Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Clear all filters
Answers

Is there a list of ALL possible APM session variables available?

Hi guys,

I am wondering, is there a list of all possible APM session variables available somewhere?

I realized that dumping session.* through VPE Logging box does not actually show all session variables, although one would expect that.

Or, for example, dumping session.user.* does not display session.user.ipgeolocation.country_code in APM log file. It does so only when I explicitly define this variable in the VPE Logging box.

There are few lists on the AskF5 website, but none of them looks to be complete, many variables I know of are missing in those lists.

I am about to create some customized reporting based on session variables and I would like to know all variables I can work with.

If you have any idea, please let me know.

Thanks a lot!

1
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

hi,

you can show current variable of existing session with command sessiondump.

sessiondump

1
Comments on this Answer
Comment made 23-Jan-2017 by Martin Vlasko 300

Good tip Stanislas! ;)

"sessiondump <sid>" showed me some new variables I could not see before in log file. I just had to use currently active session id of course. Now I know APM variables I can work with. Thanks!

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

sessiondump is useful.

You can also get a feel for what session variables might exist or be used by internal F5 code by looking at strings within TMM, e.g. like this on 13.1.0 HF7

For any F5'ers looking at this and thinking "oh crap we better obfusticate string usage in tmm binaries" please don't... at least not until someone fixes the utter lack of an appropriate level of documentation about things like APM session variable names.

[root@bigip1:Active:Standalone] ~ # cd /usr/bin/
[root@bigip1:Active:Standalone] bin # grep 'session.oauth.client.' *
grep: monitors: Is a directory
Binary file tmm matches
Binary file tmm64.debug matches
Binary file tmm64.pgo_use matches
Binary file tmm.debug matches
Binary file tmm.default matches
[root@bigip1:Active:Standalone] bin # strings tmm64.debug | grep session.oauth.client | sort -u
session.oauth.client
session.oauth.client.last.access_token
subsession.oauth.client
subsession.oauth.client.auth_code
subsession.oauth.client.id_token
subsession.oauth.client.last.access_token
subsession.oauth.client.last.auth_redirect
subsession.oauth.client.last.authresult
subsession.oauth.client.last.expires_in
subsession.oauth.client.last.id_token
subsession.oauth.client.last.refresh_token
subsession.oauth.client.last.token_timestamp
subsession.oauth.client.last.token_type
subsession.oauth.client.last.validated
[root@bigip1:Active:Standalone] bin # 

[root@bigip1:Active:Standalone] bin # strings tmm64.debug | grep -E '^session\.' | grep -i oauth | sort -u
session.assigned.oauth.authz.scope.
session.assigned.oauth.authz.scopes
session.assigned.oauth.authz.scopes_count
session.assigned.oauth.authz.token.audience
session.assigned.oauth.authz.token.claim.
session.assigned.oauth.authz.token.claims
session.assigned.oauth.authz.token.claims_count
session.assigned.oauth.authz.token.subject
session.oauth.authz.client_app_name
session.oauth.authz.client_id
session.oauth.authz.customization.groups.ca
session.oauth.authz.customization.groups.proposed_scopes
session.oauth.authz.grant_type
session.oauth.authz.jwt_token
session.oauth.authz.oauth_id
session.oauth.authz.proposed_scopes
session.oauth.authz.redirect_uri
session.oauth.authz.requested_scopes
session.oauth.authz.response_type
session.oauth.authz.state
session.oauth.client
session.oauth.client.last.access_token
session.oauth.jwt.crypto_data.password
session.oauth.scope.last.errMsg
[root@bigip1:Active:Standalone] bin #

[root@bigip1:Active:Standalone] bin # strings tmm64.debug | grep -E '^[a-z]*session\.' | sort -u
isession.compression.buffers
isession.control.ipsec
session.
session.access.profile
session.access.profiletype
session.access.scope
session.apd.id
session.apd_lock
session.assigned.acls
session.assigned.bwc.category.citrix.high
session.assigned.bwc.category.citrix.low
session.assigned.bwc.category.citrix.mid
session.assigned.bwc.category.citrix.very_high
session.assigned.bwc.dynamic
session.assigned.bwc.dynamic.handle
session.assigned.bwc.static
session.assigned.bwc.static.handle
session.assigned.clientip
session.assigned.customization.groups.at
session.assigned.customization.groups.na
session.assigned.customization.groups.pa
session.assigned.customization.groups.rd
session.assigned.customization.groups.saml
session.assigned.customization.groups.wtl
session.assigned.customization.groups.wts
session.assigned.dacl.
session.assigned.dacls
session.assigned.idp.names
session.assigned.na.
session.assigned.na.current
session.assigned.oauth.authz.scope.
session.assigned.oauth.authz.scopes
session.assigned.oauth.authz.scopes_count
session.assigned.oauth.authz.token.audience
session.assigned.oauth.authz.token.claim.
session.assigned.oauth.authz.token.claims
session.assigned.oauth.authz.token.claims_count
session.assigned.oauth.authz.token.subject
session.assigned.pool
session.assigned.remote_desktop.citrix.
session.assigned.resources.at
session.assigned.resources.at.
session.assigned.resources.na
session.assigned.resources.pa
session.assigned.resources.rd
session.assigned.resources.rd.
session.assigned.resources.saml
session.assigned.route_domain
session.assigned.snat.type
session.assigned.snat.value
session.assigned.token
session.assigned.uuid
session.assigned.webtop
session.assigned.webtoplinks
session.assigned.webtopsections
session.assigned.webtopsectionsresources
session.autocleanup.
session.basicrealm
session.bigip_idp_sp_info
session.bigip_saml_sp_information
session.client.activex
session.client.browscap_info
session.clientcert.ssl_agentnonce
session.client.cpu
session.client.js
session.client.platform
session.client.plugin
session.client.policy.use_browser_plugins
session.client.type
session.client.version
session.createdfrom
session.custom_event.id
session.edgeclient.scripting.logoff.params
session.end
session.error.use503
session.f5_mfa.device_registration.status
session.f5_mfa.device_registration.status_timeout
session.f5_mfa.user_verification.status
session.f5_mfa.user_verification.status_timeout
session.hangup
session.ha_unit
session.idp_sp_init_slo_data
session.inactivity_timeout
session.internal.logon.varlist
session.ipv6_support
session.kerberos.agent.name
session.kerberos.last.outtoken
session.kerberos.rba.enable
session.key
session.keydb
session.keydb.current
session.keydb.final
session.license.connectivity
session.license.limited_urlf
session.license.urlf
session.logon.last.
session.logon.last.domain
session.logon.last.machinename
session.logon.last.password
session.logon.last.selectvalues
session.logon.last.username
session.logon.page.challenge
session.logon.page.customization.group
session.logon.page.errorcode
session.logon.page.retry
session.logout.page.customization.group
session.max_session_timeout
session.ntlm.last.bigip_account_name
session.ntlm.last.result
session.ntlm.last.service_id
session.oauth.authz.client_app_name
session.oauth.authz.client_id
session.oauth.authz.customization.groups.ca
session.oauth.authz.customization.groups.proposed_scopes
session.oauth.authz.grant_type
session.oauth.authz.jwt_token
session.oauth.authz.oauth_id
session.oauth.authz.proposed_scopes
session.oauth.authz.redirect_uri
session.oauth.authz.requested_scopes
session.oauth.authz.response_type
session.oauth.authz.state
session.oauth.client
session.oauth.client.last.access_token
session.oauth.jwt.crypto_data.password
session.oauth.scope.last.errMsg
session.partition_id
session.policy.result
session.policy.result.policy_path
session.policy.result.redirect.close_session
session.policy.result.redirect.url
session.policy.result.start_uri
session.policy.result.webtop.network_access.autolaunch
session.policy.result.webtop.type
session.radius.last.acct.acct_authentic
session.radius.last.acct.nas_identifier
session.radius.last.acct.nas_ip_address
session.radius.last.acct.nas_ipv6_address
session.radius.last.acct.nas_port
session.radius.last.acct.server
session.radius.last.acct.service_type
session.radius.last.acct.start_time
session.radius.last.acct.username_source
session.radius.last.attr.class
session.requested.clientip
session.requested.ipv6_clientip
session.request_to_apd.pending
session.server.decision_box_state
session.server.initial_req_body
session.server.initial_req_hdrs
session.server.landinguri
session.server.landinguri_base64
session.server.listener.name
session.server.multidomain_host
session.server.multidomain_landinguri
session.server.network.name
session.server.network.port
session.server.network.protocol
session.server.unique_string
session.snapshotid
session.ssl.cert.whole
session.sso.token.last.password
session.sso.token.last.username
session.state
session.stats.bytes.in
session.stats.bytes.out
session.stats.egress.compressed
session.stats.egress.raw
session.stats.ingress.compressed
session.stats.ingress.raw
session.stats.packets.in
session.stats.packets.out
session.tacacsplus.last.acct.server
session.tacacsplus.last.acct.start_time
session.timeout
session.ui.lang
session.ui.mode
session.user.access_mode
session.user.activesync.device-id
session.user.agent
session.user.clientip
session.user.display_sessionid
session.user.ipgeolocation.continent
session.user.ipgeolocation.country_code
session.user.ipgeolocation.country_name
session.user.ipgeolocation.state
session.user.ip_reputation
session.user.microsoft-exchange-client
session.user.recurring_check_nonce
session.user.recurring_check_timestamp
session.user.sessionid
session.user.sessiontype
session.user.starttime
session.user.uuid
session.webtop.customization.group
splitsession.OOBMessage
splitsession.OOBMessage.FieldType
splitsession.OOBMessage.MessageType
splitsession.OOBMessage.OOBMessageFields
subsession.
subsession.clientcert.ssl_agentnonce
subsession.clientcert.ssl_rehandshake_pending
subsession.logon.last.
subsession.logon.last.authtype
subsession.logon.last.password
subsession.logon.last.username
subsession.logon.page.challenge
subsession.logon.page.errorcode
subsession.oauth.client
subsession.oauth.client.auth_code
subsession.oauth.client.id_token
subsession.oauth.client.last.access_token
subsession.oauth.client.last.auth_redirect
subsession.oauth.client.last.authresult
subsession.oauth.client.last.expires_in
subsession.oauth.client.last.id_token
subsession.oauth.client.last.refresh_token
subsession.oauth.client.last.token_timestamp
subsession.oauth.client.last.token_type
subsession.oauth.client.last.validated
subsession.oauth.crypto.alg
subsession.oauth.crypto.result
subsession.oauth.crypto.result.jwk
subsession.oauth.jwt.crypto_data.password
subsession.oauth.scope.last.authresult
subsession.oauth.scope.last.errMsg
subsession.oauth.scope.last.internal.exp
subsession.ssl.cert.certissuer
subsession.ssl.cert.end
subsession.ssl.cert.exist
subsession.ssl.cert.issuer
subsession.ssl.cert.serial
subsession.ssl.cert.start
subsession.ssl.cert.subject
subsession.ssl.cert.valid
subsession.ssl.cert.version
subsession.ssl.cert.whole
subsession.ssl.cert.x509extension
[root@bigip1:Active:Standalone] bin # 

[root@bigip1:Active:Standalone] bin # strings tmm64.debug | grep -E '^(ltm|apm|asm|pem|gtm|dns)\.' | sort -u
apm.citrix.backend_info.
apm.ldbsyncstate.
apm.localdb.
apm.oauth.access_token.
apm.oauth.auth_code.
apm.oauth.oauth_id.
apm.oauth.refresh_token.
apm.oauth.user_info.
apm.oauth.user_request.
apm.oauth.user_token.
apm.orig_uri.token.
apm.profile.
apm.profile.key.
apm.session.cred.
apm.session.ip.
apm.session.oauth_token.
apm.UNKNOWN.
asm.csp_response
asm.session.dp:
asm.session.dp:ip:
asm.session.dp:sid:
asm.session.dp:usr:
asm.session.sw:
asm.session.sw:ip:
asm.session.sw:sid:
asm.session.sw:usr:
dns.queuing
dns.udptruncate
dns.xfr.msgbuffermax
gtm.coredump
gtm.debugprobelogging
gtm.debugprobetuninginterval
gtm.dynamiclbsecondarymode
gtm.loadlinkcost
gtm.maxpersistsyncspersecond
gtm.onetimeautoconfig
gtm.querylogging
gtm.reqinitstate
gtm.verbosemcpmessages
gtm.wideiptoporandom
pem.gx_session.indx.
pem.gy_session.indx.
pem.sd_session.indx.
pem.ses_ins.
pem.session.
pem.sessiondb.stats.max.entries
pem.sessn.index.
pem.ses_ver.
pem.subs.active.
pem.subscriber.id.
pem.subs.id.
pem.subs.ipaddr.
[root@bigip1:Active:Standalone] bin #
1
Comments on this Answer
Comment made 03-Jul-2018 by Martin Vlasko 300

Hi Colin,

Very nice tip, thank you. I will use this one in the future for sure :)

1
Comment made 2 months ago by paulfish 78

Hi,

If you need me to add to the request. It's kinda crazy it doesn't exist already.

I can't find anything forward of 11.4.0

https://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-config-11-4-0/apm_config_sessionvars.html

Thanks for the strings query very cleaver.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

I'm in the process of getting an RFE opened for this. Hopefully PD will accept it.

1