A10 configuration Guide

Community Forum Forums Thunder and AX Series A10 configuration Guide

This topic contains 2 replies, has 2 voices, and was last updated by avatar pinla11 1 month ago.

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #14532
    avatar
    pinla11
    Member

    Hello,

    I’m new working with ADC and logically also with A10 Network products. I’m having a hard work trying to understand what is configured and how it works. I just get four of them, no one here knows how it’s work or what is configured… I have some documentation but it’s not helpfull, and I have a lot of question. So, If any one can help me with this I really preciated some help.
    Some of my questions are:
    How can I define what type of attacks I want to log ? (WAF module)
    What it does the class list? and the aFlex module?
    What is the difference between them?
    How can I send logs to an ftp server instead of a syslog?
    How can I create the reports? is that possible with A10 Thunder?

    Well, I have more questions but I thinks those are a good start point.

    Thanks in advance for your help.

    #14592
    avatar
    diederik
    Member

    Hello,

    With the A10 WAF, all attacks and are automatically logged.
    Within your WAF template you can configure if the qood requests (Successful WAF Requests) also need to be logged.
    (this depends a bit on the version of ACOS you are running, I would advise to use 4.1.1 latest P release or higher)

    Class-lists can be used for many things. So it really depends on your configuration.
    In general class-lists contain a bigger number of IP addresses os string, and a process can quickly check if a particular source IP address, destination IP address, an IP address in a header of maybe a hostname, matches a class list, and then take action.

    aFlex is a scripting language that you can bind to a service.
    With aFlex you can create functionalities that are not available in a standard feature, you can basically do almost anything you want with the traffic passing through the A10.

    In general you can not send logging information directly to an FTP server.
    You can only do a backup of the system logs through FTP.
    All other user data related logging, like WAF event logging, HTTP logging etc, needs to directly go to a syslog server.
    Realise that temporarily storing these kinds of logs would slow down you system dramatically as it would require constant reading and writing of your log data. So usually all networking devices send logging information to Syslog servers.

    What kind of reports are you looking for?
    The A10 Thunder itself only provides real basic more management/operational Reporting information.
    Depending on the application you could look into using the A10 Harmony Controller to provide more user/end-customer oriented reporting.

    Maybe if you reach out to your A10 Business Partner or your A10 System Engineer you’ll get your answers faster if required.

    Else, we’re happy to help through the forum.

    Greetings,

    Diederik

    #14602
    avatar
    pinla11
    Member

    Thanks a lot Diederik, your commet gave a good start point.!

    Have a good day

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

Comments are closed.