Request logging - log backend server name

Question

Referencing this document: https://techdocs.f5.com/kb/en-us/products/big-ip-aam/manuals/product/aam-concepts-11-6-0/30.html

I do not see an option for logging the backend server name that the request was dispatched to. Does the variable not exist? Or is it undocumented? If so, what is that variable?

I've tried $SERVER - which ocassionally returns the type of application server/version - eg. wildfly/10. I've tried SERVER_NAME (mirroring other structures and variables - CLIENT_IP, VIRTUAL_NAME, etc.) with no luck. And several other permutations.

Thanks,

Andrew

jg · Answer

I had the same problem, looking to log the "Host:" header of the incoming request with the request logging profile. TAC advised me to use an irule instead for this purpose.

andrew_nascimen · Answer

JG, using request logging for the "Host" header is actually very straight forward. "$Host" will work.

This is what my current request logging template looks like, json formatted:

{"DATE":"$DATE_MM/$DATE_DD/$DATE_YY", "TIME":"$TIME_MSECS", "CIP":"$CLIENT_IP", "VIP":"$VIRTUAL_IP", "PORT":"$VIRTUAL_PORT", "BACKENDPOOL":"$VIRTUAL_POOL_NAME", "BACKENDSERVER":"$SERVER_IP", "BACKENDPORT":"$SERVER_PORT", "METHOD":"$HTTP_METHOD", "HOST":"$Host", "PATH":"$HTTP_PATH", "QUERY":"$HTTP_QUERY", "STATUS":"$HTTP_STATCODE", "REFERER":"$Referer", "USERAGENT":"${User-agent}", "SESSIONID":"${Cookie[SESSION]}", "XFF":"${X-Forwarded-For}", "LOCATION":"${Location}", "URI":"$HTTP_URI"}

I historically have had issues with using an iRule for logging. It also means that I need to bind that iRule to every single VIP - which isn't as scalable as enabling a request logging profile with the default setting turned on.

Hopefully, this helps you out.

jg · Answer

Are you sure it logs the "Host" header in the request and not the name of the F5 virtual server? To me, it seems it should be called something like "HTTP_HOST" instead. if it does work, it is certainly not documented for this profile of request logging, and F5 TAC knew nothing about it when I asked them.

andrew_nascimen · Answer

Positive (if you want screen captures I can set up a quick test).&nbsp;If you want to log the VIP Name, $VIRTUAL_NAME is the variable you are looking for.​$Host will capture the host header.  It is undocumented in the article I linked above.  I just experimented because of the column "Log entry file description" for the $NCSA_COMBINED variable contained a couple of headers.&nbsp;The one thing I found strange about logging the headers is it seems to allow "$Host" and ${Host}.​Looking at my code above I am inconsistent:​ex. I use $Host and ${Location}.​I should be consistent and instead use:${Host} and ${Location}  -or- $Host and $Location&nbsp;I'm thinking that I am going to update my template though to be "${Host}" and "${Location}".&nbsp;Apart from the "consistency" argument, there is another reason to use the curly braces. Also currently undocumented, but an engineer is working on getting the documentation updated.&nbsp;If you try logging the "Cookie" header - you'll realize it captures the entire contents of the header.  Which can be rather cumbersome and unsightly, and not very helpful if you're trying to log one cookie in particular and gather metrics on it. The fix (shown in my template above) is to wrap the header in curly braces and the specific cookie in brackets - see below:&nbsp;"${Cookie[SESSION]}"&nbsp;This will explicitly log just the session cookie, should it exist.&nbsp;Hopefully that helps.

Forum Discussion

Request logging - log backend server name

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Logging of DNS Requests and Responses without a DNS license

Reminder: MFA now required to log in to DevCentral

Global Log Receiver

HSL logging fully asycnronous? Using HSL::send via iRule - will it pause http processing of request?

Select Request Logging Profile via iRule

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS