...
Table 1-1: Port requirements for LCP communication.
Source | Destination | Port | Description |
F5 BIG-IP APM | LCP | 514 (UDP) | Default port |
Configuring F5 BIG-IP APM
...
For logs coming from APM, only the BSD syslog format is supported.
For LTM along with APM deployment, remote syslog configuration is not required. Based on the signatures in the APM, the collector processes only APM logs.
The F5 BIG-IP APM event collector supports multi-threading logs from LTM 11.6 device.
Please use below format of iRule if you are using iRule. This is the only format of iRule which we are supporting.
name log_header_requests
height 150
LCP Configuration Parameters
Table 1-2: The F5 Big IP(APM) event collector (Syslog -3781) properties to be configured by MSS are shown in the table.
Property | Default Value | Description |
Protocol | UDP | The default protocol for syslog. F5 BIG-IP APM does not support TCP. |
IP Address | F5 BIG-IP APM interface IP address | Logging device IP address mentioned in the Pre-Installation Questionnaire (PIQ). Note: If the device sends logs using multiple interfaces, contact the Accenture MDR onboarding team. |
Signatures | apd[,apmd[,tmm[,tmm1[,tmm2[,tmm3[,tmm4[,tmm5[, tmm6[,tmm7[,tmm8[,websso.0[,websso.1[,websso.2[, websso.3[, websso.4[,websso.5[,websso.6[, websso.7[,websso.8[, dnscached[ | MSS recommended signatures processed by the F5 BIG-IP APM event collector. |
Port Number | 514 | The default port number for syslog. Note: The LCP can be configured to listen on a non-standard port, please advise the Accenture MDR onboarding team if this is a requirement. |