BugZero found this defect 298 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
4/26/2024
BIG-IP
BIG-IP All
16.1.0
16.1.1
16.1.2
16.1.2.1
16.1.2.2
16.1.3
16.1.3.1
16.1.3.2
16.1.3.3
16.1.3.4
16.1.3.5
16.1.4
No fixed releases provided.
Bug ID 1281661: Mcpd audit log messages are truncated at 8192 bytes ... When audit logging is enabled, configuration changes are logged to the /var/log/audit file, however there is a 8K (8192 byte) limit to the size of these messages, meaning that if a larger mcp object is modified, the audit log message related to that change may be truncated. ... Note that there is a similar, but distinctly different, issue related to audit messages of objects containing carriage returns (typically irules) - see ID842669, which can give the appearance of the log message being truncated earlier than 8192 bytes. ... Impact ... Incomplete audit log messages, potentially making it difficult to retrospectively tell when a configuration change occurred. ... Conditions ... Modification or creation of a large mcp object, such as an APM ACL, data-group, or irule. ... Workaround ... Create smaller mcp objects that are able to be expressed completely in less than 8192 bytes. ... For example, consider multipl...