Forum Discussion
Pav_70755
Oct 18, 2011Nimbostratus
Shoudl something like this work combining the two rules?
i guess i would need one to log http traffic under http_mx_log and one for tcp under tcp_mx_log?
when HTTP_REQUEST {
set the URL here, log it on the response
set url [HTTP::header Host][HTTP::uri]
set vip [IP::local_addr]:[TCP::local_port]
}
when HTTP_RESPONSE {
set client [IP::client_addr]:[TCP::client_port]
set node [IP::server_addr]:[TCP::server_port]
set nodeResp [HTTP::status]
local0.* /var/log/ltm
filter f_local0 {
facility(local0) and level(info..emerg) and not match("http_mxa_log") and not match("http_mxb_log");
};
destination d_ltm {
file("/var/log/ltm" create_dirs(yes));
};
log {
source(local);
filter(f_local0);
destination(d_ltm);
}