Forum Discussion
for Full proxy traffic ltm log... can i use below irule
when CLIENT_ACCEPTED {
set clip [IP::client_addr]:[TCP::client_port]
set vip [IP::local_addr]:[TCP::local_port]
log local0.info "Request from CLIENT :$clip to VIP:$vip "
}
when HTTP_REQUEST {
set uri [HTTP::header Host][HTTP::uri]
log local0.info "Request for URI :$uri"
}
when SERVER_CONNECTED {
set sip [IP::local_addr]:[TCP::local_port]
set node [IP::server_addr]:[TCP::server_port]
log local0.info "SIP:$sip -->> NODE:$node"
}
https://support.f5.com/csp/article/K35612380
when HTTP_REQUEST {
# Get time for start of HTTP request
set http_request_time [clock clicks -milliseconds]
# Log the start of a new HTTP request
set LogString "Client [IP::client_addr]:[TCP::client_port] -> [HTTP::host][HTTP::uri]"
log local0. "$LogString (request)"
}
when LB_SELECTED {
log local0. "Client [IP::client_addr]:[TCP::client_port]: Selected [LB::server]"
}
when LB_FAILED {
log local0. "Client [IP::client_addr]:[TCP::client_port]: Failed to [LB::server]"
}
when SERVER_CONNECTED {
log local0. "Client [IP::client_addr]:[TCP::client_port]: Connected to [IP::server_addr]:[TCP::server_port]"
}
when HTTP_RESPONSE {
# Received the response headers from the server. Log the pool name, IP and port, status and time delta
log local0. "$LogString (response) - pool info: [LB::server] - status: [HTTP::status] (request/response delta: [expr {[clock clicks -milliseconds] - $http_request_time}] ms)"
}
when CLIENT_CLOSED {
# Log the end time of the TCP connection
log local0. "Closed TCP connection from [IP::client_addr]:[TCP::client_port] to [IP::local_addr]:[TCP::local_port] (open for: [expr {[clock clicks -milliseconds] - $tcp_start_time}] ms)"
}
}
Hello Biju,
iRule Syntax is correct, you'll start seeing logs when you apply it.
To me, this looks like a lot of logging for every request, which might fill up log files pretty quick (and possibly increase memory usage) depending on amount of traffic.
Keep in mind that F5 is not a logging server, so consider setting up a remote syslog if this info needs to be mantained (otherwise, log rotation process will periodically delete older log files).
There's commands for remote logging in irules as well
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com