Forum Discussion

Mark_Stradling_'s avatar
Jan 07, 2016

iRule Clean up: How to audit unused conditions?

I am trying to set up a system to audit iRule conditions. After years of building on an iRule, eventually some of the conditions fall out of use and developers are not always great about telling me what has been deprecated. I'd like to figure out a way to audit the routing conditions in an iRule to ensure they are still being used.

The most simple way to do it would be to simply log all URI paths being called and then go through and figure out what they match on the irule. The problem with this approach is it time consuming. Also, it will result in a lot of URLs being logged due to unique portions of each URL.

I was thinking of doing something with ISTATS to log the URL name being called, like this:

switch -glob [HTTP::uri] {
    "/condition1/* {
        ISTATS:: incr "url /condition1/" 1
        pool POOL1
        return
    }
    "/conditon2/* {
        ISTATS::incr "url /condition2/" 1
        pool POOL2
        return
    }

That works fine if every condition is in it's own block, however, I have blocks like this:

switch -glob [HTTP::uri] {
    "/condition1/* -
    "/condition2/* -
    "/condition3/* {
        pool POOL_MULTI
        return
    }

In that scenario, I cannot use ISTATS::incr [key] [value] because it wouldn't tell me which of the conditions was used. I could only log that that block was used.

In a perfect world I would love to be able to access the actual condition the F5 used to make its routing decision. I don't think there is a way to access that. Also, If I were to just simply log the HTTP::uri value, I would end up with lots of entries. Also, sometimes I have a more specific condition and a less specific condition like this:

"/condition1/*/some_string" -
"/conditoin2/*/some_other_string" {
       do some stuff
}
"/condition1/*" {
    do some stuff
}

Having to go back and manually figure out which condition the traffic hit is a bit of a pain. I'd love to be able to simply increment a counter when a condition was used for routing.

Any ideas around this are appreciated.

2 Replies

  • Hi Mark,

    when using

    [switch]
    based iRules, there is unfortunatly no way to trace which part of the multiple conditions has been triggered. All you can do is to split those multiple conditions into individual conditions and then copy/paste the desired actions and also use different
    [ISTATS]
    keys as a counter.

    Note: In TCL v8.5 (aka. LTM uses still TCL v8.4) there will be a new feature to store the matches in

    [switch -regexp]
    mode. But even then you don't want to use -regexp for perfomance reasons, isn't it? 😉

    But when using

    [IF]
    you could use the following syntax to see which part of a multiple conditions has been triggered.

    if { ( [HTTP::uri] starts_with [set y "/test1"] ) or 
         ( [HTTP::uri] starts_with [set y "/test2"] ) or 
         ( [HTTP::uri] starts_with [set y "/test3"] ) or 
         ( [HTTP::uri] starts_with [set y "/test4"] ) or 
         ( [HTTP::uri] starts_with [set y "/test5"] ) } then {
    } else {    
        set y "else"
    }
    

    I'm sorry... 😞

    Cheers, Kai

  • Hi Mark,

    Its unfortunately not possible when using a

    [switch]
    command. A substitution enabled
    [switch]
    syntax like...

    switch -glob -- [HTTP::uri] [set y "/test1*"] - [set y "/test2*"] {
    } [set y "/test3*"] {
    } default {
    }
    

    ... would always store "/test3*", since it substitutes everything before the actual comparsion starts. The

    [switch -glob/exact]
    comparsion has absolutely no room for any kind of
    [identity functions]
    to trace the exit... 😞

    Cheers, Kai