Forum Discussion
krishans_52349
Nimbostratus
Jan 25, 2011Configure syslog server in F5 with an irule to see actual internet IP in syslog server
Hi,
we are using Big IP 3900 version 10.2 , We had network topolgy in this way that we need to enable SNAT as AutoMap , For this reason we are not been able to see the actual Internet IP / Client IP , in the servers .
We want configure an irule in such a way that it will log the actual Internet/Client IP and send it to the syslog server . For that should we need to configure syslog server in F5 , or it can be configured or forward through irule itself.
Our mail Aim is to see only the Actual Internet/Client IP.
Please help
Thanks in Advance for the help
- Chris_Miller
Altostratus
Are you just using HTTP? If so, you can insert it in an X-Forwarded-For header and have your web server parse for that. Otherwise, you can use an iRule to log the client's ip address and send it to whatever logging facility you want. As long as your F5 box is configured to pass the data to the syslog server, that should be plenty easy. - krishans_52349
Nimbostratus
Hi Chris , - Chris_Miller
Altostratus
Here's a good doc on configuring syslog:when CLIENT_ACCEPTED { log local0. "Client's IP Address was [IP::client_addr]" }
- Chris_Miller
Altostratus
Here's an absolutely perfect example for you: - krishans_52349
Nimbostratus
Hi Chris , - Colin_Walker_12Historic F5 AccountYes, in 10.2 you should be able to log directly to your syslog server via the log command.
- hoolio
Cirrostratus
HSL in 10.1 and higher would be more efficient than the older log command. If you're on 9.4.0 - 10.0.x, you could use 'log -remote': - krishans_52349
Nimbostratus
Hi , - Colin_Walker_12Historic F5 AccountThe log statement actually uses the same HSL exit point on the LTM if you supply an IP address post 10.1, so log and HSL should be equally efficient, last I checked.
- krishans_52349
Nimbostratus
Hi Colin ,
Recent Discussions
Related Content
Â
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects