Remove active connections from backup system after return to normal

The iRule to syslog-ng message would be processed locally and wouldn't require an external syslog server. The one gap I see in this is that the initial trigger would require a new connection to be sent to the virtual server. So the deletion of the "bad" connection table entries wouldn't necessarily occur immediately after a higher priority pool member comes back up.

[LB::server priority] to check whether the selected pool member is a normal or low priority pool member: http://devcentral.f5.com/wiki/default.aspx/iRules/lb__server

A subtable accessed using the table command to track the flip from a low priority to high priority pool member: http://devcentral.f5.com/wiki/default.aspx/iRules/table

A user_alert.conf statement to call a shell script to delete the connection table entries: 'b conn help' and these steps:

1. Create a script file /usr/local/bin/mycustomscript.pl 

   vi /root/mycustomscript.pl

2. Add the script to the file and save: 

   !/usr/bin/perl
   system("echo Alert was triggered > /var/tmp/mycustomscriptoutput.txt");

3. Set the permissions on the file: 

   chmod 755 /root/mycustomscript.pl

4. Edit /config/user_alert.conf and add the following alert definition.  The quoted portion is a regex which must match the syslog message.

   alert my_custom_alert "this is the text we look for in the syslog message" {
      exec command="/usr/local/bin/mycustomscript.pl"
   }

5. Trigger the script: 

   logger -p local0.info "this is the text we look for in the syslog message"

6. Review the script action which was to create a file and output some text: 

    less /var/tmp/mycustomscriptoutput.txt

        Alert was triggered 

If you try this and get stuck, let us know. Else, if you get something working, it would be great if you could share an anonymized copy of it.

Thanks, Aaron