F5 Networks BIG-IP APM sample event message
Use this sample event message to verify a successful integration with IBM QRadar.
Important: Due to formatting issues, paste the message format into a text editor and
then remove any carriage returns or line feed characters.
F5 Networks BIG-IP APM sample message when you use the syslog protocol
The following sample event message shows that an ACL is matched. It also shows that the TCP traffic from 192.168.194.160:54636 to 172.16.0.12:4446 is allowed.
<173>Oct 25 11:52:34 f5networks.bigipapm.test notice tmm[20338]: 01580002:5: /path/to_file_123:Common:b77e0b8e: allow ACL: /path/to_other_file_123:2 packet: tcp 192.168.194.160:54636 -> 172.16.0.12:4446Note: For more information about F5 APM DSM, see the "Log message format" section in the
Reviewing BIG-IP log files article. https://my.f5.com/manage/s/article/K16197