iRule question for capturing simple VIP TCP stats

Question

I am just getting started with iRules and have what I hope is a basic question.  We need to report, on a daily basis, the total amount and maximum number of TCP connections established on one Virtual Server.   
&nbsp;  
&nbsp; Not sure if it matters, but like most of our VSs, it uses SSL on the client side.  At the current time OpCenter personnel are just using the GUI and retrieving these MAXIMUM and TOTAL stats from the "Statistics: Virtual Servers" screen.  The danger here is several of us frequently reset these stats during fault isolation. 
&nbsp;  
&nbsp; I had a look at "Content Type Tracking" which is part of the "Top 50 iRules '08" bundle.  This seems like the proper type of solution where a STATS profile will store these connection counts independently. 
&nbsp;  
&nbsp; Can someone point me in the right direction?

steve_warren_89 · Answer

Colin, 
&nbsp;  
&nbsp; Thanks for the tip.  It helped get me started. 
&nbsp;  
&nbsp; The TOTAL connections statistic was very easy to set up.  The next challenge for me (not a programmer by trade) is to gather the MAXIMUM connection statistic.  Our NOC personnel need to create a daily report on the TOTAL number of connections as well as the 'high water mark', or MAXIMUM number of connections.  We know that each of the servers in a 4 node pool can handle about 1,000 connections before the app starts to suffer.  Our customer wants to know the MAX number on a daily basis. 
&nbsp;  
&nbsp; The NOC personnel will be able to live with retrieving and resetting the STAT profile using the GUI on a daily basis but I would like to eventually code it to write the stats to a log should they forget. 
&nbsp;  
&nbsp; Thanks again, 
&nbsp; Steve

jrahm · Answer

It's not an iRule, but have you considered pulling these stats via snmp and graphing in a network management server?  Cacti is an open-source solution that does this very well, and there are templates for LTM.  An article I wrote on installing cacti is here: Click here.  CactiEZ is way easier, though, so if you want to play around to see if it will work for you, I'd start there.

steve_warren_89 · Answer

I did see you writeup on Cacti some months ago.  Our Chief Network Engineer has a Cacti effort underway and has one developer working on integrating Cacti into the NOC.  Their primary focus is to status 1000+ Cisco devices spread across the network but I have added their server to the F5 SNMP access list.  I pointed the developer to your writeup in hopes of helping her get the BigIP into a template. 
&nbsp;  
&nbsp; I will give the Cacti solution another look.  I will still have to see the iRule solution through the end now that I have ventured down that path. 
&nbsp;  
&nbsp; Thanks to both of you for the quick feedback!!!

Forum Discussion

iRule question for capturing simple VIP TCP stats

3 Replies

Recent Discussions

ISP Bandwidth Utilization

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5 Rseries HA

Geo Fence in ASM through irule for URI

google-visualization-issues

Related Content

Decrypting BIG-IP Packet Captures without iRules

Decrypting BIG-IP Packet Captures Automatically

Simple Sideband - iRule sideband the easy way

DevCentral Connects hosts Capture the Flag!

Automating Packet Captures on BIG-IP