Log Tcp And Http Request Response Info

Problem this snippet solves:

This iRule logs a line for the following events:

  • when a new TCP connection is established with a client
  • when the HTTP headers of an HTTP request are received from the client
  • when the HTTP headers of an HTTP response are received from the pool member
  • when the TCP connection with a client is closed

Code :

# Here is a sample of the log output for a single TCP connection with three HTTP requests:

: New TCP connection from 192.168.99.210:2675 to 192.168.101.41:80

:    Client 192.168.99.210:2675 -> test_http_vip/test0.html?parameter=val (request)
:   Client 192.168.99.210:2675 -> test_http_vip/test0.html?parameter=val (response) - pool info http_pool 192.168.101.45 80  - status: 200 (request/response delta: 0ms)

:    Client 192.168.99.210:2675 -> test_http_vip/test1.html?parameter=val (request)
:   Client 192.168.99.210:2675 -> test_http_vip/test1.html?parameter=val (response) - pool info http_pool 192.168.101.45 80  - status: 200 (request/response delta: 0ms)

:    Client 192.168.99.210:2675 -> test_http_vip/test2.html?parameter=val (request)
:   Client 192.168.99.210:2675 -> test_http_vip/test2.html?parameter=val (response) - pool info http_pool 192.168.101.45 80  - status: 200 (request/response delta: 1ms)

:   Closed TCP connection from 192.168.99.210:2675 to 192.168.101.41:80 (open for: 1078ms)

when CLIENT_ACCEPTED {
# Get time for start of TCP connection in milleseconds
set tcp_start_time [clock clicks -milliseconds]

# Log the start of a new TCP connection
log local0. "New TCP connection from [IP::client_addr]:[TCP::client_port] to [IP::local_addr]:[TCP::local_port]"
}
when HTTP_REQUEST {
# Get time for start of HTTP request
set http_request_time [clock clicks -milliseconds]

# Log the start of a new HTTP request
set LogString "Client [IP::client_addr]:[TCP::client_port] -> [HTTP::host][HTTP::uri]"
log local0. "$LogString (request)"
}

when LB_SELECTED {
log local0. "Client [IP::client_addr]:[TCP::client_port]: Selected [LB::server]"
}
when LB_FAILED {
log local0. "Client [IP::client_addr]:[TCP::client_port]: Failed to [LB::server]"
}
when SERVER_CONNECTED {
log local0. "Client [IP::client_addr]:[TCP::client_port]: Connected to [IP::server_addr]:[TCP::server_port]"
}
when HTTP_RESPONSE {
# Received the response headers from the server.  Log the pool name, IP and port, status and time delta
log local0. "$LogString (response) - pool info: [LB::server] - status: [HTTP::status] (request/response delta: [expr {[clock clicks -milliseconds] - $http_request_time}] ms)"
}
when CLIENT_CLOSED {
# Log the end time of the TCP connection
log local0. "Closed TCP connection from [IP::client_addr]:[TCP::client_port] to [IP::local_addr]:[TCP::local_port] (open for: [expr {[clock clicks -milliseconds] - $tcp_start_time}] ms)"
}
Published Mar 18, 2015
Version 1.0
application delivery
iRules
reporting
  • afotedar's avatar
    afotedar
    Icon for Nimbostratus rankNimbostratus
    Oct 03, 2023

    We have a similar iRule with CLIENT_ACCEPTED, LB_SELECTED, SERVER_CONNECTED, and SERVER_CLOSED events. We perform SNAT in the LB_SELECTED event and logging in the SERVER_* events. When I try to apply this rule to a UDP VS, I get the following error:

    01070394:3: TCP::client_port in rule (/Common/my_rule) requires an associated BIGPROTO or TCP or FASTHTTP profile on the virtual server (/Common/udp_vs).

     I understand the error and am wondering if the rule can be applied to a UDP VS. If not, how can I change the logging in SERVER_* events so as to resolve this error?

    when SERVER_CONNECTED {
    log local0. "inner_ip=[IP::client_addr] inner_port=[TCP::client_port] outer_ip=[IP::local_addr] outer_port=[TCP::local_port] dest_ip=[IP::remote_addr] dest_port=[TCP::remote_port]"
}

     Additionally, would CLIENT_ACCEPTED and LB_SELECTED events work for UDP? I would really appreciate an pointers. Thank you.