Forum Discussion
6 Replies
Sort By
- Ah_Fat_2262NimbostratusHi,
- hooleylistCirrostratusHi Ah Fat,
- Ah_Fat_2262NimbostratusHi Aaron,
- hooleylistCirrostratusYou could use the second example exactly as it is. Or if you want to log just on the HTTP response you could use this:
when RULE_INIT { Save the name of the BIG-IP set static::bigip [info hostname] Set the log facility Ex: <191> = local7.debug See RFC 3164 Section 4.1.1 - "PRI Part" or https://devcentral.f5.com/wiki/iRules.HSL__send.ashx for more info set static::facility <191> Add the facility and hostname to the log prefix set static::hsl_prefix "$static::facility|host=$static::bigip" } when CLIENT_ACCEPTED { Open a new high speed logging connection to the syslog pool named syslog_server_pool set hsl [HSL::open -proto UDP -pool syslog_server_pool] Append the client IP:port to a local copy of the log prefix so we can log it in SERVER_CLOSED set hsl_prefix "${static::hsl_prefix}|client=[IP::client_addr]:[TCP::client_port]" } when HTTP_REQUEST { Get time for start of HTTP request set http_request_time [clock clicks -milliseconds] set url "[HTTP::host][HTTP::uri]" } when HTTP_RESPONSE { Received the response headers from the server. Log the pool name, IP and port, status and time delta between HTTP request headers received from client and respnse headers recieved from server HSL::send $hsl "$hsl_prefix|event=HTTP_RESPONSE|url=$url|vs=[clientside {IP::local_addr}]:[clientside {TCP::local_port}]\ |http_status=[HTTP::status]|http_request_response_delta_ms=\ [expr {[clock clicks -milliseconds] - $http_request_time}]|desc=HTTP response|\n" }
- Ah_Fat_2262NimbostratusHi Aaron,
- hooleylistCirrostratusAll you should need to do is define your syslog server in a pool named syslog_server_pool: