Wasfi_Bounni
Nov 05, 2020Cirrocumulus
Solved
How can I use an irule to send the client's source IP over HSL without sending everything else?
Hi;
My question is related to the i-rule below. How can I define a HSL publisher with a filter and avoid sending all types of messages associated with that filter so that only a message showing the client source IP and source port is sent to the syslog server? I just don't want to log anything else relating to all other services and message ids.
Kindly
Wasfi
when CLIENT_ACCEPTED {
set hsl [HSL::open -publisher $static::general_remote_syslog_publisher]
HSL::send $hsl "Client connect from [IP::client_addr]:[TCP::client_port]"
}
Not too sure quite what you want but you can use the HSL command to create the HSL connection directly instead of going through a publisher: https://clouddocs.f5.com/api/irules/HSL__open.html
when CLIENT_ACCEPTED { set hsl [HSL::open -proto UDP -pool <HSL pool>] HSL::send $hsl "Client connect from [IP::client_addr]:[TCP::client_port]" }