# Troubleshooting


> Troubleshoot Security Monitoring issues in F5 NGINX Instance Manager when security violation events are not received or dashboards are not populated.


## Security event log backup with Security Monitoring

### Description

If the Security Monitoring module doesn't receive a security violation event, the attack data is lost.

### Resolution

F5 WAF for NGINX supports logging to multiple destinations. You can send logs to NGINX Agent and keep a backup. If Security Monitoring doesn't receive security events, check the backup log to verify attack details. Use the following settings to turn on backup logging:

1. **For an instance with Security Monitoring only:**

   ```nginx
   app_protect_policy_file "/etc/app_protect/conf/NginxDefaultPolicy.json";
   app_protect_security_log_enable on;
   app_protect_security_log "/etc/app_protect/conf/log_sm.json" syslog:server=127.0.0.1:514;
   app_protect_security_log "/etc/app_protect/conf/log_sm.json" <Path to store log file>;
   # Example: app_protect_security_log "/etc/app_protect/conf/log_sm.json" /var/log/app_protect/security.log;
   ```

2. **For an instance with Security Monitoring and F5 NGINX Instance Manager:**

   ```nginx
   app_protect_policy_file "/etc/nms/NginxDefaultPolicy.tgz";
   app_protect_security_log_enable on;
   app_protect_security_log "/etc/nms/secops_dashboard.tgz" syslog:server=127.0.0.1:514;
   app_protect_security_log "/etc/nms/secops_dashboard.tgz" <Path to store log file>;
   # Example: app_protect_security_log "/etc/nms/secops_dashboard.tgz" /var/log/app_protect/security.log;
   ```

---

## How to get support

If you need more help, see the following topics:

- [Contact Support](/nim/support/contact-support.md)
- [Create a Support Package](/nim/support/support-package.md)