security analytics settings
security analytics settings(1) BIG-IP TMSH Manual security analytics settings(1)
NAME
settings - Configure global settings for security (AFM) analytics.
MODULE
security analytics
SYNTAX
Configure the settings component within the security analytics module using the syntax shown in the following
sections.
MODIFY
modify settings
options:
acl-rules {
collect-client-ip [enabled | disabled]
collect-client-port [enabled | disabled]
collect-dest-ip [enabled | disabled]
collect-dest-port [enabled | disabled]
collect-server-side-stats [enabled | disabled]
}
collected-stats-internal-logging [enabled | disabled]
collected-stats-external-logging [enabled | disabled]
dns {
collect-client-ip [enabled | disabled]
}
dos-l2-l4 {
collect-client-ip [enabled | disabled]
}
l3-l4-errors {
collect-client-ip [enabled | disabled]
collect-dest-ip [enabled | disabled]
}
publisher [name]
smtp-config [name]
stale-rules {
collect [enabled | disabled]
}
DISPLAY
list settings
DESCRIPTION
Use the settings component to modify the settings for analytics entity collection for the AFM (advanced
firewall) module.
EXAMPLES
modify settings acl-rules { collect-client-ip disabled }
Disables source/client IP analytics collection for ACL rules.
list settings
Displays analytics settings for AFM.
OPTIONS
acl-rules
Firewall (ACL) security statistics collection options.
collect-client-ip
Specifies whether source/client IP address should be collected for ACL rule matching.
collect-client-port
Specifies whether source/client port should be collected for ACL rule matching.
collect-dest-ip
Specifies whether the destination IP address should be collected for ACL rule matching.
collect-dest-port
Specifies whether the destination port should be collected for ACL rule matching.
collect-server-side-stats
Specifies whether server side statistics (source address translation information, self IP address
and pool member address) should be collected for ACL rule matching.
collected-stats-internal-logging
Enables or disables the internal logging of the collected statistics.
collected-stats-external-logging
Enables or disables the external logging of the collected statistics.
dns DNS security statistics collection options.
collect-client-ip
Specifies whether source/client IP address should be collected for DNS security.
dos-l2-l4
Network DoS security statistics collection options.
collect-client-ip
Specifies whether source/client IP address should be collected for network layer's DoS security.
l3-l4-errors
Firewall errors statistics collection options.
collect-client-ip
Specifies whether source/client IP address should be collected for firewall errors.
collect-dest-ip
Specifies whether the destination IP address should be collected for firewall errors.
publisher
Specifies the external logging publisher used to send statistical data to one or more destinations.
smtp-config
Specifies the default SMTP configuration used for exporting CSV or PDF security analytics reports.
stale-rules
collect
Specifies whether statistics about all firewall rules should be collected in order to present
information regarding rule staleness.
SEE ALSO
list, modify, show, tmsh, analytics network, analytics dos-l3, analytics dns-dos, analytics dns-protocol
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or by any means, electronic or
mechanical, including photocopying, recording, or information storage and retrieval systems, for any purpose
other than the purchaser's personal use, without the express written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2009-2012. All rights reserved.
BIG-IP 2013-10-15 security analytics settings(1)