iRule to log type of http content from which source IPs

Hi,

 

 

I got a request that im trying to find a good solution for.

 

The thing we need to be solved is... we got a webservice that we are about to make some changes to. We need to identify which source IPs that is using soap 1.2/1.1 and so on.

 

 

The way I first thought of was solving it with the iRule below.

 

 

when HTTP_REQUEST {

 

if { [HTTP::header value Content-Type] contains "application/soap+xml" } {

 

log local0. "SourceIP [IP::remote_addr] - Content contain [HTTP::header value Content-Type]"

 

}

 

}

 

 

...the annoying part is that the local syslog will be filled with information, and still I cant get statistics on how many calls from each IP and what type of content.

 

 

Would be nice with some kind of dynamic list that can be stored in .txt or even better in a table.

 

The statistics profile is, as far as I know a static list, the fields must be created first and the data is only a counter.

 

 

My wishes is to create a list like:

 

SOURCEIP CONTENT COUNT

 

127.0.0.1 "application/soap+xml" 50000

 

 

Any suggestions on how to solve this in a good looking way? =)

 

 

//Robert