DX - Load Balancing & Application Acceleration
Reply
Visitor
Aaron
Posts: 4
Registered: ‎02-14-2008
0

Web Log Format Customization

Does anyone have a link to a Juniper doc that covers customizing http/https log formats?

For example, in apache I use:

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%{cookie}n\"" withcookies

I need to log the cookies assuming that the DX can set a cookie or recognize one that is set by apache.
Recognized Expert
MattS
Posts: 205
Registered: ‎11-06-2007
0

Re: Web Log Format Customization

The weblog formats are not configurable, there are 6 different types available.   Chapter 23 of the Installation & Admin Guide has a section on 'Web Log Configuration' which covers the different weblog formats available and the fields they log, unfortunatelty none include the cookie information:

 

The user can select the format for the log from one of these five options:

􀂄 Common: This is the Apache Common Logging Format (CLF). The information

included in the log is:

remotehost remotelogname authuser [date] "request" status bytes

􀂄 Combined: This is a modification of CLF (common) format and adds the values

of the Referer and User-Agent HTTP headers in quotes:

remotehost remotelogname authuser [date] "request" status bytes "Referer"

"User-Agent"

􀂄 Common_cn: This is a modification of CLF (common) format with the cluster

name prepended to the CLF format:

clustername remotehost remotelogname authuser [date] "request" status bytes

􀂄 Combined_cn: This is a modification of the combined format with the cluster

name prepended to the combined format:

clustername remotehost remotelogname authuser [date] "request" status bytes

"Referer" "User-Agent"

􀂄 Perf1: This is a proprietary format that allows you to more easily monitor the

performance of DX appliance compression and cache. The information

included in the log is:

remotehost [date] method url version status request-bytes precomp-bytes

postcomp-bytes cachehit

􀂄 Perf2: This is a proprietary format that allows you to troubleshoot performance

problems. The information included in the log is:

TransactionID remotehost T1 T2 T3 T4 tcp_outcome method url status from

ip_port bytes cachehit host "user-agent"

 

 

 

If you wish to maintain the logging on the webservers and need the DX to pass the client source IP you can use the customiplogheader setting, which would then set a defined HTTP header to the client's IP.  

 

There are more details  passing the client IP and weblogging in chapter 16 ('Configuring HTT(S) Logging') of the Installation & Admin guide. 

 

 

 

 

Visitor
Aaron
Posts: 4
Registered: ‎02-14-2008
0

Re: Web Log Format Customization

If I log on Apache, then I have a problem...  Apache sets a cookie.  The cookie is a combination of the users IP and a hash.  (standard Apache cookie that uses Netscape style cookies)

 

While I can make use of the custom IP header for java and for http logs, then I still end up with the load balancers IP in the cookie and that is used in conjuction with code to determine referals.  (e.g. "127.0.0.1.131471203454260750" me hitting the server from localhost).

 

Any ideas how I can also get the users IP into the cookie without disabling all the advanced features (tcp multiplexing, caching, etc)?

 

Recognized Expert
MattS
Posts: 205
Registered: ‎11-06-2007
0

Re: Web Log Format Customization

I am understanding this correctly - a client connects to cluster on the DX which proxies it to an Apache server, a cookie is generated on the server that uses the source IP of the connection as part of the cookie value and sent back to the client.  This is supplied in future requests and the server uses this to generate it's responses?

 

 

If the server cookie generation cannot be altered to pull the IP from a HTTP header the DX inserts with the true client source IP, you could look at setting up a cluster which has client IP transparency, which is used to generate a cookie.   This cluster would not support multiplexing and the servers would need to use the DX as their gateway.

 

Once the cookie is set redirection or apprules can be used to then have the client connect to another cluster which does not have transparency on.

 

For example:

 

Cookie-cluster:  Client IP transparency on; Apprule to test if cookie presented - if it is redirect to Main-Cluster

Main-Cluster:    configured without client IP transparency.

 

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.