The logging of the Client IP is working with this code below, thanks Mohamed and Steve. However, it seems I can't give the Sharepoint admins access to view the logs on the Big IP without giving them administrator access to the device, which I don't want to do.
when LB_SELECTED {
log local0. "Client IP:[IP::client_addr] connected to real server IP: [LB::server addr]"
}
So, I've been working on the HTTP header as Steve suggested, so they could use HTTPWatch, even Wireshark, to review the HTTP headers from response to seek the IP address of the member of the pool to which the client connected. However, I get syntax errors trying to save the code below as an iRule, and when I try to tweak it myself to where I finally get the iRule to save without error, when I try to connect to the Sharepoint site I basically get "the website cannot be found" in Internet Explorer. Once I remove the iRule I can hit the site. So, I'm not sure what I need to adjust so that I can get the IP address of the member server to which the client connected without using the logfiles on the Big IP. I'd like to set up something that the Sharepoint admins can access to review without giving them Admin access to the BigIP. I know the sharepoint servers that are members of the pool have IIS logs that will show the IP address of the connecting client, but in this case the IIS logs just show the IP address of the load balancer, rather than the client workstation, so even if there is a way to pass the Client IP through without messing with connectivity?
when LB_SELECTED {
set whichserver [LB::server addr]
}
when HTTP_REQUEST {
if { string tolower [HTTP::uri] equals "/whichserver" } {
HTTP::respond 200 content "Real server IP is: $whichserver" noserver Content-Type
"text/html" Connection "Close"
Stop processing the iRule for this event here
return }
}