Forum Discussion

Andrew_Nascimen's avatar
Andrew_Nascimen
Icon for Nimbostratus rankNimbostratus
Nov 08, 2019

Request Logging - Session Cookie only

Hit a bit of a snag here. I'm using request logging profiles to log any and all web traffic.   We have a case where we need to log the $Cookie header. Easy enough to just say "$Cookie" in the te...
  • Andrew-F5's avatar
    Andrew-F5
    Nov 11, 2019

    Andrew,

     

    Years ago there was a feature request for logging a specific cookie via a request log profile tracked as ID455091 but I can't find any information that implies it was adopted into a future release.

     

    Can you try the following syntax in your template?

    ${Cookie[first]}

    • Where 'first' is the name of your cookie.

     

    Best,

    Andrew

jba3126's avatar
jba3126
Icon for Cirrus rankCirrus
Feb 15, 2023

Andrew-F5 not sure if you put the K article together, but what I've found is you can extract what you observe in the header.  For example, if I use a Cookie=$[Set-Cookie} it logs all cookies with the Set-Cookie value in the response including the attributes which is super helpful.
Example:
Cookie=ASP.NET_SessionId=oeevlmocqptxwilyqx1b52ig; path=/; HttpOnly; SameSite=Lax, ASP.NET_SessionId=oeevlmocqptxwilyqx1b52ig; path=/; HttpOnly; SameSite=Lax, _op_aixPageId=1278498b-aa71-48f5-b684-247fd2bf4d03-6812-3828; path=/; HttpOnly, DEV-Cookie=1295065098.64288.0000; path=/; Httponly; Secure.
In addition, there was a Trace ID that is injected in which I did a Trace_ID=${X-OPNET-Transaction-Trace}, yielded:
Trace_ID=1278498b-aa71-48f5-b684-247fd2bf4d03-6812-3828

My only challenge is formatting at this point to make it easy for our Splunk engineers.