Question
What are the Log Export source IP addresses?
- Which IP addresses do I need to allow on my side to allow Log Export to connect with our log collector/SIEM?
Environment
- Silverline WAF
- Silverline DDoS
- Log Export
Answer
- The Log Export feature will deliver logs from a region based on the proxy deployment
| Regions | IP Range to Allowlist |
|---|---|
| US East, US West, Germany, UK, and Asia |
107.162.0.0/21, 107.162.104.0/23, 107.162.49.0/24, 107.162.56.0/22, 107.162.60.0/24 and 107.162.96.0/21 |
| Montreal | 3.96.143.32/27 |
| US-Ohio | 3.129.192.96/27 |
| Bahrain | 15.184.20.0/27 |
| Sydney | 3.25.178.32/27 |
| Sao Paulo | 15.228.19.192/27 |
| Hong Kong | 18.166.117.64/27 |
| Mumbai | 15.207.61.128/27 |
| Tokyo | 18.183.37.128/27 |
- At this time, please ensure that you allow at a minimum allow the following regions:
- US East, US West, Germany, UK, and Asia
- Montreal
- If your proxy is deployed to a particular region, or you plan to have your proxy deploy to a particular region, then please do consider also adding the correlating /27 network range to your ACL(s)/Firewall(s)
Related Content
- How To Configure Log Export
- How to Edit, Test, and Delete Log Export Destinations
- Q&A: What is the format of log export messages? What are some samples or examples for WAF / DDoS / L7 DDoS / Threat Intelligence / iRule logs?
- Q&A: Which DDoS Alerts are included in Log Export?
- Q&A: Why is the Status "Unavailable" for a Log Export destination?