For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

bcrogerz's avatar
bcrogerz
Icon for Cirrus rankCirrus
May 24, 2010

Traffic Logs for Virtual IP

Hey all,

 

 

trying to find if we have a command to see the traffic logs on a VIP

 

I got a LTM running 9.4.5

 

 

i want to see the date and time of the traffic that hit a particular VIP

 

is this possible ?, right now i am able to see only the counters

 

 

Thanks in advance for helping

 

 

Cheers,

 

Roger

 

management
monitoring

3 Replies

  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    May 24, 2010
    Hi Roger,

     

     

    By default, LTM doesn't log details for every connection to a VIP. You could do this using an iRule, but it will have a performance cost. Here is an older logging iRule example:

     

     

    http://devcentral.f5.com/wiki/default.aspx/iRules/LogHttpTcpUdpToSyslogng

     

     

    For 9.4.0+ you can use log -remote to send UDP syslog messages to a remote server. This should be more efficient than logging through syslog-ng. See the log wiki page and an article from Deb for details:

     

    http://devcentral.f5.com/wiki/default.aspx/iRules/log

     

    http://devcentral.f5.com/Default.aspx?tabid=63&articleType=ArticleView&articleId=190

     

     

    If you can upgrade to v10.1.x, you could use the high speed logging (HSL) options for an even more efficient option:

     

    http://devcentral.f5.com/wiki/default.aspx/iRules/HSL

     

     

    Aaron
  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Feb 16, 2011
    9.4.x is going out of support soon, so it would be a good idea to upgrade to 10.2.x regardless. And as an added benefit, HSL should give a good performance improvement over the log command.

     

     

    Aaron