Forum Discussion
hoangnv
Nimbostratus
NimbostratusForward the output of command tmsh show sys connection to External Server Logs
Hi guys,
I want to config forward logs of the output of command " tmsh show sys connnection" to External Server Logs to monitor traffic on F5. How can I do this.?
Thanks for you help.
- zamroni777
Nacreous
set the command output to file.
put the command in a script file then use scheduler to run the script periodically and send the file by scp.
scpalternatively, you can retrieve it via snmp
hoangnvPlease share me this guide to config this. Many Thanks.
- Lucas_Thompson
Employee
If your goal is to monitor all connection flows, like *every single connection* that's established, you can do this using iRules or LTM Policies. But you have to pick exactly what data is important to you. BIG-IP is a full 2-sided L7 proxy so you can log almost any piece of data that you want on either the serverside or clientside in Ethernet, VLAN, IP, TCP, SSL, HTTP, etc, as long as it's not encrypted. If you can give a specific list of data items you want to log, we can provide an example config to do that.
If you want to know periodically what is the count of connections, zamroni777's solution is awesome. BIG-IP also keeps track of this (connflow count) and other important things internally in the RRD graphs:
https://my.f5.com/manage/s/article/K50425247
- hoangnv
How can I use iRules or LTM Policies to monitor all connection flows.
Please share me guide. Thanks
- Lucas_Thompson
Sure. BIG-IP can definitely log data about all connection flows.
If you don't know what data you need to monitor, you'd probably start with a generic one. We do have such generic article here:
Log client to vip connections | DevCentral
