For debugging purposes (or to simply to organize logs as you prefer) it would be interesting to send certain syslog messages to a custom file instead of the default ones like /var/log/ltm or /var/log/apm
Contents
Contents
Desired goal
This example shows the way to send syslog messages starting with the string #DEBUG# to the file /var/log/customlog
(You can replace both string and file name in this example with the values you want)
Configure syslog
Configure some syslog parameters by running the following command:
# tmsh modify sys syslog include '"
filter f_local0 {
facility(local0) and not match(\": #DEBUG#\");
};
filter f_local0_customlog {
facility(local0) and match(\": #DEBUG#\");
};
destination d_customlog {
file(\"/var/log/customlog\" create_dirs(yes));
};
log {
source(local);
filter(f_local0_customlog);
destination(d_customlog);
};
"'
In case you need to revert the syslog configuration changes:
# tmsh modify sys syslog include noneExample of IRule to log to custom file
This is a simple IRule that logs the URLs tried to be accesed in the virtual server where the IRule has been applied:
when HTTP_REQUEST {
log local0.info "[IP::client_addr] [HTTP::host][HTTP::uri]"
}
As expected, this lines would be logged to /var/log/ltm file
To send those messages to the custom log file, it is as simple as prepending the configured syslog string (in this example #DEBUG#):
when HTTP_REQUEST {
log local0.info "#DEBUG# [IP::client_addr] [HTTP::host][HTTP::uri]"
}
Check logs
After applying this last example IRule, new messages would be logged to the custom file:
# tail -f /var/log/customlog
Nov 8 09:33:03 BigIP1 tmm1[12686]: Rule /Common/IRULE_TEST_LOG <HTTP_REQUEST>: #DEBUG# 10.2.4.10 myweb.domain.com/folder
No comments:
Post a Comment