Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner

how to enable traffic logs with original client ip information on F5 BIG IP LTM in GUI

vadivelan
Nimbostratus
Nimbostratus

i want to enable ltm traffic(BIG IP LTM) logs which will be shows orginal client ip information and connection details should be visible on GUI, can anyone help on this 

 

4 REPLIES 4

Paulius
MVP
MVP

@vadivelan Do you want to log everything from every virtual server? Do you have SNAT enabled?

T-Trust
MVP
MVP

Hi Vadivelan,

So i think , You have to use irules and apply to specific virtual servet that you want to logs traffic,

Please find soluton in link below,

https://community.f5.com/t5/technical-forum/logging-all-traffic-irule/td-p/70545

 

hi 

Thanks for your reply and provide the solution, is there any way to do the same on LTM Policy because we are migrating irule to policy, in irule traffic logs mentioned as below in the current configuration.

 

when HTTP_REQUEST {

#STREAM::disable
#log local0. "Host: [HTTP::host], URI: [HTTP::uri]"
# HTTP::header insert X-SSL-SECURE "true"
# HTTP::header insert "X-FRAME-OPTIONS" "DENY"
log local0. "Request HOST is [HTTP::host] URI is [HTTP::uri]"
HTTP::header insert X-Forwarded-For [IP::client_addr]
#HTTP::header insert X-SSL-SECURE "true"
# Disable the stream filter for all requests
STREAM::disable
# LTM does not uncompress response content, so if the server has compression enabled
# and it cannot be disabled on the server, we can prevent the server from
# sending a compressed response by removing the compression offerings from the client
HTTP::header remove "Accept-Encoding"
if {[string tolower [HTTP::host]] starts_with "icms.royalsundaram.net"} {
log local0. "Host starts_with icms.royalsundaram.net"
switch -glob [string tolower [HTTP::uri]] {

"/searchclaimservice*" { pool /UAT_ISA/Tstacmepreprodocr }
"/androidservice*" { pool /UAT_ISA/Tstacmepreprodocr }
"/documentsviewe*" { pool /UAT_ISA/Tstacmestgjboss }
"/claimsejb*" { pool /UAT_ISA/Tstacmestgjboss }
"/*" { pool /UAT_ISA/Tstacmeliferay }
}
}

is there any option to enable the local traffic logs via ltm policy

Hi Vadivelan,

I try to check F5 article but not found any information about local traffic policy can print access logs,

Could you please create only irule for access logs and use another function on local traffic policy