cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

Does anyone did traffic logging?

SWJO
Cirrostratus
Cirrostratus

Hi guys

 

I`m searching method which can logging or inspecting traffic information.

 

Target license are LTM and CGNAT.

 

I have looking for Telemetry streaming but that seems providing sampling information.

I need full traffic information not sampling data. also don`t need mirroring.

 

I think using i-Rule with HSL can be a method but I`m wondering how much traffic can be logging.

-> how much means about CPS 150K.

-> and BIGIP`s disk can be able to hold the logs.

1 REPLY 1

Philippe_CLOUP
F5 Employee
F5 Employee

Hi SWJO,

if you use HCL in TCP mode, the BIG-IP is able to multiplex logs into few TCP connections (same behaviour as OneConnect in a way).

depending on your platform 150k CPS (which IMO will be less, if you multiplex logs as mentioned), need to be checked, but should not impact the system more than normal tcp connections for the same device.

 

for disk, if your HSL is writing directly (and you don’t use any log local commands, then nothing is stored in the disk of the BIG-IP.

 

you mentioned CGNAT, and i can tell you that there is a lot of CSPs that use this way of logging to do legal interception or even traffic jogging based on IMEIs for example.