Forum Discussion
cjbarr1234
Altostratus
AltostratusRequest Logging verification
Hello,
We have an iRule solution that is utilizing high-speed logging profile. We'd like to leverage HSL/rsyslog via the request-logging profile that is tied into LTM. In looking into this - it doesn't seem hard to integrate at all; however I am running into issues where it isn't picking up anything. Are you able to look into the code on what I'm trying to gather, but also verify I have request-logging profile converted.
when CLIENT_ACCEPTED {
set client [IP::client_addr]
set client_req_start_time [clock clicks -milliseconds]
}
when SERVER_CONNECTED
{
set server_req_start_time [clock clicks -milliseconds]
}
when HTTP_REQUEST_SEND
{
set http_req_send_start_time [clock clicks -milliseconds]
set node_elapsed_time [expr {$http_req_send_start_time - $server_req_start_time}]
}
when HTTP_REQUEST {
set client_latency [expr {[clock clicks -milliseconds] - $client_req_start_time} ]
set vhost [HTTP::host]:[TCP::local_port]
set url [HTTP::uri]
set method [HTTP::method]
set http_version [HTTP::version]
set user_agent [HTTP::header "User-Agent"]
set tcp_start_time [clock clicks -milliseconds]
set req_start_time [clock format [clock seconds] -format "%Y/%m/%d %H:%M:%S"]
set req_elapsed_time 0
set virtual_server [LB::server]
if { [HTTP::header Content-Length] > 0 } then {
set req_length [HTTP::header "Content-Length"]
if {$req_length > 4000000} then {
set req_length 4000000
}
HTTP::collect $req_length
} else {
set req_length 0
}
if { [HTTP::header "Referer"] ne "" } then {
set referer [HTTP::header "Referer"]
} else {
set referer -
}
}
when HTTP_RESPONSE {
set hsl [HSL::open -proto TCP -pool logInsight_pool_syslog]
set resp_start_time [clock format [clock seconds] -format "%Y/%m/%d %H:%M:%S"]
set node [IP::server_addr]:[TCP::server_port]
set status [HTTP::status]
set req_elapsed_time [expr {[clock clicks -milliseconds] - $tcp_start_time}]
set server_latency [expr {[clock clicks -milliseconds] - $server_req_start_time} ]
if { [HTTP::header Content-Length] > 0 } then {
set response_length [HTTP::header "Content-Length"]
} else {
set response_length 0
}
HSL::send $hsl "<190>f5_web_access_info|$vhost|$virtual_server|$client|$method|\"$url\"|HTTP/$http_version|$req_start_time|$req_length|$req_elapsed_time|$node|$status|$resp_start_time|$response_length|$user_agent|$client_latency|$server_latency|\"$referer\"\r\n"
}
Trying to change the iRule to specifically just be a request logging profile:
<190>f5_web_access_info|\$VIRTUAL_NAME\:\$VIRTUAL_PORT\|\$BIGIP_HOSTNAME\|\$CLIENT_IP\|\$HTTP_METHOD\|\"$HTTP_REQUEST\$HTTP_URI\"|\HTTP:/$HTTP_VERSION\|\$DATE_YYYY-$DATE_MM-$DATE_DDT$TIME_HH24:$TIME_MM:$TIME_SS$TIME_OFFSET 00\|\$RESPONSE_MSECS\|\$SERVER_IP\|\"$HTTP_STATCODE"\|\$RESPONSE_SIZE\|\$User-agent}\
Does this work? Can you validate it?
1 Reply
cjbarr1234Bump..
