apm policy agent logging
apm policy agent logging(1) BIG-IP TMSH Manual apm policy agent logging(1)
NAME
logging - Manages a Logging agent.
MODULE
apm policy agent
SYNTAX
Configure the logging component within the policy agent module using the syntax shown in the following sections.
CREATE/MODIFY
create logging [name]
modify logging [name]
options:
app-service [[string] | none]
log-message [[string] | none]
variables [[string] | none]
edit logging [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
DISPLAY
list logging
list logging [ [ [name] | [glob] | [regex] ] ... ]
show running-config logging
show running-config logging [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
app-service
log-message
non-default-properties
partition
variables
DELETE
delete logging [name]
DESCRIPTION
You can use the logging component to create and manage a logging agent that monitors the value of session variables and
identifies the path taken by access policy execution. A logging agent can also be used to create and monitor custom or
predefined session variables. Note that a session variable may or may not exist depending on the result of the access
policy execution.
EXAMPLES
create logging MyProfile_act_logging_ag {
variables
{
{session-var "session.logon.*"}
{session-var "session.windows_check_file.Company8profile_act_file_check_ag.item_x.filename"}
}
}
Creates the logging agent named MyProfile_act_logging_ag in partition Common and adds two session variables that define
actions that the agent logs: session.logon.* indicates to log application logon attempts and
session.windows_check_file.Company8profile_act_file_check_ag.item_x.filename indicates to log the outcome of the file check
on the client. The x in item_x indicates the order of the files in the list configured for the file checker. The list
starts with index 0 (zero).
create logging MyProfile_act_logging_ag {
log-message "Logon Name: %{session.logon.last.username}."
}
Above example applies only to logging agent tied to per-request access policy. Here logging agent named
MyProfile_act_logging_ag in partition Common will print log messages containing logon name. This removes the requirement to
configure variables separately for per-request access policy.
list logging
Displays a list of logging agents.
OPTIONS
app-service
Specifies the name of the application service to which the object belongs. The default value is none. Note: If the
strict-updates option is enabled on the application service that owns the object, you cannot modify or delete the
object. Only the application service can modify or delete the object.
log-message
Specifies the log message to display. This option is required. For per-request access policy only, this option can
contain session or per-request variables. However, session variables containing wildcard (*) are not supported.
name Specifies the name of a logging agent. This option is required.
partition
Displays the partition within which the component resides.
variables
Adds a variable to or deletes a variable from a logging agent. You use the sessionvar option to specify a session
variable that indicates which actions the system logs. This option does not apply to per-request access policy agent.
SEE ALSO
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or by any means, electronic or mechanical, including
photocopying, recording, or information storage and retrieval systems, for any purpose other than the purchaser's personal
use, without the express written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2011-2016. All rights reserved.
BIG-IP 2016-03-14 apm policy agent logging(1)