Hello Splunkers, how have you been?
We've been taking with F5 BIG IP Security (WAF) app and we've been observing some strange behavior on panel's dashboards, most of that connected with Attacks and Signatures. I think the way we've configured the iRule or something on BIG IP panel is not correctly right. Just adding more information, we've configured data input via UDP.
The main concern is: 1. how to generate these logs? 2. how to configure the way BIG IP way generate these logs? 3. Is this related with iRule?
Could you guys help? Thanks a lot for any suggestion.