Forum Discussion

6 Replies

  • where do you need to print them? in the log? would an log event in the VPE be an option?
  • Hamish's avatar
    Icon for Cirrocumulus rankCirrocumulus

    If you just need it from the command line on the fly you can use sessiondump to get a list of all the session variables for a session (Or all sessions).




  • Paolo_Arcagni_9's avatar
    Historic F5 Account
    The APM log is fine. I tried with a VPE logging block, but it does not print anything. Looking around and playing with APM as SP too I found out that the SP is populating those kind of variable and you can access them and log them? The IdP is not doing the same. Moreover, the SAML debug log appears to be broken in every TMOS release but not 11.4.0HF4 which should be the right release to use up to now for stuff related to SAML.
  • The best option is to use the Reports but another thing that you might need to look is your Idp set to Log Level = debug you'll get more details. Set logging level for IdP > Saml IdP > Edit IdP set log level = Debug For the reports Access Policy > Reports To see the APM use a putty session and run tail -f /var/log/apm


  • Trying the same (v12.0) but neither sessiondump nor report shows the session.saml* variables.


    IdP object, log level=debug... Access-profile+sso=debug.