Forum Discussion

Tihomir_Hristov's avatar
Tihomir_Hristov
Icon for Nimbostratus rankNimbostratus
Apr 15, 2015

LTM Connection Loggin

Hey guys,   We have recently migrated to F5 HA pairs using SNAT and one of the requirements that came from our Security Group is logging every connection that passes through the F5 Load Balancers....
application delivery
design
logging
LTM
management
snat
Tihomir_Hristov's avatar
Tihomir_Hristov
Icon for Nimbostratus rankNimbostratus
Apr 15, 2015

Hello Nathan,

 

Thank you for the reply. Unfortunately, we are not licensed for AFM and it is not an option. I was thinking in the direction of enabling debug logging some of the LTM sub-modules (IP, network, ...) and finding that information there. I tried enabling notice for IP and debug for network but can't see anything helpful there.

 

Thanks

 

  • dragonflymr's avatar
    dragonflymr
    Icon for Cirrostratus rankCirrostratus
    Apr 16, 2015
    Just wild guess, maybe turning on Packet Filters with one rule for all traffic with Action: Accept and Logging: Enabled could be kind of workaround? Piotr
  • Tihomir_Hristov's avatar
    Tihomir_Hristov
    Icon for Nimbostratus rankNimbostratus
    Apr 23, 2015
    Hello Piotr, This is actually a good idea. I gave it a shot but as soon as I enable packet filter logging I start getting log throttling: Apr 23 17:34:02 slb1-f5 notice tmm[9030]: 01250002:5: Per-invocation log rate exceeded; throttling. I am trying to see how to bypass that problem. Thank will keep you guys posted