Does anyone did traffic logging?

Question

Hi guys&nbsp;I`m searching method which can logging or inspecting traffic information.&nbsp;Target license are LTM and CGNAT.&nbsp;I have looking for Telemetry streaming but that seems providing sampling information.I need full traffic information not sampling data. also don`t need mirroring. &nbsp;I think using i-Rule with HSL can be a method but I`m wondering how much traffic can be logging.-&gt; how much means about CPS 150K.-&gt; and BIGIP`s disk can be able to hold the logs.

philippe_cloup · Answer

Hi SWJO,if you use HCL in TCP mode, the BIG-IP is able to multiplex logs into few TCP connections (same behaviour as OneConnect in a way).depending on your platform 150k CPS (which IMO will be less, if you multiplex logs as mentioned), need to be checked, but should not impact the system more than normal tcp connections for the same device.&nbsp;for disk, if your HSL is writing directly (and you don’t use any log local commands, then nothing is stored in the disk of the BIG-IP.&nbsp;you mentioned CGNAT, and i can tell you that there is a lot of CSPs that use this way of logging to do legal interception or even traffic jogging based on IMEIs for example.&nbsp;

Forum Discussion

Does anyone did traffic logging?

1 Reply

Recent Discussions

preserve client IP on layer 4 VIP

Failed to convert character dclid=%EDclid!

ASM - Parent policy vs OWASPcompliance

Rewrite uri translation not working

CONNECTION IS LOST DUE TO SELF IP IS DELIVERED

Related Content

iRule to log traffic details

Does anyone did traffic logging?

fellow traffic

ASM logs

Logging DNS Requests