I have a requirement to extract Client IP address as soon as VIP sees a LDAP Bind request from a particular username.

I have gone through couple of forums and found this relevant:

when CLIENT_ACCEPTED {

 TCP::collect 100

}

when CLIENT_DATA {

   # check if payload contains the string we want to replace

   if { [TCP::payload ] contains "username_adam" } {

#logging Client ip as soon as see bind request coming from username adam

       log local0. "Client ip logged is [IP::client_addr]"

       TCP::release

       TCP::collect

      }

Any answers and help would be appreciated.