Forum Discussion
Bryan_Lehr_1032
Nimbostratus
NimbostratusiRule to log connection information
The *new* forum search features dont seem to be returning anything...
I am looking for an iRule or suggestions in writing one to log HTTPS connection retries and or drops.
Thanks a...
Andy_Herrman_22Nimbostratus
NimbostratusAn iRule might not be able to detect these things easily, but if the iRule logs everything you could use a separate tool to process those logs.
For instance, if you want to look for requests for the same URI from the same client within a short period of time, have the iRule log all requests, including the timestamp, URI requested, and client IP. Then, throw together s script that analyzes the logs and outputs any requests with the same URI/clientIP that happen within some small period of time. It won't give you realtime detection, but could be at least somewhat useful for statistical purposes (though you could have a decent amount of error due to the uncertainties you mentioned).
Of course, doing this could fill up your logs very quickly. You'd probably want to use rotating logs and delete the files you analyze after the analysis is complete.
It's not perfect, but it might be enough to be useful.
