Log message code list?
SOL16197: Reviewing BIG-IP log files describes local traffic log message format as: Message code is split into: Message code: The code that is associated with the message. The code is comprised of the following sub-codes: Product Code: The first two hex digits form the product code. For example, 0x01 is the BIG-IP product code. Subset Code: The third and fourth hex digits are the subset code. For example, 0x2a is the subset code for LIBHAL. Message Number: The next four digits form the message number within a module. Severity Level: The last digit between the colon symbols is the severity level, with 0 being the highest severity level. Are the Product and Subset codes listed anywhere? Would help in processing log messages further in Splunk or similar tool.617Views0likes5CommentsUpload SSL certificate/key via REST API
Hello All, Looking to see if anyone knows of a method of uploading certs and keys to a BIGIP unit, using a method similar to the following example, but using REST instead of the SOAP API. Example: puts bigip["Management.KeyCertificate"].certificate_import_from_pem('MANAGEMENT_MODE_DEFAULT', [ cert['cert_name'] ], [ File.open(cert['cert_file']).read ], true) puts bigip["Management.KeyCertificate"].key_import_from_pem('MANAGEMENT_MODE_DEFAULT', [ cert['cert_name'] ], [ File.open(cert['key_file']).read ], true) Thanks!2.6KViews0likes10CommentsHow do I record the IP assigned to a client after login?
Hello, I need to record clients' IP address assigned by network access. I searched on Ask f5 it looks like that the variable "session.assigned.clientip" is what I need. So I tried to use an irule to get it but failed. Here is my irule: when ACCESS_SESSION_STARTED { set user [ACCESS::session data get "session.logon.last.username"] set client [IP::client_addr] set assignip [ACCESS::session data get "session.assigned.clientip"] log local0. "LOGON:$user login successful from $client, assigned $assignip" } I have tried other events like ACCESS_POLICY_AGENT_EVENT, ACCESS_POLICY_COMPLETED but haven't worked either. Does anyone know how can I log the clients' IP address assigned by network access. I will appreciate it!Solved1.3KViews0likes13CommentsDisplay LTM connections??
I am very new to F5 Big IP, mainly worked with Cisco CSMs and Citrix NetScaler load balancers in the past.....what I am trying to find is how to display what hosts are connected to a particular virtual server, what pool member it's getting routed to and what SNAT address the source is being assigned, etc. WHat I have is a pair of F5 Big IP 4200s set up in a HA configuration. Thanks for any help...JeffSolved13KViews0likes16CommentsHealth Monitors
Hi, I have created a health monitor with the following config: Interval 5 Timeout 16 Send String GET /test/test.jsp Receive String HTTP 1\.(0|1) 200 Reverse No Transparent No Alias address ALL Alias Service Port ALL But whne I go to add it to a specific node choosing NODE SPECIFIC I cannot see the monitor I created inside the list. Do I need to do anything else to make the monitor a node specific one? Thanks.725Views0likes16CommentsHow to add F5 vendor specific Radius attirbutes to Windows 2008 NPS to authorize external users to different roles
I am running bigip 11.4.1 on a 3900 that is licensed for LTM and ASM with client authentication. I am able to configure user authentication to a Windows NPS radius server and have all external users all get authenticated to the windows radius and authorized to the same default external user role. (This is purely for user login access to the BIG-IP managment interface via a browser). I would now like to create four new Windows user groups: F5-Admin, F5-resource-admin, F5-operator, F5-guest. The goal is to have the Windows NPS radius server return the F5 vendor specific attribute "F5-LTM-User-Role" with the appropriate values for the four roles I need. I have the document: "http://support.f5.com/kb/en-us/solutions/public/14000/300/sol14324.html". It is not clear to me how to add the role attributes to windows 2008 NPS such that the new role attribute will be returned to the F5 after successful authentication. It is also not clear how to configure the F5 to then take the returned role attribute for the user and over-ride (ignore) the default external role setting. thank you for your help.1.7KViews0likes6CommentsBare byte decoding and French characters
Currently, our ASM policies are configured with bare byte decoding check activated. However, this poses problems, as some of our legitimate French pages are flagged with this error. Specifically, it complains about vowels with accents (like à ) which are not part of the ASCII character set (the policy is UTF-8) Is there a way I can prevent these errors appearing in our logs without deactivating the bare byte decoding check? Like a whitelist of characters?1.2KViews0likes11CommentsSnapshot capability of VE Guests on VCMP
Hi all, I wish to investigate on the backup/restore capcacity beyond ucs backup. With VEs running on VMWare we can take adavantage of VMWare's snapshot capability to have images of the VE before we operate on it. Are there similar capabilities available on my 5250V/VCMP? Cheers, Gabe452Views0likes3Comments