Forum Discussion
David_Noonan_67
Nimbostratus
NimbostratusWould this rule cause user problems?
I want to use HSL to log connections but I want one URI to get a slightly modified log entry. I can up with this modification of a working rule. The original logged on SERVER_CONNECTED but that didn't...
hooleylist
Cirrostratus
CirrostratusHi David,
A server hasn't been selected in HTTP_REQUEST so you can't access the server IP in that event. I'd move the HSL::send command to SERVER_CONNECTED and save the values you need for any HTTP request command values to local variables in HTTP_REQUEST.
Here's an example:
when CLIENT_ACCEPTED {
set hsl_conn [HSL::open -proto UDP -pool syslog-pool]
}
when HTTP_REQUEST {
set FrontEnd "[IP::client_addr]:[TCP::client_port] <-> [clientside {IP::local_addr}]:[clientside {TCP::local_port}]"
set Uri [string tolower [HTTP::uri]]
}
when SERVER_CONNECTED {
set BackEnd "[IP::local_addr]:[TCP::local_port] <-> [serverside {IP::remote_addr}]:[TCP::server_port]"
if {$Uri equals "/foobar/foobarweb/login.aspx"} {
HSL::send $hsl_conn "<190> HSL: FooBar: $FrontEnd | $BackEnd"
}
else {
Log connection details as local7.info; see RFC 3164 Section 4.1.1 - "PRI Part" for more info
HSL::send $hsl_conn "<190> HSL: $FrontEnd | $BackEnd"
}
}
Also, you could add logic to your HTTP redirect rewriting rule to handle a null or non-existent host header. You could set some default value if it's not present in the request.
The two iRules should work find on the same virtual server.
Aaron