Forum Discussion
Alan_Johnson_30
Nimbostratus
NimbostratusCipher Logging iRule
Hi folks,
I'm currently using an iRule to log cipher usage. It works great. However, I need to modify to include the Virtual Server name in the log entry. Here's what I've been using:
when HTTP_REQUEST {
if { [info exists logged] && $logged == 1 }{
Do nothing. Already logged for this connection
} else {
set host [HTTP::host]
set useragent [HTTP::header "User-Agent"]
set logged 1
log local0. "[IP::client_addr] - [SSL::cipher name] - [SSL::cipher version] - [SSL::cipher bits] - [HTTP::header "User-Agent"]"
}
}
...and here's what I was going to try to get the virtual server name added:
log local0. "[virtual name] - [IP::client_addr] - [SSL::cipher name] - [SSL::cipher version] - [SSL::cipher bits] - [HTTP::header "User-Agent"]"
Does anyone have any thoughts on whether or not that will work? If not any suggestions?
jurgenvdmark_14It looks fine to me,
I have a similar rule which logs when the SSL handshake takes place:
when CLIENTSSL_HANDSHAKE { log local0.info "virtual=[virtual name], src_ip=[IP::client_addr], ssl_cipher=[SSL::cipher name], ssl_protocol=[SSL::cipher version], ssl_bits=[SSL::cipher bits]" }Starting in version 11. A virtual consists of the partition and the virtual-name, f.i.
using the following command you can get the virtual name without the partition:/Common/testset env_vserver [getfield [virtual] "/" 3]