logging DNS queries locally

Question

Hi Guys,&nbsp;
please, I need help in this, I have configured GTM as transparent cache server, I need to enable query/response locally on the BIG-IP.&nbsp;

vijay_e · Answer

Check out  &amp; DNS Logging.&nbsp;

basemsousan1985 · Answer

In fact, I wrote a simple iRule that worked smoothly, I need to send the result of this iRule to a syslog server, I noticed I have to use HSL API in my iRule, any help doing this &nbsp;
when DNS_REQUEST {    log local0. "QUERY from ([IP::client_addr]) for ([DNS::question class] [DNS::question type]     [DNS::question name])"}&nbsp;
when DNS_RESPONSE {    log local0. "[IP::remote_addr] - LOCATION: [whereis [IP::remote_addr]] - QUESTION: [DNS::question name], [DNS::question type] - ANSWER: [DNS::answer]"}&nbsp;

basemsousan1985 · Answer

Guys, please, check this issue, when I use hsl in my irule, I couldn't notice any logs recived by the syslog server, how can I troublshoot hsl irule &nbsp;
when CLIENT_ACCEPTED {
    set hsl [HSL::open -proto UDP -pool Log_Pool]
}
when DNS_REQUEST {&nbsp;
    HSL::send $hsl "&lt;190&gt; LDNS: [IP::client_addr]) for ([DNS::question class] [DNS::question type] [DNS::question name]" 
}&nbsp;

Forum Discussion

logging DNS queries locally

3 Replies

Recent Discussions

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Related Content

Logs for local-db-publisher

F5 logs - search query

Living on the AWS Edge - Local Zones

Pool downtime query

Is it possible to block a specific log with words in local log?