Log Tcp And Http Request Response Info
Problem this snippet solves:
This iRule logs a line for the following events:
- when a new TCP connection is established with a client
- when the HTTP headers of an HTTP request are received from the client
- when the HTTP headers of an HTTP response are received from the pool member
- when the TCP connection with a client is closed
Code :
# Here is a sample of the log output for a single TCP connection with three HTTP requests:: New TCP connection from 192.168.99.210:2675 to 192.168.101.41:80 : Client 192.168.99.210:2675 -> test_http_vip/test0.html?parameter=val (request) : Client 192.168.99.210:2675 -> test_http_vip/test0.html?parameter=val (response) - pool info http_pool 192.168.101.45 80 - status: 200 (request/response delta: 0ms) : Client 192.168.99.210:2675 -> test_http_vip/test1.html?parameter=val (request) : Client 192.168.99.210:2675 -> test_http_vip/test1.html?parameter=val (response) - pool info http_pool 192.168.101.45 80 - status: 200 (request/response delta: 0ms) : Client 192.168.99.210:2675 -> test_http_vip/test2.html?parameter=val (request) : Client 192.168.99.210:2675 -> test_http_vip/test2.html?parameter=val (response) - pool info http_pool 192.168.101.45 80 - status: 200 (request/response delta: 1ms) : Closed TCP connection from 192.168.99.210:2675 to 192.168.101.41:80 (open for: 1078ms) when CLIENT_ACCEPTED { # Get time for start of TCP connection in milleseconds set tcp_start_time [clock clicks -milliseconds] # Log the start of a new TCP connection log local0. "New TCP connection from [IP::client_addr]:[TCP::client_port] to [IP::local_addr]:[TCP::local_port]" } when HTTP_REQUEST { # Get time for start of HTTP request set http_request_time [clock clicks -milliseconds] # Log the start of a new HTTP request set LogString "Client [IP::client_addr]:[TCP::client_port] -> [HTTP::host][HTTP::uri]" log local0. "$LogString (request)" } when LB_SELECTED { log local0. "Client [IP::client_addr]:[TCP::client_port]: Selected [LB::server]" } when LB_FAILED { log local0. "Client [IP::client_addr]:[TCP::client_port]: Failed to [LB::server]" } when SERVER_CONNECTED { log local0. "Client [IP::client_addr]:[TCP::client_port]: Connected to [IP::server_addr]:[TCP::server_port]" } when HTTP_RESPONSE { # Received the response headers from the server. Log the pool name, IP and port, status and time delta log local0. "$LogString (response) - pool info: [LB::server] - status: [HTTP::status] (request/response delta: [expr {[clock clicks -milliseconds] - $http_request_time}] ms)" } when CLIENT_CLOSED { # Log the end time of the TCP connection log local0. "Closed TCP connection from [IP::client_addr]:[TCP::client_port] to [IP::local_addr]:[TCP::local_port] (open for: [expr {[clock clicks -milliseconds] - $tcp_start_time}] ms)" }
Published Mar 18, 2015
Version 1.0
hoolio
Cirrostratus
CirrostratushoolioCirrostratus
Cirrostratus3 Comments
afotedarNimbostratus
We have a similar iRule with CLIENT_ACCEPTED, LB_SELECTED, SERVER_CONNECTED, and SERVER_CLOSED events. We perform SNAT in the LB_SELECTED event and logging in the SERVER_* events. When I try to apply this rule to a UDP VS, I get the following error:
01070394:3: TCP::client_port in rule (/Common/my_rule) requires an associated BIGPROTO or TCP or FASTHTTP profile on the virtual server (/Common/udp_vs).I understand the error and am wondering if the rule can be applied to a UDP VS. If not, how can I change the logging in SERVER_* events so as to resolve this error?
when SERVER_CONNECTED { log local0. "inner_ip=[IP::client_addr] inner_port=[TCP::client_port] outer_ip=[IP::local_addr] outer_port=[TCP::local_port] dest_ip=[IP::remote_addr] dest_port=[TCP::remote_port]" }Additionally, would CLIENT_ACCEPTED and LB_SELECTED events work for UDP? I would really appreciate an pointers. Thank you.
- JotaCePena_1783
Very usefull iRules. Thanks a lot.
