NimbostratusHi guys,
I want to config forward logs of the output of command " tmsh show sys connnection" to External Server Logs to monitor traffic on F5. How can I do this.?
Thanks for you help.
Nacreousset the command output to file.
put the command in a script file then use scheduler to run the script periodically and send the file by scp.
scp
alternatively, you can retrieve it via snmp
NimbostratusPlease share me this guide to config this. Many Thanks.
EmployeeIf your goal is to monitor all connection flows, like *every single connection* that's established, you can do this using iRules or LTM Policies. But you have to pick exactly what data is important to you. BIG-IP is a full 2-sided L7 proxy so you can log almost any piece of data that you want on either the serverside or clientside in Ethernet, VLAN, IP, TCP, SSL, HTTP, etc, as long as it's not encrypted. If you can give a specific list of data items you want to log, we can provide an example config to do that.
If you want to know periodically what is the count of connections, zamroni777's solution is awesome. BIG-IP also keeps track of this (connflow count) and other important things internally in the RRD graphs:
https://my.f5.com/manage/s/article/K50425247
NimbostratusHow can I use iRules or LTM Policies to monitor all connection flows.
Please share me guide. Thanks
EmployeeSure. BIG-IP can definitely log data about all connection flows.
If you don't know what data you need to monitor, you'd probably start with a generic one. We do have such generic article here:
Log client to vip connections | DevCentral