Hi, Is it possible to delete a dedicated variable via irule from another APM session? Thank you, sm

Not sure you can delete an APM variable but you can for sure remove its value with the following command : ACCESS::session data set [-sid ] [-secure] [] where sid is the Session ID and key is the variable name.

Yes just this works: ACCESS::session data set –sid

I am trying to get session information for another session. When I use the sessiondump command i get 8 digit session numbers, but when i try to use them in a ACCESS::session data get -sid 12345678 it returns an error that the session doesn't exist. from the above example the sid seems to be a much larger value. I'm curious what the sid value should be? Then, is there a way to obtain the list of active sessions -- sessionid's as I would like to roll through all active sessions and report some of the session information. thank you.

hello, the sid is the full MRHSession cookie value not just the last 8 digits (LastMRH_Session)

how to delete apm session variable from another session

Yann_Desmarest
Cirrus
Oct 02, 2014
hello,

the sid is the full MRHSession cookie value not just the last 8 digits (LastMRH_Session)
Yann_Desmarest
Cirrus
Oct 02, 2014
hello,

the sid is the full MRHSession cookie value not just the last 8 digits (LastMRH_Session)
- brad_11480
  Nimbostratus
  Jun 19, 2017
  Good information. I'm using it after the session evaluation is complete and the session is underway, and the document does say: "After Access Policy evaluation, the session ID remains static.". But the interesting part is that I can use the last 8 digits anything as the first 24 digits and it is successful-- it doesn't have to match the value of the MRHSession cookie. I am, however, checking a full match with my code as I require it to match all 32 digits.
- Yann_Desmarest
  Cirrus
  Jun 13, 2017
  Hi,
  
  You can have a look at this article : https://support.f5.com/csp/article/K15387
  
  They explain that the first 24 HEX digits is rotated during policy evaluation for security reasons.
  
  I think that the MRHSession is really important when you are under policy evaluation. Once logged in, Last_MRHSession is the only required cookie.
- brad_11480
  Nimbostratus
  Jun 06, 2017
  well, actually it seems that it only looks at the last 8 digits. seems anything can be used in the first 24 digits.. use z or x (doesn't even have to be hex digits). So don't be fooled thinking the 32 digit string is more secure or has any other significance.....
  
  why they require 32 digits when only 8 are used is strange...
Yann_Desmarest_
Nacreous
Oct 02, 2014
hello,

the sid is the full MRHSession cookie value not just the last 8 digits (LastMRH_Session)
- brad_11480
  Nimbostratus
  Jun 19, 2017
  Good information. I'm using it after the session evaluation is complete and the session is underway, and the document does say: "After Access Policy evaluation, the session ID remains static.". But the interesting part is that I can use the last 8 digits anything as the first 24 digits and it is successful-- it doesn't have to match the value of the MRHSession cookie. I am, however, checking a full match with my code as I require it to match all 32 digits.
- Yann_Desmarest_
  Nacreous
  Jun 13, 2017
  Hi,
  
  You can have a look at this article : https://support.f5.com/csp/article/K15387
  
  They explain that the first 24 HEX digits is rotated during policy evaluation for security reasons.
  
  I think that the MRHSession is really important when you are under policy evaluation. Once logged in, Last_MRHSession is the only required cookie.
- brad_11480
  Nimbostratus
  Jun 06, 2017
  well, actually it seems that it only looks at the last 8 digits. seems anything can be used in the first 24 digits.. use z or x (doesn't even have to be hex digits). So don't be fooled thinking the 32 digit string is more secure or has any other significance.....
  
  why they require 32 digits when only 8 are used is strange...
Yann_Desmarest
Cirrus
Oct 02, 2014
hello,

the sid is the full MRHSession cookie value not just the last 8 digits (LastMRH_Session)
Yann_Desmarest
Cirrus
Oct 02, 2014
hello,

the sid is the full MRHSession cookie value not just the last 8 digits (LastMRH_Session)
Yann_Desmarest
Cirrus
Oct 02, 2014
hello,

the sid is the full MRHSession cookie value not just the last 8 digits (LastMRH_Session)
brad_11480
Nimbostratus
Oct 02, 2014
I am trying to get session information for another session. When I use the sessiondump command i get 8 digit session numbers, but when i try to use them in a ACCESS::session data get -sid 12345678 it returns an error that the session doesn't exist. from the above example the sid seems to be a much larger value. I'm curious what the sid value should be?

Then, is there a way to obtain the list of active sessions -- sessionid's as I would like to roll through all active sessions and report some of the session information.

thank you.

Andrea_Arquint

Nimbostratus

Aug 20, 2014

I mean it does work like this

ACCESS::session data set –sid 12345678901234567234562345 session.logon.last.username “”

Andrea_Arquint
Nimbostratus
Aug 20, 2014
Yes just this works: ACCESS::session data set –sid
Yann_Desmarest
Cirrus
Aug 20, 2014
Not sure you can delete an APM variable but you can for sure remove its value with the following command :

ACCESS::session data set [-sid ] [-secure] []

where sid is the Session ID and key is the variable name.

Forum Discussion

how to delete apm session variable from another session

Recent Discussions

Which process is consuming higher CPU

F5 Health Monitor Receive String as JSON

Background Tasks

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Related Content

DevCentral 2024 - Share Another Day

APM Session Variable Logging

Scope of variables when using call

Agility sessions announced

pool members can't connect to another Virtual Server

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS