How to logging SNAT Pool translation list with irules?

Question

We dooes configurae Link Controller Loadbelance outbound traffic to Internet with SNAT Pool public IP.  
&nbsp; We need to logging translation list 
&nbsp;  
&nbsp; CLient Address --&gt; Public IP --&gt; Remote Address 
&nbsp;  
&nbsp; How to logging SNAT Pool translation list with irules? 
&nbsp;  
&nbsp;  
&nbsp; Best Regards,

hooleylist · Answer

You should be able to adapt a rule like this to log the original client, SNAT and destination IP addresses:

when SERVER_CONNECTED { 
  
    log local0. "[IP::client_addr], [IP::local_addr], [IP::server_addr]" 
 }

I haven't tested this with a link controller, but I think a layer4 based iRule should work okay. 
  
 Aaron

dennypayne · Answer

Should work, but I'd be careful with putting a rule like this on a high-volume site...you don't want to fill up /var/log and cause performance problems. 
&nbsp;  
&nbsp; Denny

jrahm · Answer

If you are on 9.4 or higher you can send directly to a remote log server so you can log higher volumes without being impacted by the disk access necessary for local writes: 
&nbsp;  
&nbsp; log x.x.x.x local0.info "[IP::client_addr], [IP::local_addr], [IP::server_addr]"

Forum Discussion

How to logging SNAT Pool translation list with irules?

3 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

iRule to log traffic details

irule logging question

ASM logs

iRULE not working for ipfix log publisher.

Logging DNS Requests