Forum Discussion

JamesS_40157's avatar
JamesS_40157
Icon for Nimbostratus rankNimbostratus
Oct 19, 2011

irule for logging DNS queries to the load balancer?

Hi all,     Before I get into what seems like an easy question and obvious answer, first a bit of background!       We are about to refresh our current production load balancers (running...
application delivery
dev
devops
iRules
Mohamed_Lrhazi's avatar
Mohamed_Lrhazi
Icon for Altocumulus rankAltocumulus
Jan 19, 2012
I wrote this iRule to send query/response logs to remote syslog server, improvement suggestions highly appreciated: 

 
when CLIENT_ACCEPTED {
    set hsl [HSL::open -proto UDP -pool loggers]
    set vip [string trimright [IP::local_addr] :]
    set vip [IP::local_addr]
    set client_ip [IP::remote_addr]
}
when DNS_RESPONSE {
    set logline ""
    set answer ""
    set rrs [DNS::answer]
    set num_answers [llength $rrs]
    for {set i 1} {$i<=[llength $rrs]} {incr i} {
        set rr [lindex $rrs [expr {$i-1}]]
        append answer "a_name_" $i "=" [DNS::name $rr] " "
        append answer "a_ttl_" $i "=" [DNS::ttl $rr] " "
        append answer "a_class_" $i "=" [DNS::class $rr] " "
        append answer "a_type_" $i "=" [DNS::type $rr] " "
        append answer "a_data_" $i "=" [DNS::rdata $rr] " "     
    }
    set additional ""
    set rrs [DNS::additional]
    set num_answers_add [llength $rrs]
    for {set i 1} {$i<=[llength $rrs]} {incr i} {
        set rr [lindex $rrs [expr {$i-1}]]
        append additional "ad_name_" $i "=" [DNS::name $rr] " "
        append additional "ad_ttl_" $i "=" [DNS::ttl $rr] " "
        append additional "ad_class_" $i "=" [DNS::class $rr] " "
        append additional "ad_type_" $i "=" [DNS::type $rr] " "
        append additional "ad_data_" $i "=" [DNS::rdata $rr] " "     
    }
    set authority ""
    set rrs [DNS::authority]
    set num_answers_auth [llength $rrs]
    for {set i 1} {$i<=[llength $rrs]} {incr i} {
        set rr [lindex $rrs [expr {$i-1}]]
        append authority "auth_name_" $i "=" [DNS::name $rr] " "
        append authority "auth_ttl_" $i "=" [DNS::ttl $rr] " "
        append authority "auth_class_" $i "=" [DNS::class $rr] " "
        append authority "auth_type_" $i "=" [DNS::type $rr] " "
        append authority "auth_data_" $i "=" [DNS::rdata $rr] " "     
    }
    
    append logline "<190> vip=$vip client=$client_ip" " "
    append logline "q_name=[DNS::question name] q_type=[DNS::question type] q_class=[DNS::question class]" " "
    append logline "num_answers=$num_answers num_answers_add=$num_answers_add num_answers_auth=$num_answers_auth" " "
    append logline "$answer $additional $authority"
    HSL::send $hsl $logline
}