Forum Discussion
NimbostratusLogging http request via GTM /Global load balancing
Hello,
I would like to ask how to monitor the HTTP request coming from the client going to F5 GTM / VIP via global load balancing.
I found this irule, can I also run this on F5 GTM:
when HTTP_REQUEST { log local0. ""Source: [IP::client_addr] BASE URL:[HTTP::host][HTTP::uri] Hitting LB Server:[LB::server name]"" }
Also, is there a way to run the command "log local0" to monitor real time without creating an Irule?
Thanks.
2 Replies
VernonWellsEmployee
The DNS Services (aka GTM) module handles only DNS requests. What a requesting client does with the resulting address is not visible to GTM unless the address corresponds to a BIG-IP with an LTM/AFM/APM Virtual Server on that same GTM BIG-IP. That is a rare scenario.
So, typically, a client might perform an A record lookup for www.example.com. The GTM would have a WideIP with a pool, and would execute a health monitor against the members in the pool. Based on the load-balancing associated the WideIP and pool, as well as the results of the health monitors, the address of a single member will be returned. Let's say the address is 203.0.113.1. The client would then perform a TCP connection to 203.0.113.1. Usually, this is NOT a Virtual Server on the GTM, but is the IP address of some other system. If that's the case, the GTM would not be involved in any way in that TCP connection, and thus, cannot inspect that traffic.
John_Heyer_1508Cirrostratus
Vernon is correct; the GTM / BigIP-DNS module only deals with DNS queries and responses, not HTTP. logging at the iRule still possible, it would look something like this:
when DNS_REQUEST { log local0. "[IP::client_addr] made [DNS::question type] record query to [LB::server name]" }
