Track VDI sessions with APM not deployed

Question

Hello community,Can someone pleae point me in the right direction..I'm trying to see/track VDI sessions on the F5 for a virtual server that APM wasn't deployed for. I can go under Active sessions to see connected VDI user for the virtual server that has APM deployed but need to be able to see active sessions where APM wasn't deployed.&nbsp;Thank&nbsp;JRahm&nbsp;

alexbct · Answer

Hi Olayinka,&nbsp;
Are you looking for the number of connections through that virtual server, or for specific usernames/other information about the connections?&nbsp;
The number of connections can be found under&nbsp;Statistics&nbsp;&nbsp;››&nbsp;&nbsp;Module Statistics&nbsp;:&nbsp;Local Traffic&nbsp;&nbsp;››&nbsp;&nbsp;Virtual Servers : &lt;&lt;name of virtual server&gt;&gt;&nbsp; , and look under the heading "Connections".&nbsp;
If you are looking for more detailed information, that may be difficult as most of these VDI protocols are encrypted and won't allow the information to be visible, unless you are using APM. You may be able to do something with iRules if you can tell which protocol the VDI connections are using, but no guarantee.&nbsp;
Hope this helps.&nbsp;

psfletchthetek · Answer

Hi ya,Or to ask the question, what are you trying to track?Dependant on which VDI platform you are using, there might be many connections (TCP) being opened up forming one or more sessions. If horizon for example that could be https and blast which is two different sessions.Also if you are looking at auth, the f5 needs to be aware or understand who has logged in for you to be able to identify that further. I've seen it done via APM with just a pass through which sort of works as long as the same user there logs into horizon.If you haev the enterprise license for horizon and are using the saml integration then it would be much simpler with APM, but you did mention you didn't have APM in your use case.Another useful thing could be cookies.You can use that at LTM, (cookie persistnace) APM and ASM and then see what that information brings.But if you use LTM on its own, it won't be user aware. So you'll only be able to look at IP, which can be a bit misleading when looking at the VDI end, something like XFF might help but it will depend if you VDI package can read and report on XFF headers and then map this back to the user in your VDI platform.Hope that makes a little sense!

olayinka-f5lb · Answer

Are you looking for the number of connections through that virtual server, or for specific usernames/other information about the connections? --- Specific usernames.

You may be able to do something with iRules if you can tell which protocol the VDI connections are using, but no guarantee. --- Can you please share a template that I can use here?

Thanks

Forum Discussion

Track VDI sessions with APM not deployed

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

F5 XC Session tracking with User Identification Policy

Re: Deploying F5 Distributed Cloud WAAP on Kubernetes

Deploying F5 Distributed Cloud Customer Edge in Red Hat OpenShift Virtualization

Workshop: Deploy BIG-IP Cloud through Automation

Deploying F5 BIG-IP with Azure Cross-region load balancer

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS