security analytics settings
security analytics settings(1)BIG-IP TMSH Manualsecurity analytics settings(1)
NAME
settings - Configure global settings for security (AFM) analytics.
MODULE
security analytics
SYNTAX
Configure the settings component within the security analytics module
using the syntax shown in the following sections.
MODIFY
modify settings
options:
acl-rules {
collect-client-ip [enabled | disabled]
collect-client-port [enabled | disabled]
collect-dest-ip [enabled | disabled]
collect-dest-port [enabled | disabled]
collect-server-side-stats [enabled | disabled]
}
collected-stats-internal-logging [enabled | disabled]
collected-stats-external-logging [enabled | disabled]
dns {
collect-client-ip [enabled | disabled]
}
dos-l2-l4 {
collect-client-ip [enabled | disabled]
}
l3-l4-errors {
collect-client-ip [enabled | disabled]
collect-dest-ip [enabled | disabled]
}
publisher [name]
smtp-config [name]
stale-rules {
collect [enabled | disabled]
}
DISPLAY
list settings
DESCRIPTION
Use the settings component to modify the settings for analytics entity
collection for the AFM (advanced firewall) module.
EXAMPLES
modify settings acl-rules { collect-client-ip disabled }
Disables source/client IP analytics collection for ACL rules.
list settings
Displays analytics settings for AFM.
OPTIONS
acl-rules
Firewall (ACL) security statistics collection options.
collect-client-ip
Specifies whether source/client IP address should be
collected for ACL rule matching.
collect-client-port
Specifies whether source/client port should be collected for
ACL rule matching.
collect-dest-ip
Specifies whether the destination IP address should be
collected for ACL rule matching.
collect-dest-port
Specifies whether the destination port should be collected
for ACL rule matching.
collect-server-side-stats
Specifies whether server side statistics (source address
translation information, self IP address and pool member
address) should be collected for ACL rule matching.
collected-stats-internal-logging
Enables or disables the internal logging of the collected
statistics.
collected-stats-external-logging
Enables or disables the external logging of the collected
statistics.
dns DNS security statistics collection options.
collect-client-ip
Specifies whether source/client IP address should be
collected for DNS security.
dos-l2-l4
Network DoS security statistics collection options.
collect-client-ip
Specifies whether source/client IP address should be
collected for network layer's DoS security.
l3-l4-errors
Firewall errors statistics collection options.
collect-client-ip
Specifies whether source/client IP address should be
collected for firewall errors.
collect-dest-ip
Specifies whether the destination IP address should be
collected for firewall errors.
publisher
Specifies the external logging publisher used to send statistical
data to one or more destinations.
smtp-config
Specifies the default SMTP configuration used for exporting CSV or
PDF security analytics reports.
stale-rules
collect
Specifies whether statistics about all firewall rules should
be collected in order to present information regarding rule
staleness.
SEE ALSO
list, modify, show, tmsh, analytics network, analytics dos-l3,
analytics dns-dos, analytics dns-protocol
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or
by any means, electronic or mechanical, including photocopying,
recording, or information storage and retrieval systems, for any
purpose other than the purchaser's personal use, without the express
written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2009-2012. All rights reserved.
BIG-IP 2013-10-15 security analytics settings(1)