Forum Discussion
AltostratusiRule to log how many requests are being caught by existing iRule
So I have an existing iRule that handles some redirecting of a specific context path over to the root context path:
when HTTP_REQUEST {
set context_root "/audit"
if { [HTTP::path] starts_with $context_root } {
switch [HTTP::path] {
"/audit" {
HTTP::uri "/?[HTTP::query]"
HTTP::path "/"
}
default {
set substr_uri [substr [HTTP::uri] [string length $context_root]]
set substr_path [substr [HTTP::path] [string length $context_root]]
HTTP::uri $substr_uri
HTTP::path $substr_path
}
}
}
}
What I am wanting to capture are the source IPs of requests that are coming in with that /audit context path. Is it possible to add in some HSL to this existing iRule? Or would it be better to create a new HSL iRule to capture that traffic first before it gets captured by the above iRule?
1 Reply
- Kai_Wilke
MVP
Hi Brad,
Performance-wise it's slightly more effective to integrate the HSL command into the existing iRule. In this case your F5 doesn't need to parse the HTTP::path twice to check if
is requested./audit*Management-wise its up to you. Both approaches are absolute valid...
The integration of HSL is rather simple. You may take a look to the iRule below to see how the HSL can be integrated in your existing iRule.
when CLIENT_ACCEPTED { set hsl_handle [HSL::open -proto -pool ] } when HTTP_REQUEST { set context_root "/audit" if { [HTTP::path] starts_with $context_root } { HSL::send $hsl_handle "<135> Audit access: [IP::client_addr]\n" switch [HTTP::path] { "/audit" { HTTP::uri "/?[HTTP::query]" HTTP::path "/" } default { set substr_uri [substr [HTTP::uri] [string length $context_root]] set substr_path [substr [HTTP::path] [string length $context_root]] HTTP::uri $substr_uri HTTP::path $substr_path } } } }Cheers, Kai
