Forum Discussion
iRule periodic logging
Thank you all for the answers!
Main goal of iRule is to monitor number of users logged into an appication and, if number exceed a limit, to block access for new users into application.
iRule is working fine for me, but I have been requested to send periodically number of active users so we can set thresholds correctly and this was something I did not know how to do.
I already solved problem thanks to CA_Valli idea altough I used tables in my iRule I did not think it can have such a simple solution (may not work correctly for low number of requests).
if { [table lookup -notouch "timer_check"] != "Y" } {
log local0. "Number of users: [table keys -subtable $tbl_conns -count]"
table set "timer_check" "Y" 10
}
I set up value in table with timeout 10 and everytime value timeouted I send log message and set up value again. Worked correctly for me with about 50 requests per second, not tested for higher number yet.
Usually this information is fed into some monitoring system. Many of these poll for information. So you can setup a different kind of response on a reporting virtual server which the monitoring system can poll for the user information. I've used this to provide detailed staticstics about iRule solutions as a full HTML page or JSON output shown below.
when HTTP_REQUEST {
if {[HTTP::uri] starts_with "/monitor"} {
response = "{ \"users\": [table keys -subtable $tbl_conns -count] }"
HTTP::respond 200 content $response Content-Type "application/json; charset=UTF-8" Connection "Close"
}
}
With the above attached to a virtual server 10.10.10.10:80 you can give the monitoring system http://10.10.10.10/monitor to get the JSON response below. Most monitoring systems can easily consume this.
{ "users": 10 }
I hope that helps!
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com