Forum Discussion
CirrusiRule for Logging of traffic going through Virtual Server IP
I have applied an iRule of Proxy pass on VS and it distribute traffic between 40 pools on the bases of Proxypass. How can i log traffic which tell client IP, server IP, Proxy pass, pool. Is there anyway to include proxypass and pool in logs.
2 Replies
StephanMantheyNacreous
Hi Muhammad,
you can use log statements in the context of LB_SELECTED and SERVER_CONNECTED.
The SNAT address will not be available before the serverside connection is established (SERVER_CONNECTED context).
The result of [LB::server] is available in the context of SERVER_CONNECTED as well. Please consider the impact of OneConnect in case you have it enabled.
The sample statements below can be used for logging:
when RULE_INIT { set static::logging_enabled 1 } when LB_SELECTED { if { $static::logging_enabled > 0 } { log local0. "client: <[clientside {IP::remote_addr}]>, port <[clientside {TCP::remote_port}]>, virtual: <[clientside {IP::local_addr}]>, port <[clientside {TCP::local_port}]>, selected: <[LB::server pool]>, server: <[LB::server addr]>" } } when SERVER_CONNECTED { if { $static::logging_enabled > 0 } { log local0. "original client IP: <[clientside {IP::remote_addr}]>, port <[clientside {TCP::remote_port}]>" log local0. "virtual server IP: <[clientside {IP::local_addr}]>, port <[clientside {TCP::local_port}]>" log local0. "serverside source address (oiginal client IP or SNAT): <[serverside {IP::local_addr}]>, port: <[serverside {TCP::local_port}]>" log local0. "real server address: <[serverside {IP::remote_addr}]>, port: <[serverside {TCP::remote_port}]>" } }Please consider as well to use the so called High Speed Logging (HSL) capabilities as logging to a local log facility may result in high I/O and high CPU consumption.
Thanks, Stephan
- Kaul_DURBARRY_2
Nimbostratus
Wow it saved my life
thanks for the irule example
