Ok, thanks Aaron. I also just found a post you wrote back in 08, i might try that first as i'm not familiar with logging to a syslog server
to jondyke in nov of 08
Thanks for your help!
when CLIENT_ACCEPTED {
Add some logic for determining which clients to log for
if {[matchclass [IP::client_addr] equals $::filteredAddresses}{
Get time for start of TCP connection in milleseconds
set tcp_start_time [clock clicks -milliseconds]
Log the start of a new TCP connection
log "New TCP connection from [IP::client_addr]:[TCP::client_port] to [IP::local_addr]:[TCP::local_port]"
} else {
Disable all events for this rule and any other rule for this connection
event disable all
}
}
when HTTP_REQUEST {
Get time for start of HTTP request
set http_request_time [clock clicks -milliseconds]
Log the start of a new HTTP request
set LogString "Client [IP::client_addr]:[TCP::client_port] -> [HTTP::host][HTTP::uri]"
log local0. "$LogString (request)"
}
when HTTP_RESPONSE {
Received the response headers from the server. Log the pool name, IP and port, status and time delta
log local0. "$LogString (response) - pool info: [LB::server] - status: [HTTP::status] (request/response\
delta: [expr [clock clicks -milliseconds] - $http_request_time]ms)"
}
when CLIENT_CLOSED {
Log the end time of the TCP connection
log "Closed TCP connection from [IP::client_addr]:[TCP::client_port] to [IP::local_addr]:[TCP::local_port]\
(open for: [expr [clock clicks -milliseconds] - $tcp_start_time]ms)"
}