Forum Discussion

TJ_Vreugdenhil's avatar
TJ_Vreugdenhil
Icon for Cirrus rankCirrus
Mar 05, 2014

Hi Kevin - In using the iRule above and I get a TCL error that it doesn't recognize the http_request_time in the HTTP_RESPONSE.

So what I did was move everything out of the ACCESS_ACL_ALLOWED event except for the username variable and I again get a TCL error in the HTTP_RESPONSE but now just for the http_username.

It looks like the ACCESS events and the HTTP events do not play nice together.

Would something like this work: 

when HTTP_REQUEST {
   set http_request "\"[HTTP::method] [HTTP::uri] HTTP/[HTTP::version]\""
   set http_request_time [clock clicks -milliseconds]
   set http_host [HTTP::host]
   set client_ip [IP::remote_addr]
   set client_port [TCP::remote_port]
   set http_request_uri [HTTP::uri]
   set referer [HTTP::header value referer]
}

when ACCESS_SESSION_STARTED {
 set userid [ACCESS::session data get "session.logon.last.username"]
 set userip [ACCESS::session data get "session.user.clientip"] 
 set useragent [ACCESS::session data get "session.user.agent"]" 
}

when ACCESS_POLICY_COMPLETED { 
    set log_msg ""
    append log_msg "userid=$userid "
    append log_msg "userip=$userip "
    append log_msg "useragent=$useragent "
    log local0. $log_msg
}

when HTTP_RESPONSE {
    set response_time [expr [clock clicks -milliseconds] - $http_request_time]
    set virtual [virtual]
    set content_length 0
    if { [HTTP::header exists "Content-Length"] } {
        set content_length [HTTP::header "Content-Length"]
    }
    set lb_server "[LB::server addr]:[LB::server port]"
    if { [string compare "$lb_server" ""] == 0 } {
        set lb_server ""
    }
    set status_code [HTTP::status]
    set content_type [HTTP::header "Content-type"]
    append log_msg "virtual=$virtual "
    append log_msg "client_ip=$client_ip "
    append log_msg "client_port=$client_port "
    append log_msg "lb_server=$lb_server "
    append log_msg "host=$http_host "
    append log_msg "$http_request_uri "
    append log_msg "request=$http_request "
    append log_msg "server_status=$status_code "
    append log_msg "content_length=$content_length "
    append log_msg "content_type=$content_type "
    append log_msg "resp_time=$response_time "
    append log_msg "referer=$referer"
       log  local0. $log_msg
    log local0. $log_msg
}

or how about putting the username in a HTTP header like this:

when ACCESS_ACL_ALLOWED {
   set user [ACCESS::session data get "session.logon.last.username"]
   HTTP::header insert "X-USERNAME" $user
}

when HTTP_RESPONSE {
    set log_msg ""
    append log_msg "user=$user "
    log local0. $log_msg
}

I would also like to know where I can find a list of ACCESS:session data get variables? Also would it be easier to log this data by using ASM?

Thanks!