Forum Discussion
nitass
Oct 18, 2011Employee
[root@iris:Active] config b virtual bar list
virtual bar {
snat automap
pool foo
destination 172.28.17.33:http
ip protocol tcp
rules myrule
}
[root@iris:Active] config b rule myrule list
rule myrule {
when CLIENT_ACCEPTED {
log local0. "[IP::client_addr]:[TCP::client_port]"
}
}
[root@iris:Active] config b syslog include
SYSLOG - Include Data:
filter f_local0 {
facility(local0) and
not match("myrule");
};
log {
source(s_syslog_pipe);
filter(f_local0);
filter(f_no_audit);
destination(d_ltm);
};
filter f_myrule {
match("myrule");
};
destination d_myrule {
file("/var/log/myrule" create_dirs(yes));
};
log {
source(s_syslog_pipe);
filter(f_myrule);
destination(d_myrule);
};
[root@iris:Active] config cat /var/log/ltm
[root@iris:Active] config cat /var/log/myrule
Oct 18 22:19:40 local/tmm info tmm[4601]: Rule myrule : 192.168.206.102:53447
Oct 18 22:19:42 local/tmm info tmm[4601]: Rule myrule : 192.168.206.102:53449
Oct 18 22:19:45 local/tmm info tmm[4601]: Rule myrule : 192.168.206.102:53450
Oct 18 22:20:10 local/iris notice b[28110]: 012e0045:5: AUDIT - user root - rule myrule list
hope this helps.