Logs of traffic to /tophat/tophat.js for the past week?

Question

I was tasked with finding out information about traffic to a few hosts we have that hit a Virtual IP on the BIG-IP F5.  They're trying to figure out who's still using the original Tophat and hasn't switched over to tophat2.  I'm not entirely sure of where to start on this.  Is there a way to capture this information from the last 7 days from Analytics in BIG-IP or other logs?

simon_blakely · Answer

Unless you have an existing Analytics profile applied to the virtual server, the answer is no.

The LTM (by default) does not log information on traffic passing through a virtual server.

You can collect data with an Analytics profile (if AVR is provisioned), or apply a Request Logging profile - preferably to an off-box logging solution (like Splunk/ArcSight).

Otherwise, you need to write an iRule to do this logging.

Can this data be extracted from the pool member logs using X-Forwarded-For headers to identify incoming IP addresses?

Forum Discussion

Logs of traffic to /tophat/tophat.js for the past week?

1 Reply

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Illegal Metacharacter in Parameter Name in Json Data

Cisco TACACS+ Config on ISE LTM Pair

AS3 declaration to set cookie to preferred

SSL Bridging and FQDN rewrite Policy

Checking for X-Forwarded-For against an Address Data-Group

Related Content

A long week of breaches - Jan 7th - 13th, 2023, F5 SIRT - This Week in Security

Community Highlights, Week 15 '23

Community Highlights, Week 45, '22

Community Highlights, Week 34, '22

Community Highlights, Week 7 '23

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS