Forum Discussion
alok_sinha_1336
Nimbostratus
Nimbostratushow to capture logs using TCPDUMP
Hi guys, I'm new to F5 so could someone please guide me how to use tcpdump command to capture and view the logs on bigIP 3900 LTM.
Thanks in advance :-)
Samir_Jha_52506Noctilucent
Please refer this link
- IheartF5_45022
Nacreous
But the easiest way is to just read /var/log/ltm really.......
- alok_sinha_1336[c18444@g] ~ /var/log/ltm bash: /var/log/ltm: Permission denied
- Kevin_Stewart
Employee
Adding to IheartF5's answer, the tcpdump command is used primarily to capture network traffic. Logs, on the other hands (system and module), are generated and stored in the /var/log directory. Here is a list of the common set of syslog facilities:
sol13317: Configuring the level of information that syslog-ng sends to log files (11.x)
A common iRules troubleshooting tool is to run the tail command in "follow" mode from the shell to see errors and inserted log statements. For example, this is to tail the ltm log:
tail -f /var/log/ltmYou could then insert log statements in your iRules at strategic points and see those in the above stream of messages. Example:
when HTTP_REQUEST { log local0. "URI = [HTTP::uri]" } - Kevin_Stewart
[c18444@g] ~ /var/log/ltm bash: /var/log/ltm: Permission denied
/var/log/ltm is a file. You need to perform some action on that file to be useful. At a minimum you could simply 'cat' the file:
cat /var/log/ltmBut what most find the best option is to 'tail' the log - which produces an active running output of the log data:
tail -f /var/log/ltm
