BugZero found this defect 1129 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
4/26/2024
BIG-IP
BIG-IP DNS
BIG-IP GTM
11.5.1
11.5.2
11.5.3
11.5.4
11.5.5
11.5.6
11.5.7
11.5.8
11.5.9
11.5.10
11.6.0
11.6.1
No fixed releases provided.
Severity: 4-Minor ... Symptoms ... DNS logging does not support Splunk format logging. ... It fails to log the events, instead logging err messages: hostname="XXXXXXXXXXXXX.XX",errdefs_msgno="01230140:3: ... Impact ... DNS logging does not log Splunk format to HSL. ... Conditions ... DNS logging configured for Splunk format. ... Workaround ... Use an iRule to send Splunk-formatted messages to the Splunk server. ... For example: ltm rule dns_logging_to_splunk { when DNS_REQUEST { set ldns [IP::client_addr] set vs_name [virtual name] set q_name [DNS::question name] set q_type [DNS::question type] set hsl [HSL::open -proto UDP -pool splunk-servers] HSL::send $hsl "<190>,f5-dns-event=DNS_REQUEST,ldns=$ldns,virtual=$vs_name,query_name=$q_name,query_type=$q_type" } when DNS_RESPONSE { set ldns [IP::client_addr] set vs_name [virtual name] set q_name [DNS::question name] set q_type [DNS::question type] set answer [