Unable to send ASM logs to a HTTP endpoint via telemetry streaming #280
Description
Environment
- Telemetry Streaming Version: 1.36.0-1
- BIG-IP Version: 17.1.0.1
Summary
I'm able to generate ASM logs deployed in our on-premise setup but unable to send it via telemetry streaming to a HTTP endpoint (consumer type is Generic_HTTP).
Steps To Reproduce
Steps to reproduce the behavior:
- Submit the following declaration:
{
"class": "Telemetry",
"My_ASM_Listener": {
"class": "Telemetry_Listener",
"port": 6514,
"trace": true
"match": "ASM",
"actions": [
{
"setTag": {
"application": "`ASM`"
},
"enable": true
}
]
},
"My_Consumer": {
"class": "Telemetry_Consumer",
"type": "Generic_HTTP",
"host": "10.50.9.132",
"protocol": "http",
"port": 5151,
"path": "/post",
"headers": [
{"name": "Authorization", "value": "12345689"},
{"name": “ID1", "value": "ABC"},
{"name": "ID2", "value": "XYZ"}
],
"actions": [
{
"JMESPath": {},
"expression": "{ logs: [@] }"
}
]
}
}- On submitting above declaration, we're getting 200 response code.
- Verified that ASM logs are generated in the backend at
/var/log/asmdata1/request_logand shown on the F5 UI at: Security --> Events logs --> Application --> Requests. - Log level was set to debug but unable to see API failure logs. Following are the contents of logs at /var/log/restnoded/restnoded.log:
Screenshot 1:
Screenshot 2:
6. Verified that enough resources are provided for this setup to work.
Expected Behavior
- Logs should be sent via Telemetry Streaming to HTTP endpoint defined.
- Logs should indicate the failure and document what should be the next troubleshooting steps. Followed this troubleshooting guide and tried multiple steps but didn't help.