Log client to vip connections

Problem this snippet solves:

This iRule generates an entry in a log file whenever somebody connects to a virtual server. I haven't tested it extensively to find the exact meaning of CLIENT_ACCEPTED. Since the iRule gets connected to a VIP, it is not as universal as I would like it to be. You have to connect it to multiple VIPs if you want to log all of the traffic through your LTM.

The log messages show up in /var/log/ltm. You can pull them out of the log file easily by grepping for TCP_logging.

Code :

rule TCP_logging {
      set remote [IP::remote_addr]:[TCP::remote_port]
      set vip [IP::local_addr]:[TCP::local_port]
      log "Rule TCP_logging fired, from $remote to vip $vip"
Published Mar 18, 2015
Version 1.0

Was this article helpful?

1 Comment

  • Tom_K's avatar
    Icon for Nimbostratus rankNimbostratus

    I have a related question, I would like to log all CLIENT_CLOSED connection events. Is there a global place to put an IRULE as opposed to putting the IRULE on every virtual server ? Thanks, Tom