Forum Discussion
Virtual server traffic logs not coming in F5 or Remote logging
Hi Muthu_435 ,
From your query , I see you need to log all traffic , which is a bad approach no need for that.
You need to log all traffic in troubleshooting by Taking Packet captures / or assigning irule or Local traffic policy to do that.
It's applicable yes , but in heavy virtual servers / Websites , you will fill your Log files with un needed info for normal users.
But you still can do it.
create simple LTM policy and Log ( Client address , Virtual server Local address ) also you can Log almost any information in each request , but this a bad approach and recommended to keep your logfiles for errors / or alarms only.
Code
when CLIENT_ACCEPTED {
set client "[IP::client_addr]:[TCP::client_port]"
set vip "[IP::local_addr]:[TCP::local_port]"
set snat "unknown"
set node "unknown"
}
when SERVER_CONNECTED {
set snat "[IP::local_addr]:[TCP::local_port]"
set node "[IP::server_addr]:[TCP::server_port]"
}
when CLIENT_CLOSED {
log connection info
log local0.info "Client $client -> VIP: $vip -> SNAT: $snat -> Node: $node"
}
This is a sample irule for that , I haven't test it but it's logic looks fine.
but as I said this is a bad approch , use it only for debugging or troubleshooting and disable it in normal scenarios / cases.
I hope this helps you 🙂
- Muthu_435Jun 01, 2023Nimbostratus
Hello Mohamed_Ahmed_Kansoh
Thanks for your quick response. We are trying it new and Just wanted to confirm which IP address which should be added in Client,server and VIP?
We have created a pool with our Website IP and created a Virtual server. Also created a LTM policy and action is set as Log at request time. Please find the attach screenshot for reference.
Your help will be of great assist to us.
Thanks
Muthu Mahadevan- Jun 01, 2023
Hi Muthu_435 ,
you're missing something :
you have to add the below tcl Script in the message box :tcl:[IP::client_addr]
To Log the Client Ip address Accorfing to this Article :
https://my.f5.com/manage/s/article/K06107145#:~:text=You%20can%20log%20the%20client's,and%20click%20Create%20Policy%20button.
> Also you can creat several actions of logs to log virtual server and SNAT IP and the selected pool member address or server address and port..
> Also I will show you a Devcentral Article , I replied back with the some of available scripts can be used in logging by LTM policies , you can check it in this LINK :
https://community.f5.com/t5/technical-forum/local-traffic-policy-for-creating-logging-profile/td-p/315594
> Also you can use the irule that I sent to test that.
But please don't forget to remove irules/ LTM policies after fininshing the TEST. - Jun 01, 2023
just I edited my last reply , look at it 🙂
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com