Remote Logging for HTTP Request and Response

Hello,

I am trying to setup remote logging to a Kiwi Syslog server to capture HTTP request and response. I have a working rule but am not able to see the logs in the syslog. I used a rule from devcentral and while it logs on to the local disk on the F5, I cannot get it do remote logging. I have attached the rule below. I would appreciate any help/advice on how to get this to work

when CLIENT_ACCEPTED { Get time for start of TCP connection in milleseconds set tcp_start_time [clock clicks -milliseconds]

 Log the start of a new TCP connection
log 10.5.x.x local0.info. "New TCP connection from [IP::client_addr]:[TCP::client_port] to [IP::local_addr]:[TCP::local_port]"

} when HTTP_REQUEST { Get time for start of HTTP request set http_request_time [clock clicks -milliseconds]

 Log the start of a new HTTP request
set LogString "Client [IP::client_addr]:[TCP::client_port] -> [HTTP::host][HTTP::uri]"
log 10.5.x.x local0.info. "$LogString (request)"

}

when LB_SELECTED { log 10.5.x.x local0.info. "Client [IP::client_addr]:[TCP::client_port]: Selected [LB::server]" } when LB_FAILED { log 10.5.x.x local0.info. "Client [IP::client_addr]:[TCP::client_port]: Failed to [LB::server]" } when SERVER_CONNECTED { log 10.5.x.x local0.info. "Client [IP::client_addr]:[TCP::client_port]: Connected to [IP::server_addr]:[TCP::server_port]" } when HTTP_RESPONSE { Received the response headers from the server. Log the pool name, IP and port, status and time delta log 10.5.x.x local0.info. "$LogString (response) - pool info: [LB::server] - status: [HTTP::status] (request/response delta: [expr {[clock clicks -milliseconds] - $http_request_time}] ms)" } when CLIENT_CLOSED { Log the end time of the TCP connection log 10.5.x.x local0.info. "Closed TCP connection from [IP::client_addr]:[TCP::client_port] to [IP::local_addr]:[TCP::local_port] (open for: [expr {[clock clicks -milliseconds] - $tcp_start_time}] ms)" }

Thanks

Karthik