F5 Networks BIG-IP APM sample event message

Use this sample event message to verify a successful integration with IBM® QRadar®.

Important: Due to formatting issues, paste the message format into a text editor and then remove any carriage returns or line feed characters.

F5 Networks BIG-IP APM sample message when you use the syslog protocol

The following sample event message shows that an ACL is matched. It also shows that the TCP traffic from 192.168.194.160:54636 to 172.16.0.12:4446 is allowed.

<173>Oct 25 11:52:34 f5networks.bigipapm.test notice tmm[20338]: 01580002:5: /path/to_file_123:Common:b77e0b8e: allow ACL: /path/to_other_file_123:2 packet: tcp 192.168.194.160:54636 -> 172.16.0.12:4446