tuckner
tuckner
The ASM dashboard will look for some of the following fields for its data: ``` TransactionOutcome attack_type DosL7AttackID ``` I would validate in the index that these fields exist and...
I haven't tested with ELK 6. I believe some of the type mappings in the template may have been depreciated and Kibana changes often as far as dashboard widgets are...
Yeah! Submit a pull or send me what should be updated and I'll look it over!
Can you verify F5 is sending the logs succesfully? I seem to remember not being able to send syslog out of the management interface of the F5.
Make sure to apply the AVR profile to your virtual server, have the correct pool of AVR logging servers, and make sure you're not sending logs out the management port....
It would depend on routing. If the fastest path to the ELK server is through the management port, then AVR will probably fail to send the logs.