Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

I Rule to log source_ip , time_stamp, public_ip

Moustafa
Nimbostratus
Nimbostratus

‎08-Jun-2020 00:56

Hello ,

 

i need to develop i rule to log the accepted connections to the VS as following parameters .

 

wan_source_ip address , Geolocation , time stamp

 

Regards,

Labels:
0 Kudos
2 REPLIES 2

Samir
MVP
MVP

‎08-Jun-2020 23:18

Make sure your BIGIP is having latest GeoDB then you will able to get correct details but it will be CPU intensive.

Thanks

0 Kudos

Moustafa
Nimbostratus
Nimbostratus

‎08-Jun-2020 23:23

hi Samir ,

thanks for information . i tried the below I rule i think its working .

 

when CLIENT_ACCEPTED {

  log local0. "Source IP address and Port is [IP::client_addr]:[TCP::client_port]"

log local0. "cloc [whereis [IP::client_addr] country]"

log local0. "Geo Client ([IP::client_addr]) detected"

  }

0 Kudos
Copyright © 2023 Khoros, LLC