Hi,
I have done some check on the F5 DevCentral forum (https://devcentral.f5.com/Community/GroupDetails/tabid/1082223/asg/50/aft/8888/showtab/groupforums/Default.aspx) and they mentioned that it can be done via the iRule. Please refer to the below for the script to log the HTTP connection.
HTTP logger rule:
when HTTP_REQUEST {
set the URL here, log it on the response
set url [HTTP::header Host][HTTP::uri]
set vip [IP::local_addr]:[TCP::local_port]
}
when HTTP_RESPONSE {
set client [IP::client_addr]:[TCP::client_port]
set node [IP::server_addr]:[TCP::server_port]
set nodeResp [HTTP::status]
log connection info
log local0.info "Client: $client -> VIP:$vip$url -> Node: $node with response $nodeResp"
}
Thus, I would like to check with you that do I need to input any values to the portion in bold & italic or just leave it as default?
On top of that, if all these logs are to be send to the remote syslog server,
1) Will F5 auto log to the logs to remote server? or 2) Do I still need to configure the syslog-ng to send the log to the remote server? after I have configure the remote syslog server to the F5.
Thks and Rgds