Forum Discussion
Steve_Sutton_87
Nimbostratus
Nimbostratuslog statement not logging?
Hi,
I'm trying to use the log statement to help me debug whether I'm passing through pieces of a rule. But I must be missing something, because nothing ever shows up in /var/log/bigip. Here's a simple test rule:
if (http_uri == "/") {
redirect to "https://%h/Epm1"
log "redirected blank URI"
}
else {
use pool main-qa-8080
}
Pretty simple. The rule is the resource of a virtual server which is the destination host of an ssl proxy. And the rule is working - that is, I can go to the URL which resolves to the ssl proxy: https://main-qa.blueroads.com and I successfully get redirected to https://main-qa.blueroads.com/Epm1. So clearly I'm passing through the if part of the rule. However, nothing ever shows up in /var/log/bigip.
Just to be sure it should be going to /var/log/bipip, I modified the rule to read:
if (http_uri == "/") {
redirect to "https://%h/Epm1"
log level0.info "redirected blank URI"
}
else {
use pool main-qa-8080
}
since level0.* is associated with /var/log/bigip in /etc/syslogd.conf.
What am I missing? Why am I not seeing entries in /var/log/bigip with my "redirected blank URI" message?
Cheers,
Steve
- The problem is that the redirect statement is a terminal statement. Execution of the statement list terminates after the execution of a redirect. Therefore, a log statement following a redirect is never executed.
In contrast, the use and log statements are non-terminal.
So, for example, all the statements in the list below would execute before the rule returns:
use pool my_pool
use snatpool my_snatpool
log "Hello"
To fix your problem, simply put the log statement before the redirect statement.
This limited statement list implementation was added as part of the Intelligent SNAT stealth feature and was poorly documented. - No problem.
I let Tech Pubs know that we need to fix this gap in our documentation.
