iCall script to add and remove iRules based on log message

Question

Hey I'm brand new to these iCalls and trying to get a handle on how I would use a log message to add an iRule
Any tips? &nbsp;

john_alam_45640 · Answer

You don’t need a full iCall since it is a simple script, you can do it like this:

Text to add to /config/user_alert.conf

alert IRULE_ADD "text in log that triggers irule add" {
    exec command="tmsh modify ltm virtual virtual_name rules { irule_name }"
}

To remove:

alert IRULE_REMOVE "text in log that triggers irule remove" {
    exec command="tmsh modify ltm virtual virtual_name rules none"
}

If you had a bigger process that is being triggered you can do this:

alert IRULE_ADD "text in log that triggers irule add" {
    exec command=" tmsh generate sys icall event BIG_SCRIPT_EVENT"
}

Then you would have:

sys icall handler triggered BIG_SCRIPT_HANDLER {
    script BIG_SCRIPT
    subscriptions {
    BIG_SCRIPT_EVENT {
            event-name BIG_SCRIPT_EVENT
        }
    }

sys icall script BIG_SCRIPT {
    app-service none
    definition {
    script command here……
    .
    .
    }
    description “Script started by handler BIG_SCRIPT which is trigger by   BIG_SCRIPT_EVENT”
    events none
}

Forum Discussion

iCall script to add and remove iRules based on log message

1 Reply

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

In Using the AST tool am I pointing it to TENANTS or to the F5OS(hardware) I have?

2026 is Almost Here

can you help with getting a BigIP virtual edition serial key

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

VIP in https that redirect to another vip in https

Related Content

Remove alerts showing r-series LCD/Dashboard.

Load Balancing TCP TLS Encrypted Syslog Messages

Rapid iRule Removal via Tmsh Script

Re: BIG-IP security hardening and compliance checks script

Cross Site Scripting (XSS) Exploit Paths

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS