hsl logging apm

Question

hey,i have configured this iRule to send syslog message to a remote server with the username and ip that a user gets once starts network access.i see the log written on the ltm log file however i see no syslog traffic leaving the F5when CLIENT_ACCEPTED {
&nbsp; &nbsp; ACCESS::restrict_irule_events disable
&nbsp; &nbsp; set hsl [HSL::open -proto UDP -pool PA-IL-SyslogUID]
}

when HTTP_REQUEST {
&nbsp; &nbsp; if { [HTTP::uri] starts_with "/isession?sess=" } {
&nbsp; &nbsp; &nbsp; &nbsp; after 5000 { log local0. "VPN started for [ACCESS::session data get session.logon.last.username] from IP [IP::client_addr] assigned client IP [ACCESS::session data get session.assigned.clientip]"}
&nbsp; &nbsp; &nbsp; &nbsp; HSL::send $hsl "Network Access username:[ACCESS::session data get session.logon.last.username] client-ip:[IP::client_addr] vpn-ip:[ACCESS::session data get session.assigned.clientip]"
&nbsp; &nbsp; }
}

the-messenger · Answer

This is an old post, no answers ?Are you sending data to Splunk?If so, I see you have what the Splunk docs show for "set hsl".&nbsp; I ended up using the publisher, not "proto UDP -pool .."Reply back if you're still working on this, I'll post my iRule for sending APM data to Splunk.

Forum Discussion

hsl logging apm

1 Reply

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

Apache Style Logging with HSL

[HSL] log iRule events with HSL

Need iRule for logging all LDAPS requests to HSL Splunk

ASM logs

APM Session Variable Logging