Forum Discussion
how to capture logs using TCPDUMP
Hi guys, I'm new to F5 so could someone please guide me how to use tcpdump command to capture and view the logs on bigIP 3900 LTM.
Thanks in advance :-)
- Kevin_StewartEmployee
[c18444@g] ~ /var/log/ltm bash: /var/log/ltm: Permission denied
/var/log/ltm is a file. You need to perform some action on that file to be useful. At a minimum you could simply 'cat' the file:
cat /var/log/ltm
But what most find the best option is to 'tail' the log - which produces an active running output of the log data:
tail -f /var/log/ltm
- Kevin_StewartEmployee
Adding to IheartF5's answer, the tcpdump command is used primarily to capture network traffic. Logs, on the other hands (system and module), are generated and stored in the /var/log directory. Here is a list of the common set of syslog facilities:
sol13317: Configuring the level of information that syslog-ng sends to log files (11.x)
A common iRules troubleshooting tool is to run the tail command in "follow" mode from the shell to see errors and inserted log statements. For example, this is to tail the ltm log:
tail -f /var/log/ltm
You could then insert log statements in your iRules at strategic points and see those in the above stream of messages. Example:
when HTTP_REQUEST { log local0. "URI = [HTTP::uri]" }
- IheartF5_45022Nacreous
But the easiest way is to just read /var/log/ltm really.......
- alok_sinha_1336Nimbostratus[c18444@g] ~ /var/log/ltm bash: /var/log/ltm: Permission denied
- Samir_Jha_52506Noctilucent
Please refer this link
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com