iRules Concepts: Logging, a Deeper Understanding
Published Jun 18, 2012
Version 1.0Was this article helpful?
{code}
when HTTP_REQUEST {
set hsl [HSL::open -proto UDP -pool syslog_pool]
set agent [HTTP::header "User-Agent"]
set client [IP::client_addr]
set method [HTTP::method]
set referrer [HTTP::header "Referer"]
set uri [HTTP::uri]
set version [HTTP::version]
set vip [HTTP::host]:[TCP::local_port]
}
when HTTP_RESPONSE {
set time [clock format [clock seconds] -format "%d/%b/%Y:%H:%M:%S %z"]
set bytes [HTTP::header "Content-Length"]
set status [HTTP::status]
set version [HTTP::version]
log connection info
Log HTTP request via syslog protocol as local7.info; see RFC 3164 for more info
local3 = 19; info = 6; 8*19 + 6 = 158
HSL doesn't actually talk 'syslog-ng' must be something else.
HSL::send $hsl "<158> $vip $client - - \[$time\] \"$method $uri HTTP\/$version\" $status $bytes \"$referrer\" \"$agent\"\n"
}
{code}