Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

send Request Logging through Management IP

Go to solution
IVD
Nimbostratus
Nimbostratus

‎12-Apr-2023 01:43

Hi,
We have configured Big IP LTM - Request Logging to send logs to an HSL syslog Server.
But I didn't find any way to send those logs through the management IP , so that it doesn't use applications bandwith.

Is there any way to achieve that ?

Thanks for your help

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Michael_Saleem
Cirrocumulus
Cirrocumulus
In response to Paulius

‎12-Apr-2023 10:25 - edited ‎12-Apr-2023 10:25

According to the following article it is not possible to configure request logging to be sent out via the MGMT port (but you can do it by using an iRule and applying it to a virtual server).

Configuring the BIG-IP system to send high-speed logs through the management interface (f5.com)

View solution in original post

5 REPLIES 5

Go to solution
Paulius
MVP
MVP

‎12-Apr-2023 05:40

@IVD On the F5 some configuration exists that will only use the routed interfaces of the device rather than the management IP (interface) of the device. You can test this theory with HSL but going into the CLI and adding a management interface route to the destination but pointed at the appropriate gateway for the management interface. This is assuming that your management interface sits on a different network than the routed interfaces. The following command should be the syntax.

create sys management-route <name> <destination_IP> <destination_mask> <gateway_IP>

If for some reason this syntax doesn't work for you I would start hitting the ? after "management-route" and follow the sub-menus it displays.

0 Kudos

Go to solution
IVD
Nimbostratus
Nimbostratus
In response to Paulius

‎12-Apr-2023 06:03

Thank you for your answer.

I tried adding a management-route (we have some other management route for DNS or NTP for exemple)
But in this case i can't see anymore traffic send to the HSL server.
If I launch a tcpdump (tcpdump -nni any host <hsl_ip> ) , no packet are sent on any interface.
If I rollback the packets are sent through the routed interface.

any other idea?

0 Kudos

Go to solution
Paulius
MVP
MVP
In response to IVD

‎12-Apr-2023 07:17

@IVD tcpdump tends to not automatically capture traffic from the mgmt interface so I would adjust your tcpdump to listen on the management interface specifically and see what comes back. Typically if the routed interface is automatically used, adding a route to the management interface routing table will not cause the traffic to stop passing. Most likely the traffic is leaving the management interface but something along the path is most likely blocking the traffic. Please let us know if the tcpdump that specifies the management interface shows this communication. If you see nothing on the management interface I do not believe it can be sent out the management interface in this case.

0 Kudos

Go to solution
Michael_Saleem
Cirrocumulus
Cirrocumulus
In response to Paulius

‎12-Apr-2023 10:25 - edited ‎12-Apr-2023 10:25

According to the following article it is not possible to configure request logging to be sent out via the MGMT port (but you can do it by using an iRule and applying it to a virtual server).

Configuring the BIG-IP system to send high-speed logs through the management interface (f5.com)

Go to solution
IVD
Nimbostratus
Nimbostratus

‎12-Apr-2023 22:57

Thnk you both,
I understand this is not actually possible.
I'll give it a try with the iRule.

0 Kudos
Copyright © 2023 Khoros, LLC