Forum Discussion
Muhammad_Irfan1
Cirrus
CirrusiRule for Logging of traffic going through Virtual Server IP
I have applied an iRule of Proxy pass on VS and it distribute traffic between 40 pools on the bases of Proxypass. How can i log traffic which tell client IP, server IP, Proxy pass, pool. Is there any...
StephanManthey
Nacreous
NacreousHi Muhammad,
you can use log statements in the context of LB_SELECTED and SERVER_CONNECTED.
The SNAT address will not be available before the serverside connection is established (SERVER_CONNECTED context).
The result of [LB::server] is available in the context of SERVER_CONNECTED as well. Please consider the impact of OneConnect in case you have it enabled.
The sample statements below can be used for logging:
when RULE_INIT {
set static::logging_enabled 1
}
when LB_SELECTED {
if { $static::logging_enabled > 0 } {
log local0. "client: <[clientside {IP::remote_addr}]>, port <[clientside {TCP::remote_port}]>, virtual: <[clientside {IP::local_addr}]>, port <[clientside {TCP::local_port}]>, selected: <[LB::server pool]>, server: <[LB::server addr]>"
}
}
when SERVER_CONNECTED {
if { $static::logging_enabled > 0 } {
log local0. "original client IP: <[clientside {IP::remote_addr}]>, port <[clientside {TCP::remote_port}]>"
log local0. "virtual server IP: <[clientside {IP::local_addr}]>, port <[clientside {TCP::local_port}]>"
log local0. "serverside source address (oiginal client IP or SNAT): <[serverside {IP::local_addr}]>, port: <[serverside {TCP::local_port}]>"
log local0. "real server address: <[serverside {IP::remote_addr}]>, port: <[serverside {TCP::remote_port}]>"
}
}
Please consider as well to use the so called High Speed Logging (HSL) capabilities as logging to a local log facility may result in high I/O and high CPU consumption.
Thanks, Stephan
