Subscribe to the Taegis™ XDR Documentation RSS Feed at .

Learn more about RSS readers or RSS browser extensions.

F5 BIG-IP Local Traffic Manager Integration Guide

integrations network f5

F5 BIG-IP Local Traffic Manager (LTM) appliances should be configured to send logs via syslog to the Taegis™ XDR Collector. F5 LTM logs are filtered and correlated for various security event observations. Please follow the instruction provided by F5 in this article to enable logging.

Connectivity Requirements

Source Destination Port/Protocol
F5 BIG-IP LTM Taegis™ XDR Collector (mgmt IP) UDP/514

Data Provided from Integrations

  Auth DNS HTTP Management Netflow NIDS Process Thirdparty
F5 LTM D     Y        

Y = Normalized | D = Out-of-the-Box Detections | V = Vendor-Specific Detections


Taegis™ XDR detectors are not guaranteed to be triggered, even if a data source's logs are normalized to a schema associated with a given detector. However, you can create Custom Alert Rules to generate alerts based on normalized data from a data source.

Configuration Instructions

To configure your F5 LTM appliance to send logs to Secureworks® Taegis™ XDR, follow the instructions provided by F5 in this article. Consider the following requirements when completing the configuration steps:


On this page: