Manual Chapter : Common Elements for event logs in Access Policy Manager

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 15.0.1, 15.0.0
Manual Chapter

Common Elements for event logs in Access Policy Manager

  1. On the Main tab, click
    Access
    Overview
    Event Logs
    Settings
    .
    A log settings table screen opens.
  2. Select a log setting and click
    Edit
    .
    Alternatively, you can create a new log setting.
    A popup screen opens with General Information selected in the left pane.
  3. Click
    Create
    .
    A popup screen opens with General Information selected in the left pane.
  4. In the
    Name
    field, type a name.
  5. From the
    Log Publisher
    list, select the log publisher of your choice.
    A log publisher specifies one or more logging destinations.
    The BIG-IP system is not a logging server and has limited capacity for storing, archiving, and analyzing logs. For this reason a dedicated logging server is recommended.
  6. Select the check box for the log setting that you want to update and click
    Edit
    .
    A popup screen opens.
  7. To configure settings for access system logging, select
    Access System Logs
    from the left pane.
    Access System Logs settings display in the right panel.
  8. For access system logging, retain the default minimum log level,
    Notice
    , for each option.
    You can change the minimum log level, but
    Notice
    is recommended.
    Access Policy
    Events that occur while an access policy runs.
    Per-Request Policy
    Events that occur while a per-request policy runs.
    ACL
    Events that occur while applying APM access control lists.
    SSO
    Events that occur during single-sign on.
    Secure Web Gateway
    Events that occur during URL categorization on a BIG-IP system with an SWG subscription.
    ECA
    Events that occur during NTLM authentication for Microsoft Exchange clients.
    OAuth
    Events that occur while APM, as an OAuth authorization server, processes requests.
    PingAccess Profile
    Events related to PingAccess authentication.
    For PingAccess authentication, only the log levels defined in default-log-settings apply.
    VDI
    Events related to connections to virtual desktop resources.
    Endpoint Management System
    Events related to connections to an endpoint management system.
  9. Click
    OK
    .
    The popup screen closes. The table displays.
  10. On the Main tab, click
    Access
    Overview
    Access Reports
    .
    The Reports Browser displays in the right pane. The Report Parameters popup screen opens and displays a description of the current default report and default time settings.
  11. Select
    default-log-setting
    and click
    Edit
    .
    A popup screen opens.
  12. Setting the log level to
    Debug
    can adversely impact system performance.
    The default log level is
    Notice
    . At this level, logging occurs for messages of severity Notice and for messages at all incrementally greater levels of severity.
To put a log setting into effect, you must assign it to an access profile. Additionally, the access profile must be assigned to a virtual server.