Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


F5 Networks FirePass

The F5 Networks FirePass DSM for JSA collects system events from an F5 FirePass SSL VPN device using syslog.

By default, remote logging is disabled and must be enabled in the F5 Networks FirePass device. Before receiving events in JSA, you must configure your F5 Networks FirePass device to forward system events to JSA as a remote syslog server.

Configuring Syslog Forwarding for F5 FirePass

To forward syslog events from an F5 Networks BIG-IP FirePass SSL VPN appliance to JSA, you must enable and configure a remote log server.

The remote log server can forward events directly to your JSA console or any Event Collector in your deployment.

  1. Log in to the F5 Networks FirePass Admin Console.

  2. On the navigation pane, select Device Management >Maintenance >Logs.

  3. From the System Logs menu, select the Enable Remote Log Server check box.

  4. From the System Logs menu, clear the Enable Extended System Logs check box.

  5. In the Remote host parameter, type the IP address or host name of your JSA.

  6. From the Log Level list, select Information.

    The Log Level parameter monitors application level system messages.

  7. From the Kernel Log Level list, select Information.

    The Kernel Log Level parameter monitors Linux kernel system messages.

  8. Click Apply System Log Changes.

    The changes are applied and the configuration is complete. The log source is added to JSA as F5 Networks FirePass events are automatically discovered. Events that are forwarded to JSA by F5 Networks BIG-IP ASM are displayed on the Log Activity tab in JSA.

Syslog Log Source Parameters for F5 Networks FirePass

If JSA does not automatically detect the log source, add a F5 Networks FirePass log source on the JSA Console by using the syslog protocol.

When using the syslog protocol, there are specific parameters that you must use.

The following table describes the parameters that require specific values to collect syslog events from F5 Networks FirePass:

Table 1: Syslog Log Source Parameters for the F5 Networks FirePass DSM



Log Source type

F5 Networks FirePass

Protocol Configuration


Log Source Identifier

Type the IP address or host name for the log source as an identifier for events from your F5 Networks FirePass devices.