The default is disabled. | BIG-IP_v11.4.0 |
| set_protocol_sip_log_malformed_filter_state | Sets the malformed log filter state in Protocol (SIP) Security. When enabled, the system logs all SIP requests that are malformed. When disabled, the system does not log. The default is disabled. | BIG-IP_v11.4.0 |
| set_protocol_sip_log_publisher | Sets the log publisher in Protocol (SIP) Security. The publisher name is the only configuration in this sub-profile that encapsulates all remote logging settings in a generic way. Please see the Publisher interface in the Log module for more information. | BIG-IP_v11.4.0 |
| set_protocol_sip_log_redirection_responses_filter_state | Sets the redirection-responses log filter state in Protocol (SIP) Security. When enabled, the system logs all SIP requests that result in redirection responses (all 3XX response codes). When disabled, the system does not log. The default is disabled. | BIG-IP_v11.4.0 |
| set_protocol_sip_log_request_failures_filter_state | Sets the request-failures log filter state in Protocol (SIP) Security. When enabled, the system logs all SIP requests that failed (all 4XX response codes). When disabled, the system does not log. The default is disabled. | BIG-IP_v11.4.0 |
| set_protocol_sip_log_server_errors_filter_state | Sets the server-errors log filter state in Protocol (SIP) Security. When enabled, the system logs all SIP requests that failed due to server errors (all 5XX response codes). When disabled, the system does not log. The default is disabled. | BIG-IP_v11.4.0 |
| set_protocol_sip_user_defined_string | Sets the user defined string of the user-defined storage format in Protocol (SIP) Security. You can use free text between the traffic items enclosed in % on both sides. | BIG-IP_v11.4.0 |
| set_protocol_transfer_publisher | Sets the log publisher in Protocol (Transfer) Security. The publisher name is the only configuration in this sub-profile that encapsulates all remote logging settings in a generic way. Please see the Publisher interface in the Log module for more information. | BIG-IP_v11.3.0 |
| set_sip_dos_publisher | Sets the SIP DoS log publisher in a Logging profile. | BIG-IP_v11.4.0 |
Enumerations¶
| Enumeration | Description |
| DNSStorageFormat | Specifies the type of storage format that the DNS log displays. |
| EntryLength | Entry length - Specifies how much of the entry length the server logs. |
| FilterKey | Filter key - Specifies which criterion in the filters setting (list) requests must meet to be logged. |
| LogicOperation | Logic operation - Specifies whether requests must meet all criteria in the filters setting, or at least one criterion in order for the system, or server, to log the requests. |
| NetworkStorageFormat | Specifies the type of storage format that the Network log displays. |
| RemoteFacility | Remote facility - Specifies the facility category of the logged traffic. |
| RemoteProtocol | Remote protocol - Specifies which protocol the remote server supports. |
| RemoteStorage | Remote storage - Specifies on which remote logging server the system stores all traffic. |
| ResponseLogging | Response logging - Specifies whether the system logs HTTP responses. |
| SIPStorageFormat | Specifies the type of storage format that the SIP log displays. |
| StorageFormat | Storage format - Specifies the type of storage format that the log displays. |
Aliases¶
| Alias | Type | Description |
| DNSStorageFormatSequence | DNSStorageFormat [] | A sequence of DNS log storage format types. |
| DNSStorageFormatSequenceSequence | DNSStorageFormat [] [] | A sequence of a sequence of DNS log storage format types. |
| EntryLengthSequence | EntryLength [] | A sequence of entry lengths. |
| EntryLengthSequenceSequence | EntryLength [] [] | A sequence of a sequence of entry lengths. |
| FilterKeySequence | FilterKey [] | A sequence of filter keys. |
| FilterKeySequenceSequence | FilterKey [] [] | A sequence of a sequence of filter keys. |
| FilterKeySequenceSequenceSequence | FilterKey [] [] [] | A sequence of a sequence of a sequence of filter keys. |
| LogicOperationSequence | LogicOperation [] | A sequence of logic operations. |
| LogicOperationSequenceSequence | LogicOperation [] [] | A sequence of a sequence of logic operations. |
| NetworkStorageFormatSequence | NetworkStorageFormat [] | A sequence of Network log storage format types. |
| NetworkStorageFormatSequenceSequence | NetworkStorageFormat [] [] | A sequence of a sequence of Network log storage format types. |
| RemoteFacilitySequence | RemoteFacility [] | A sequence of remote facilities. |
| RemoteFacilitySequenceSequence | RemoteFacility [] [] | A sequence of a sequence of remote facilities. |
| RemoteProtocolSequence | RemoteProtocol [] | A sequence of remote protocols. |
| RemoteProtocolSequenceSequence | RemoteProtocol [] [] | A sequence of a sequence of remote protocols. |
| RemoteStorageSequence | RemoteStorage [] | A sequence of remote storage types. |
| RemoteStorageSequenceSequence | RemoteStorage [] [] | A sequence of a sequence of remote storage types. |
| ResponseLoggingSequence | ResponseLogging [] | A sequence of response logging types. |
| ResponseLoggingSequenceSequence | ResponseLogging [] [] | A sequence of a sequence of response logging types. |
| SIPStorageFormatSequence | SIPStorageFormat [] | A sequence of SIP log storage format types. |
| SIPStorageFormatSequenceSequence | SIPStorageFormat [] [] | A sequence of a sequence of SIP log storage format types. |
| StorageFormatSequence | StorageFormat [] | A sequence of storage format types. |
| StorageFormatSequenceSequence | StorageFormat [] [] | A sequence of a sequence of storage format types. |
See Also¶
iControl ::
Warning
The links to the sample code below are remnants of the old DevCentral wiki and will result in a 404 error. For best results, please copy the link text and search the codeshare directly on DevCentral.
Sample Code¶
The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.