For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Hamish's avatar
Hamish
Icon for Cirrocumulus rankCirrocumulus
Oct 30, 2013

Request Logging Other (APM) Information

Does anyone know if there's a (undocumented presumably since I haven't managed to find one yet) way to get the request logging profile to add in information from modules such as APM?   It would be...
BIG-IP Access Policy Manager (APM)
security
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Oct 30, 2013

The request logging profile is a little odd with an APM profile, as it generally triggers on every request, even the ones that should be hidden inside the APM access session evaluation. That said, you could technically create a set of HTTP headers that the request logging profile can consume, and then delete them just before sending the traffic off to the server.

when ACCESS_ACL_ALLOWED {
    HTTP::header insert "USER" [ACCESS::session data get session.logon.last.username]
}
when HTTP_REQUEST_RELEASE {
    HTTP::header remove "USER"
}

And then in the request logging profile, you'd just capture ${USER}. I think though, for the complexity of this, that you're probably better off doing HSL in an iRule to capture what you want.