Security::LogProfile

Introduced : BIG-IP_v11.3.0
The LogProfile interface enables you to manipulate (security) logging profiles. A logging profile is used to record requests to the virtual server. You may use more than one logging profile per virtual server (see LocalLB::VirtualServer::add_security_log_profile). Logging profile consists of several parts (layers): Application Security, Protocol (Transfer and DNS) Security, Network Firewall and DoS Protection. Each part can be enabled or disabled by means of creating or deleting the corresponding sub-profile. Note that logging profiles with same (or mutually exclusive) parts enabled cannot be associated with one virtual server. In Application Security you can configure where requests to the virtual server are logged, and which part of requests are logged. Requests can be logged either locally by the system and viewed in the Requests screen, or remotely by the client&aposs server. The system forwards the log messages to the client&aposs server using the Syslog service. Note that you cannot modify a system-default logging profile with Application Security enabled. In Protocol (Transfer) Security you can configure the remote server where the system sends the Protocol Security log messages. The settings you configure in this sub-profile apply only to security profiles (HTTP, FTP and SMTP) associated with the same virtual server as the logging profile containing it. Note that Application and Protocol (Transfer) Security are mutually exclusive parts per logging profile and virtual server. A Network Firewall sub-profile allows you to configure where to log requests to the virtual server to which the log profile is attached. The system groups the requests into several categories (e.g., ACL matches, TCP errors etc). In addition, you can configure whether the requests need to be locally stored on the system or sent to an external server (e.g., syslog, ArcSight, Splunk servers). A Protocol DNS Security sub-profile allows you to configure where to log DNS requests to the virtual server to which the log profile is attached. The system groups the requests into several categories (e.g., malicious, malformed, dropped, rejected etc). In addition, you can configure whether the requests need to be locally stored on the system or sent to an external server (e.g., syslog, ArcSight, Splunk servers). A Protocol SIP Security sub-profile allows you to configure where to log SIP requests to the virtual server to which the log profile is attached. The system groups the requests into several categories (e.g., malformed, dropped etc). In addition, you can configure whether the requests need to be locally stored on the system or sent to an external server (e.g., syslog, ArcSight, Splunk servers). A DoS Network Security log publisher allows you to configure where to log DoS Network information for the virtual server that the log profile is attached to. DoS Network is similar to DoS Device, as it offers DoS attack protection at the virtual server level. The information can be locally stored on the system or sent to an external server (e.g., syslog, ArcSight, Splunk servers). See Log::Publisher for more information.

Methods

Method Description Introduced
add_application Adds a list of Application Security sub-profiles to given logging profiles. Note: Only one Application Security sub-profile can exist per logging profile. BIG-IP_v11.3.0
add_application_request_filter Adds a list of request filters to the existing list in Application Security. Request filter specifies a fundamental or detailed setting for the type of requests the system, or server logs. Every request filter has a generic form of key/values. For consistent configuration, when creating a new request filter with the specified key you must specify also the values. BIG-IP_v11.3.0
add_application_request_filter_values Adds a list of values to the request filters in Application Security. BIG-IP_v11.3.0
add_application_server_address Adds a list of IP addresses and ports to the list of remote servers in Application Security. Server addresses specify which remote servers log traffic. You can configure the system to log traffic to multiple remote servers. The default port of the remote machine used to log traffic is 514. BIG-IP_v11.3.0
add_network Adds a list of Network Firewall sub-profiles to given logging profiles. Note: Only one Network Firewall sub-profile can exist per logging profile. BIG-IP_v11.4.0
add_protocol_dns Adds a list of Protocol (DNS) Security sub-profiles to given logging profiles. Note: Only one Protocol (DNS) Security sub-profile can exist per logging profile. BIG-IP_v11.4.0
add_protocol_sip Adds a list of Protocol (SIP) Security sub-profiles to given logging profiles. Note: Only one Protocol (SIP) Security sub-profile can exist per logging profile. BIG-IP_v11.4.0
add_protocol_transfer Adds a list of Protocol (Transfer) Security sub-profiles to given logging profiles. Note: Only one Protocol (Transfer) Security sub-profile can exist per logging profile. BIG-IP_v11.3.0
create Creates the specified logging profiles. BIG-IP_v11.3.0
delete_all_log_profiles Deletes all logging profiles. BIG-IP_v11.3.0
delete_log_profile Deletes the specified logging profiles. BIG-IP_v11.3.0
get_application Gets a list of Application Security sub-profiles for a list of given logging profiles. BIG-IP_v11.3.0
get_application_facility Gets the remote facility in Application Security. BIG-IP_v11.3.0
get_application_field_delimiter Gets the field delimiter of the predefined storage format in Application Security. BIG-IP_v11.3.0
get_application_field_format Gets the field format of the predefined storage format in Application Security. BIG-IP_v11.3.0
get_application_fields Gets the fields of the predefined storage format in Application Security. BIG-IP_v11.3.0
get_application_format Gets the storage format type in Application Security. BIG-IP_v11.3.0
get_application_guarantee_logging_state Gets the guarantee local logging state in Application Security. BIG-IP_v11.3.0
get_application_guarantee_response_logging_state Gets the guarantee local response logging state in Application Security. BIG-IP_v11.3.0
get_application_local_storage_state Gets the local storage state in Application Security. BIG-IP_v11.3.0
get_application_logic_operation Gets the logic operation in Application Security. BIG-IP_v11.3.0
get_application_maximum_entry_length Gets the maximum entry length in Application Security. BIG-IP_v11.3.0
get_application_maximum_header_size Gets the maximum headers size value in Application Security. BIG-IP_v11.3.0
get_application_maximum_query_size Gets the maximum query string size value in Application Security. BIG-IP_v11.3.0
get_application_maximum_request_size Gets the maximum request size value in Application Security. BIG-IP_v11.3.0
get_application_protocol Gets the remote protocol in Application Security. BIG-IP_v11.3.0
get_application_remote_storage Gets the remote storage type in Application Security. BIG-IP_v11.3.0
get_application_report_anomalies_state Gets the report detected anomalies state in Application Security. BIG-IP_v11.3.0
get_application_request_filter_keys Gets a list of keys of request (storage) filters in Application Security. BIG-IP_v11.3.0
get_application_request_filter_values Gets the values of the request filters in Application Security. BIG-IP_v11.3.0
get_application_response_logging Gets the response logging type in Application Security. BIG-IP_v11.3.0
get_application_server_address Gets a list of remote servers in Application Security. BIG-IP_v11.3.0
get_application_user_string Gets the user string of the user-defined storage format in Application Security. BIG-IP_v11.3.0
get_description Gets the descriptions for a set of logging profiles. BIG-IP_v11.3.0
get_dns_dos_publisher Gets the DNS DoS log publisher in Logging profile. BIG-IP_v11.4.0
get_dos_network_publisher Gets the DoS Network log publisher in Logging profile. BIG-IP_v11.6.0
get_ip_intelligence_log_aggregate_rate_limit Gets the aggregate log throttle rate limit for IP Intelligence log messages in logging profile. BIG-IP_v11.6.0
get_ip_intelligence_log_publisher Gets the IP Intelligence log publisher in Logging profile. BIG-IP_v11.4.0
get_ip_intelligence_log_translation_fields_filter_state Gets the IP Intelligence log translation fields filter state in Logging profile. BIG-IP_v11.4.0
get_list Gets a list of all (security) logging profiles configured in the system. BIG-IP_v11.3.0
get_network Gets a list of Network Firewall sub-profiles for a list of given logging profiles. BIG-IP_v11.4.0
get_network_field_format Gets the field format of the storage format in Network Firewall. BIG-IP_v11.4.0
get_network_field_list Gets the list of fields for the field-list storage format in Network Firewall. BIG-IP_v11.4.0
get_network_field_list_delimiter Gets the field-list delimiter of the field-list storage format in Network Firewall. BIG-IP_v11.4.0
get_network_format Gets the storage format type in Network Firewall. BIG-IP_v11.4.0
get_network_log_acl_match_accept_filter_state Gets the ACL match accept log filter state in Nework Security. BIG-IP_v11.4.0
get_network_log_acl_match_accept_rate_limit Gets the log throttle rate limit for ACL match accept log messages in Network Firewall. BIG-IP_v11.6.0
get_network_log_acl_match_drop_filter_state Gets the ACL match drop log filter state in Nework Security. BIG-IP_v11.4.0
get_network_log_acl_match_drop_rate_limit Gets the log throttle rate limit for ACL match drop log messages in Network Firewall. BIG-IP_v11.6.0
get_network_log_acl_match_reject_filter_state Gets the ACL match reject log filter state in Nework Security. BIG-IP_v11.4.0
get_network_log_acl_match_reject_rate_limit Gets the log throttle rate limit for ACL match reject log messages in Network Firewall. BIG-IP_v11.6.0
get_network_log_aggregate_rate_limit Gets the aggregate log throttle rate limit in Network Firewall. BIG-IP_v11.6.0
get_network_log_ip_errors_filter_state Gets the IP errors log filter state in Nework Security. BIG-IP_v11.4.0
get_network_log_ip_errors_rate_limit Gets the log throttle rate limit for IP error log messages in Network Firewall. BIG-IP_v11.6.0
get_network_log_publisher Gets the log publisher in Network Firewall. BIG-IP_v11.4.0
get_network_log_tcp_errors_filter_state Gets the TCP errors log filter state in Nework Security. BIG-IP_v11.4.0
get_network_log_tcp_errors_rate_limit Gets the log throttle rate limit for TCP error log messages in Network Firewall. BIG-IP_v11.6.0
get_network_log_tcp_events_filter_state Gets the TCP events log filter state in Nework Security. BIG-IP_v11.4.0
get_network_log_tcp_events_rate_limit Gets the log throttle rate limit for TCP Event log messages in Network Firewall. BIG-IP_v11.6.0
get_network_log_translation_fields_filter_state Gets the Network log translation fields state in Logging profile. BIG-IP_v11.4.0
get_network_user_defined_string Gets the user defined string of the user-defined storage format in Network Firewall. BIG-IP_v11.4.0
get_protocol_dns Gets a list of Protocol (DNS) Security sub-profiles for a list of given logging profiles. BIG-IP_v11.4.0
get_protocol_dns_field_format Gets the field format of the storage format in Protocol (DNS) Security. BIG-IP_v11.4.0
get_protocol_dns_field_list Gets the list of fields for the field-list storage format in Protocol (DNS) Security. BIG-IP_v11.4.0
get_protocol_dns_field_list_delimiter Gets the field-list delimiter of the field-list storage format in Protocol (DNS) Security. BIG-IP_v11.4.0
get_protocol_dns_format Gets the storage format type in Protocol (DNS) Security. BIG-IP_v11.4.0
get_protocol_dns_log_drop_filter_state Gets the drop log filter state in Protocol (DNS) Security. BIG-IP_v11.4.0
get_protocol_dns_log_filtered_drop_filter_state Gets the filtered-drop log filter state in Protocol (DNS) Security. BIG-IP_v11.4.0
get_protocol_dns_log_malformed_filter_state Gets the malformed log filter state in Protocol (DNS) Security. BIG-IP_v11.4.0
get_protocol_dns_log_malicious_filter_state Gets the malicious log filter state in Protocol (DNS) Security. BIG-IP_v11.4.0
get_protocol_dns_log_publisher Gets the log publisher in Protocol (DNS) Security. BIG-IP_v11.4.0
get_protocol_dns_log_reject_filter_state Gets the DNS-reject log filter state in Protocol (DNS) Security. BIG-IP_v11.4.0
get_protocol_dns_user_defined_string Gets the user defined string of the user-defined storage format in Protocol (DNS) Security. BIG-IP_v11.4.0
get_protocol_sip Gets a list of Protocol (SIP) Security sub-profiles for a list of given logging profiles. BIG-IP_v11.4.0
get_protocol_sip_field_format Gets the field format of the predefined storage format in Protocol (SIP) Security. BIG-IP_v11.4.0
get_protocol_sip_field_list Gets the list of fields for the field-list storage format in Protocol (SIP) Security. BIG-IP_v11.4.0
get_protocol_sip_field_list_delimiter Gets the field-list delimiter of the field-list storage format in Protocol (SIP) Security. BIG-IP_v11.4.0
get_protocol_sip_format Gets the storage format type in Protocol (SIP) Security. BIG-IP_v11.4.0
get_protocol_sip_log_drop_filter_state Gets the drop log filter state in Protocol (SIP) Security. BIG-IP_v11.4.0
get_protocol_sip_log_global_failures_filter_state Gets the global-failures log filter state in Protocol (SIP) Security. BIG-IP_v11.4.0
get_protocol_sip_log_malformed_filter_state Gets the malformed log filter state in Protocol (SIP) Security. BIG-IP_v11.4.0
get_protocol_sip_log_publisher Gets the log publisher in Protocol (SIP) Security. BIG-IP_v11.4.0
get_protocol_sip_log_redirection_responses_filter_state Gets the redirection-responses log filter state in Protocol (SIP) Security. BIG-IP_v11.4.0
get_protocol_sip_log_request_failures_filter_state Gets the request-failures log filter state in Protocol (SIP) Security. BIG-IP_v11.4.0
get_protocol_sip_log_server_errors_filter_state Gets the server-errors log filter state in Protocol (SIP) Security. BIG-IP_v11.4.0
get_protocol_sip_user_defined_string Gets the user defined string of the user-defined storage format in Protocol (SIP) Security. BIG-IP_v11.4.0
get_protocol_transfer Gets a list of Protocol (Transfer) Security sub-profiles for a list of given logging profiles. BIG-IP_v11.3.0
get_protocol_transfer_publisher Gets the log publisher in Protocol (Transfer) Security. BIG-IP_v11.3.0
get_sip_dos_publisher Gets the SIP DoS log publisher in Logging profile. BIG-IP_v11.4.0
get_version Gets the version information for this interface. BIG-IP_v11.3.0
is_system_log_profile Determines whether the specified logging profiles are system logging profiles. A system logging profile is a logging profile pre-configured on the system, ready for use. Non-system logging profiles are logging profiles created or modified by a user. Note that if a system logging profile is modified, it is no longer considered a system logging profile (except those ones that explicitly preserved). BIG-IP_v11.3.0
remove_all_application_request_filters Removes all request filters in Application Security. BIG-IP_v11.3.0
remove_all_application_server_addresses Removes all remote servers in Application Security. BIG-IP_v11.3.0
remove_all_applications Removes all Application Security sub-profiles from the specified logging profiles. BIG-IP_v11.3.0
remove_all_networks Removes all Network Firewall sub-profiles from the specified logging profiles. BIG-IP_v11.4.0
remove_all_protocol_dnses Removes all Protocol (DNS) Security sub-profiles from the specified logging profiles. BIG-IP_v11.4.0
remove_all_protocol_sips Removes all Protocol (SIP) Security sub-profiles from the specified logging profiles. BIG-IP_v11.4.0
remove_all_protocol_transfers Removes all Protocol (Transfer) Security sub-profiles from the specified logging profiles. BIG-IP_v11.3.0
remove_application Removes specific Application Security sub-profiles from the specified logging profiles. BIG-IP_v11.3.0
remove_application_request_filter Removes specific request filters from the existing list in Application Security. BIG-IP_v11.3.0
remove_application_request_filter_values Removes specific values from the request filters in Application Security. BIG-IP_v11.3.0
remove_application_server_address Removes specific IP addresses and ports from the list of remote servers in Application Security. BIG-IP_v11.3.0
remove_network Removes specific Network Firewall sub-profiles from the specified logging profiles. BIG-IP_v11.4.0
remove_protocol_dns Removes specific Protocol (DNS) Security sub-profiles from the specified logging profiles. BIG-IP_v11.4.0
remove_protocol_sip Removes specific Protocol (SIP) Security sub-profiles from the specified logging profiles. BIG-IP_v11.4.0
remove_protocol_transfer Removes specific Protocol (Transfer) Security sub-profiles from the specified logging profiles. BIG-IP_v11.3.0
replace_application_fields Replaces the existing fields of the predefined storage format with new ones in Application Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Fields specify which traffic items the server logs, and the order in which the server logs them. The server displays the items in the log sequentially from the first to the last one. BIG-IP_v11.3.0
replace_application_request_filter_values Replaces the existing values of the request filters with new ones in Application Security. BIG-IP_v11.3.0
replace_network_field_list Replaces the existing fields of the field-list storage format with new ones in Network Firewall. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Fields specify which traffic items the server logs, and the order in which the server logs them. The server displays the items in the log sequentially from the first to the last one. BIG-IP_v11.4.0
replace_protocol_dns_field_list Replaces the existing fields of the field-list storage format with new ones in Protocol (DNS) Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Fields specify which traffic items the server logs, and the order in which the server logs them. The server displays the items in the log sequentially from the first to the last one. BIG-IP_v11.4.0
replace_protocol_sip_field_list Replaces the existing fields of the field-list storage format with new ones in Protocol (SIP) Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Fields specify which traffic items the server logs, and the order in which the server logs them. The server displays the items in the log sequentially from the first to the last one. BIG-IP_v11.4.0
set_application_facility Sets the remote facility in Application Security. The available remote facilities are mentioned under the RemoteFacility enumeration. BIG-IP_v11.3.0
set_application_field_delimiter Sets the field delimiter of the predefined storage format in Application Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Field delimiter specifies which delimiter the remote machine uses to separate the fields in the logging file. You may not use the % character. The default delimiter is the comma character, for Comma Separated Value (CSV). BIG-IP_v11.3.0
set_application_field_format Sets the field format of the predefined storage format in Application Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Field format specifies which format the remote machine uses for each key/value pair in the logging file. Use %k for key and %v for value. The default format is empty that is interpreted as “%v”, for CSV. BIG-IP_v11.3.0
set_application_format_predefined Sets the storage format type to predefined and replaces the fields in Application Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. For consistent configuration, when changing the storage format type to predefined you must specify also the fields. The available storage format types are mentioned under the StorageFormat enumeration. Please see replace_application_fields for more information about the fields setting. BIG-IP_v11.3.0
set_application_format_user_defined Sets the storage format type to user-defined and sets the user string in Application Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. For consistent configuration, when changing the storage format type to user-defined you must specify also the user-string. The available storage format types are mentioned under the StorageFormat enumeration. Please see set_application_user_string for more information about every setting. BIG-IP_v11.3.0
set_application_guarantee_logging_state Sets the guarantee local logging state in Application Security. Guarantee local logging specifies: - When enabled, that the system logs all requests, even though this may slow your virtual server. - When disabled, that the system logs requests as long as it does not slow your virtual server. The default is disabled. In either case, the system does not drop requests. BIG-IP_v11.3.0
set_application_guarantee_response_logging_state Sets the guarantee local response logging state in Application Security. Guarantee local response logging specifies, when enabled, that the system logs all responses, even though this may slow your virtual server. The system may drop requests if the database is too slow to log all responses. In order to enable this setting, you must first enable guarantee local logging, and set response logging to either illegal or all requests. BIG-IP_v11.3.0
set_application_local_storage_state Sets the local storage state in Application Security. Local storage specifies, when enabled, that the system stores all traffic in the system and can be viewed in the Requests screen. BIG-IP_v11.3.0
set_application_logic_operation Sets the logic operation in Application Security. The available logic operations are mentioned under the LogicOperation enumeration. BIG-IP_v11.3.0
set_application_maximum_entry_length Sets the maximum entry length in Application Security. The available entry lengths are mentioned under the EntryLength enumeration. You can change the maximum entry length only for remote servers that support the TCP protocol. BIG-IP_v11.3.0
set_application_maximum_header_size Sets the maximum headers size value in Application Security. Maximum headers size specifies how much of the header the server logs. - Any (zero value): Specifies that the server logs the entire header. This is the default. - Length in bytes (positive value): Specifies that the server logs headers up to a particular length that you indicate. BIG-IP_v11.3.0
set_application_maximum_query_size Sets the maximum query string size value in Application Security. Maximum query string size specifies how much of the query string the server logs. - Any (zero value): Specifies that the server logs the entire query string. This is the default. - Length in bytes (positive value): Specifies that the server logs query strings up to a particular length that you indicate. BIG-IP_v11.3.0
set_application_maximum_request_size Sets the maximum request size value in Application Security. Maximum request size specifies how much of the request the server logs. - Any (zero value): Specifies that the server logs the entire request. This is the default. - Length in bytes (positive value): Specifies that the server logs requests up to a particular length that you indicate. BIG-IP_v11.3.0
set_application_protocol Sets the remote protocol in Application Security. The available remote protocols are mentioned under the RemoteProtocol enumeration. BIG-IP_v11.3.0
set_application_remote_format_predefined Sets the remote storage type to remote, storage format type to predefined and replaces the fields in Application Security. For consistent configuration, when changing the remote storage type to remote (in particular, for the first time) you must specify also the fields or user-string (for the corresponding format type). Please see set_application_remote_storage, set_application_format_predefined and replace_application_fields for more information about every setting. BIG-IP_v11.3.0
set_application_remote_format_user_defined Sets the remote storage type to remote, storage format type to user-defined and sets the user string in Application Security. For consistent configuration, when changing the remote storage type to remote (in particular, for the first time) you must specify also the fields or user-string (for the corresponding format type). Please see set_application_remote_storage, set_application_format_user_defined and set_application_user_string for more information about every setting. BIG-IP_v11.3.0
set_application_remote_storage Sets the remote storage type in Application Security. The available remote storage types are mentioned under the RemoteStorage enumeration. BIG-IP_v11.3.0
set_application_report_anomalies_state Sets the report detected anomalies state in Application Security. Report detected anomalies specifies, when enabled, that the system sends a report string to the remote system log when a brute force attack, IP enforcer attack, or web scraping attack starts and ends. The default is disabled. BIG-IP_v11.3.0
set_application_response_logging Sets the response logging type in Application Security. The available response logging types are mentioned under the ResponseLogging enumeration. BIG-IP_v11.3.0
set_application_user_string Sets the user string of the user-defined storage format in Application Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. User string specifies the format in which the server logs traffic items. You can use free text between the traffic items enclosed in % on both sides. BIG-IP_v11.3.0
set_description Sets the description for a set of logging profiles. This is an arbitrary field which can be used for any purpose. BIG-IP_v11.3.0
set_dns_dos_publisher Sets the DNS DoS log publisher in a Logging profile. BIG-IP_v11.4.0
set_dos_network_publisher Sets the DoS Network log publisher in a Logging profile. This determines where the DoS Network log information is sent. BIG-IP_v11.6.0
set_ip_intelligence_log_aggregate_rate_limit Sets the aggregate log throttle rate limit for IP Intelligence log messages in logging profile. When set, the system allows logging of IP Intelligence log messages up to the configured number of log messages per second, beyond which log messages are dropped. The default rate limit is unlimited. BIG-IP_v11.6.0
set_ip_intelligence_log_publisher Sets the IP Intelligence log publisher in a Logging profile. BIG-IP_v11.4.0
set_ip_intelligence_log_translation_fields_filter_state Sets the IP Intelligence log translation fields filter state in a Logging profile. When enabled, the system logs all translated fields in IP Intelligence logs. Translated fields include Source Address/Port, Destination Address/Port, IP Protocol, Route Domain, Vlan, Source Address translation reason and Source Address translation Pool. When disabled, the system does not log the translated fields. The default is disabled. BIG-IP_v11.4.0
set_network_field_format Sets the field format of the storage format in Network Firewall. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Field format specifies which format the remote machine uses for each key/value pair in the logging file. Use %k for key and %v for value. The default format is empty that is interpreted as “%v”, for CSV. BIG-IP_v11.4.0
set_network_field_list_delimiter Sets the field-list delimiter of the field-list storage format in Network Firewall. Field delimiter specifies which delimiter the remote machine uses to separate the fields in the logging file. You may not use the % character. The default delimiter is the comma character, for Comma Separated Value (CSV). BIG-IP_v11.4.0
set_network_format_field_list Sets the storage format type to field list and sets the fields list in Network Firewall. For consistent configuration, when changing the storage format type to field list one must specify also the fields list. The available storage format types are mentioned under the NetworkStorageFormat enumeration. Please see replace_network_field_list for more information about the field list setting. BIG-IP_v11.4.0
set_network_format_user_defined Sets the storage format type to user-defined and sets the user-defined string in Network Firewall. For consistent configuration, when changing the storage format type to user-defined one must specify also the user-defined string. The available storage format types are mentioned under the NetworkStorageFormat enumeration. Please see set_network_user_defined_string for more information about every setting. BIG-IP_v11.4.0
set_network_log_acl_match_accept_filter_state Sets the ACL match accept log filter state in Network Firewall. When enabled, the system logs all requests that are accepted due to an ACL match. When disabled, the system does not log. The default is disabled. BIG-IP_v11.4.0
set_network_log_acl_match_accept_rate_limit Sets the log throttle rate limit for ACL match accept log messages in Network Firewall. When set, the system allows logging of ACL match log messages up to the configured number of log messages per second, beyond which log messages are dropped. The default rate limit is unlimited. BIG-IP_v11.6.0
set_network_log_acl_match_drop_filter_state Sets the ACL match drop log filter state in Network Firewall. When enabled, the system logs all requests that are dropped due to an ACL match. When disabled, the system does not log. The default is disabled. BIG-IP_v11.4.0
set_network_log_acl_match_drop_rate_limit Sets the log throttle rate limit for ACL match drop log messages in Network Firewall. When set, the system allows logging of ACL match drop log messages up to the configured number of log messages per second, beyond which log messages are dropped. The default rate limit is unlimited. BIG-IP_v11.6.0
set_network_log_acl_match_reject_filter_state Sets the ACL match reject log filter state in Network Firewall. When enabled, the system logs all requests that are rejected due to an ACL match. When disabled, the system does not log. The default is disabled. BIG-IP_v11.4.0
set_network_log_acl_match_reject_rate_limit Sets the log throttle rate limit for ACL match reject log messages in Network Firewall. When set, the system allows logging of ACL match reject log messages up to the configured number of log messages per second, beyond which log messages are dropped. The default rate limit is unlimited. BIG-IP_v11.6.0
set_network_log_aggregate_rate_limit Sets the aggregate log throttle rate limit for all log messages in network firewall. When set, the system allows logging up to the configured number of log messages per second, beyond which network log messages are dropped. The default rate limit is unlimited. BIG-IP_v11.6.0
set_network_log_ip_errors_filter_state Sets the IP errors log filter state in Network Firewall. When enabled, the system logs all IP errors (eg. IP error checksum). When disabled, the system does not log any IP errors. The default is disabled. BIG-IP_v11.4.0
set_network_log_ip_errors_rate_limit Sets the log throttle rate limit for IP error log messages in Network Firewall. When set, the system allows logging of IP error log messages up to the configured number of log messages per second, beyond which log messages are dropped. The default rate limit is unlimited. BIG-IP_v11.6.0
set_network_log_publisher Sets the log publisher in Network Firewall. The publisher name is the only configuration in this sub-profile that encapsulates all remote logging settings in a generic way. Please see the Publisher interface in the Log module for more information. BIG-IP_v11.4.0
set_network_log_tcp_errors_filter_state Sets the TCP errors log filter state in Network Firewall. When enabled, the system logs all TCP errors (eg. BAD TCP checksum). When disabled, the system does not log any TCP errors. The default is disabled. BIG-IP_v11.4.0
set_network_log_tcp_errors_rate_limit Sets the log throttle rate limit for TCP error log messages in Network Firewall. When set, the system allows logging of TCP error log messages up to the configured number of log messages per second, beyond which log messages are dropped. The default rate limit is unlimited. BIG-IP_v11.6.0
set_network_log_tcp_events_filter_state Sets the TCP events log filter state in Network Firewall. When enabled, the system logs all TCP connection established and closed events. When disabled, the system does not log any TCP event. The default is disabled. BIG-IP_v11.4.0
set_network_log_tcp_events_rate_limit Sets the log throttle rate limit for TCP Event log messages in Network Firewall. When set, the system allows logging of TCP Event log messages up to the configured number of log messages per second, beyond which log messages are dropped. The default rate limit is unlimited. BIG-IP_v11.6.0
set_network_log_translation_fields_filter_state Sets the Network log translation fields filter state in a Logging profile. When enabled, the system logs all translated fields in Network logs. Translated fields include Source Address/Port, Destination Address/Port, IP Protocol, Route Domain, Vlan, Source Address translation reason and Source Address translation Pool. When disabled, the system does not log the translated fields. The default is disabled. BIG-IP_v11.4.0
set_network_user_defined_string Sets the user defined string of the user-defined storage format in Network Firewall. You can use free text between the traffic items enclosed in % on both sides. BIG-IP_v11.4.0
set_protocol_dns_field_format Sets the field format of the storage format in Protocol (DNS) Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Field format specifies which format the remote machine uses for each key/value pair in the logging file. Use %k for key and %v for value. The default format is empty that is interpreted as “%v”, for CSV. BIG-IP_v11.4.0
set_protocol_dns_field_list_delimiter Sets the field-list delimiter of the field-list storage format in Protocol (DNS) Security. Field delimiter specifies which delimiter the remote machine uses to separate the fields in the logging file. You may not use the % character. The default delimiter is the comma character, for Comma Separated Value (CSV). BIG-IP_v11.4.0
set_protocol_dns_format_field_list Sets the storage format type to field list and sets the fields list in Protocol (DNS) Security. For consistent configuration, when changing the storage format type to field list one must specify also the fields list. The available storage format types are mentioned under the DNSStorageFormat enumeration. Please see replace_protocol_dns_field_list for more information about the field list setting. BIG-IP_v11.4.0
set_protocol_dns_format_user_defined Sets the storage format type to user-defined and sets the user-defined string in Protocol (DNS) Security. For consistent configuration, when changing the storage format type to user-defined one must specify also the user-defined string. The available storage format types are mentioned under the DNSStorageFormat enumeration. Please see set_protocol_dns_user_defined_string for more information about every setting. BIG-IP_v11.4.0
set_protocol_dns_log_drop_filter_state Sets the drop log filter state in Protocol (DNS) Security. When enabled, the system logs all DNS requests that are dropped. When disabled, the system does not log. The default is disabled. BIG-IP_v11.4.0
set_protocol_dns_log_filtered_drop_filter_state Sets the filtered-drop log filter state in Protocol (DNS) Security. When enabled, the system logs all DNS requests that are dropped due to security filtering. When disabled, the system does not log. The default is disabled. BIG-IP_v11.4.0
set_protocol_dns_log_malformed_filter_state Sets the malformed log filter state in Protocol (DNS) Security. When enabled, the system logs all DNS requests that are malformed. When disabled, the system does not log. The default is disabled. BIG-IP_v11.4.0
set_protocol_dns_log_malicious_filter_state Sets the malicious log filter state in Protocol (DNS) Security. When enabled, the system logs all DNS requests that are malicious. When disabled, the system does not log. The default is disabled. BIG-IP_v11.4.0
set_protocol_dns_log_publisher Sets the log publisher in Protocol (DNS) Security. The publisher name is the only configuration in this sub-profile that encapsulates all remote logging settings in a generic way. Please see the Publisher interface in the Log module for more information. BIG-IP_v11.4.0
set_protocol_dns_log_reject_filter_state Sets the DNS-reject log filter state in Protocol (DNS) Security. When enabled, the system logs all DNS requests that are rejected. When disabled, the system does not log. The default is disabled. BIG-IP_v11.4.0
set_protocol_dns_user_defined_string Sets the user defined string of the user-defined storage format in Protocol (DNS) Security. You can use free text between the traffic items enclosed in % on both sides. BIG-IP_v11.4.0
set_protocol_sip_field_format Sets the field format of the predefined storage format in Protocol (SIP) Security. This is relevant only for the remote storage of type remote, since Splunk and ArcSight have their fixed format. Field format specifies which format the remote machine uses for each key/value pair in the logging file. Use %k for key and %v for value. The default format is empty that is interpreted as “%v”, for CSV. BIG-IP_v11.4.0
set_protocol_sip_field_list_delimiter Sets the field-list delimiter of the field-list storage format in Protocol (SIP) Security. Field delimiter specifies which delimiter the remote machine uses to separate the fields in the logging file. You may not use the % character. The default delimiter is the comma character, for Comma Separated Value (CSV). BIG-IP_v11.4.0
set_protocol_sip_format_field_list Sets the storage format type to field list and sets the fields list in Protocol (SIP) Security. For consistent configuration, when changing the storage format type to field list one must specify also the fields list. The available storage format types are mentioned under the SIPStorageFormat enumeration. Please see replace_protocol_sip_field_list for more information about the field list setting. BIG-IP_v11.4.0
set_protocol_sip_format_user_defined Sets the storage format type to user-defined and sets the user-defined string in Protocol (SIP) Security. For consistent configuration, when changing the storage format type to user-defined one must specify also the user-defined string. The available storage format types are mentioned under the SIPStorageFormat enumeration. Please see set_protocol_sip_user_defined_string for more information about every setting. BIG-IP_v11.4.0
set_protocol_sip_log_drop_filter_state Sets the drop log filter state in Protocol (SIP) Security. When enabled, the system logs all SIP requests that are dropped. When disabled, the system does not log. The default is disabled. BIG-IP_v11.4.0
set_protocol_sip_log_global_failures_filter_state Sets the global-failures log filter state in Protocol (SIP) Security. When enabled, the system logs all SIP requests that failed due to global failures (all 6XX response codes). When disabled, the system does not log. The default is disabled. BIG-IP_v11.4.0
set_protocol_sip_log_malformed_filter_state Sets the malformed log filter state in Protocol (SIP) Security. When enabled, the system logs all SIP requests that are malformed. When disabled, the system does not log. The default is disabled. BIG-IP_v11.4.0
set_protocol_sip_log_publisher Sets the log publisher in Protocol (SIP) Security. The publisher name is the only configuration in this sub-profile that encapsulates all remote logging settings in a generic way. Please see the Publisher interface in the Log module for more information. BIG-IP_v11.4.0
set_protocol_sip_log_redirection_responses_filter_state Sets the redirection-responses log filter state in Protocol (SIP) Security. When enabled, the system logs all SIP requests that result in redirection responses (all 3XX response codes). When disabled, the system does not log. The default is disabled. BIG-IP_v11.4.0
set_protocol_sip_log_request_failures_filter_state Sets the request-failures log filter state in Protocol (SIP) Security. When enabled, the system logs all SIP requests that failed (all 4XX response codes). When disabled, the system does not log. The default is disabled. BIG-IP_v11.4.0
set_protocol_sip_log_server_errors_filter_state Sets the server-errors log filter state in Protocol (SIP) Security. When enabled, the system logs all SIP requests that failed due to server errors (all 5XX response codes). When disabled, the system does not log. The default is disabled. BIG-IP_v11.4.0
set_protocol_sip_user_defined_string Sets the user defined string of the user-defined storage format in Protocol (SIP) Security. You can use free text between the traffic items enclosed in % on both sides. BIG-IP_v11.4.0
set_protocol_transfer_publisher Sets the log publisher in Protocol (Transfer) Security. The publisher name is the only configuration in this sub-profile that encapsulates all remote logging settings in a generic way. Please see the Publisher interface in the Log module for more information. BIG-IP_v11.3.0
set_sip_dos_publisher Sets the SIP DoS log publisher in a Logging profile. BIG-IP_v11.4.0

Structures

Structure Description

Enumerations

Enumeration Description
DNSStorageFormat Specifies the type of storage format that the DNS log displays.
EntryLength Entry length - Specifies how much of the entry length the server logs.
FilterKey Filter key - Specifies which criterion in the filters setting (list) requests must meet to be logged.
LogicOperation Logic operation - Specifies whether requests must meet all criteria in the filters setting, or at least one criterion in order for the system, or server, to log the requests.
NetworkStorageFormat Specifies the type of storage format that the Network log displays.
RemoteFacility Remote facility - Specifies the facility category of the logged traffic.
RemoteProtocol Remote protocol - Specifies which protocol the remote server supports.
RemoteStorage Remote storage - Specifies on which remote logging server the system stores all traffic.
ResponseLogging Response logging - Specifies whether the system logs HTTP responses.
SIPStorageFormat Specifies the type of storage format that the SIP log displays.
StorageFormat Storage format - Specifies the type of storage format that the log displays.

Exceptions

Exception Description

Constants

Constant Type Value Description

Aliases

Alias Type Description
DNSStorageFormatSequence DNSStorageFormat [] A sequence of DNS log storage format types.
DNSStorageFormatSequenceSequence DNSStorageFormat [] [] A sequence of a sequence of DNS log storage format types.
EntryLengthSequence EntryLength [] A sequence of entry lengths.
EntryLengthSequenceSequence EntryLength [] [] A sequence of a sequence of entry lengths.
FilterKeySequence FilterKey [] A sequence of filter keys.
FilterKeySequenceSequence FilterKey [] [] A sequence of a sequence of filter keys.
FilterKeySequenceSequenceSequence FilterKey [] [] [] A sequence of a sequence of a sequence of filter keys.
LogicOperationSequence LogicOperation [] A sequence of logic operations.
LogicOperationSequenceSequence LogicOperation [] [] A sequence of a sequence of logic operations.
NetworkStorageFormatSequence NetworkStorageFormat [] A sequence of Network log storage format types.
NetworkStorageFormatSequenceSequence NetworkStorageFormat [] [] A sequence of a sequence of Network log storage format types.
RemoteFacilitySequence RemoteFacility [] A sequence of remote facilities.
RemoteFacilitySequenceSequence RemoteFacility [] [] A sequence of a sequence of remote facilities.
RemoteProtocolSequence RemoteProtocol [] A sequence of remote protocols.
RemoteProtocolSequenceSequence RemoteProtocol [] [] A sequence of a sequence of remote protocols.
RemoteStorageSequence RemoteStorage [] A sequence of remote storage types.
RemoteStorageSequenceSequence RemoteStorage [] [] A sequence of a sequence of remote storage types.
ResponseLoggingSequence ResponseLogging [] A sequence of response logging types.
ResponseLoggingSequenceSequence ResponseLogging [] [] A sequence of a sequence of response logging types.
SIPStorageFormatSequence SIPStorageFormat [] A sequence of SIP log storage format types.
SIPStorageFormatSequenceSequence SIPStorageFormat [] [] A sequence of a sequence of SIP log storage format types.
StorageFormatSequence StorageFormat [] A sequence of storage format types.
StorageFormatSequenceSequence StorageFormat [] [] A sequence of a sequence of storage format types.

See Also

Warning

The links to the sample code below are remnants of the old DevCentral wiki and will result in a 404 error. For best results, please copy the link text and search the codeshare directly on DevCentral.

Sample Code


The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.