Forum Discussion
LTM Logs for a specific pool member
Hi all, We are using Advanced Web "Application Firewall,i10800 (BIG-IP 13.1.1.2 Build 0.0.4)". We have installed it recently. There are many pools configured here. Lets say one of these is "pool_yyyy". Its has two members. But we don't get any log when one of the members is down. Only get the logs mentioning if pool has available members or not like below:
*Feb 25 11:10:58 XXXXXXX-vCMP1 err tmm[11818]: 01010028:3: No members available for pool /Common/pool_yyyy Feb 25 11:11:06 XXXXXXX-vCMP1 notice tmm3[11818]: 01010221:5: Pool /Common/pool_yyyy now has available members *
I have checked the past 3 days log. There are no logs for a specific pool member for any pool
How can I get logs like below:
Line 38412: Oct 16 17:08:42 PBV-AAA-BBB notice bigd[4898]: 01060145:5: Pool /Common/pool_kkkk member /Common/bbb.rrr.com-10.101.5.160 monitor status down. [ /Common/https: DOWN ] [ was checking for 0hr:2mins:35sec ]
It would be great if anyone can help me
Thanks in advance - Zobaarul
By default the F5 should be logging when individual pool members fail their health monitor checks.
The syslog message ID for a pool member going down is
and the severity level is 5 (notifications). You may want to try filtering the LTM logs based on this message ID01070638
Example SysLog message
Feb 25 08:37:21 localhost.localdomain notice mcpd[7279]: 01070638:5: Pool /Common/POOL-192.168.1.101 member /Common/172.24.32.11:80 monitor status down. [ /Common/tcp: down; last error: ] [ was unchecked for 0hr:1min:8sec ]
Have you modified the syslog configuration by any chance?
What do you get from the following command?
list sys syslog all-properties
- Root44
Altostratus
Few things, if there is no status change then I don't think you will be able to see it.
Else, try the below command:
tmos bash
LTM cd /var/log
log cat ltm | grep pool_name (example-443 or example)
Live troubleshooting: tail -f /var/log/ltm
- zobaarul_333371
Nimbostratus
Thanks for the feedback. I have found message ID 01070638 only for the pool members configured using IP address. But Most of the members are configured using FQDN. For such members(with FQDN), there's no syslog message with ID 01070638
Syslog configuration has not been changed. Recent changes was 5250V-12.1.3.1 ---> 5250V 12.3.1.7 ----> i10800 13.1.1.2. I think this has started after 5250V-12.1.3.1 ---> 5250V 12.3.1.7 update.
During 5250V 12.3.1.7 ----> i10800 13.1.1.2, back was restored in the new one and configuration is the same in both.
Sys log output is long. Should I post it here?
Hi,
I have labbed this and I managed to replicate the issue. I am only seeing log messages in /var/log/ltm for individual pool members going up/down for non-FQDN nodes. I even tried turning on bigd debugging, but it still did not help.
I would recommend raising a support case with F5 for this issue.
- zobaarul_333371
Nimbostratus
Ok I'll do that. Thanks a lot for your co-operation
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com