We have an idea to use the logs from these systems for DDOS detections. Was wondering if anyone has props\transfers that will parse\normalize\model them?
There is an F5 app in Splunkbase that we've used before at several clients, iirc.
I didnt see anything that addressed the GTM though. Did I miss it?
well I missed this: https://splunkbase.splunk.com/app/2680/
Will check this out.