Forum Discussion
1 Reply
Sort By
Every thing gets logged as long as proper logging is turned on. By default the CLI logging gets logged as per default settings. But if the change was done through GUI, you may need to have the db config.auditting value enabled to see the GUI made changes.
- In versions prior to BIG-IP 11.6.0, audit logging for BIG-IP configuration changes is disabled by default.
- In version above 11.6, the db config.auditting is enabled by default.
To know if your BIGIP is configured to capture the GUI changes, run the below command,
tmsh list /sys db config.auditing value
To check your logs,
less /var/log/audit | grep
less /var/log/audit | grep
In case the logs have been rotated, you may need to check on the other audit files,
ls -ltrh /var/log/audit*
This would list out the number of audit files thats present on your box with dates. You can use zcat/zless to open the gz files.
zcat /var/log/audit* | grep
zcat /var/log/audit* | grep