How to log Virtual Service Connections using ESP
ESP (Edge Security Pack) can be used to log connections to a virtual service by Client Source IP address, even if ESP is not used for user authentication.
Enable ESP on the relevant virtual service and under ESP logging enable "Connection". Then Set Client Authentication mode to "Delegate to server" (in previous firmware this is "none") and enter your "Allowed Virtual Hosts, multiple hosts can be specified, using space-separated.
Under "Allowed Virtual Directories" use "/*".
This means all requests will be pre-excluded and therefore passed to the server. However, the option under ESP logging will ensure all connections are logged by the Client IP address.
Logs can be viewed under
Logging Options > Extended Log files > ESP Connection Log.
You will not be able to see the ESP Options if your virtual service is for HTTPS and you do not have SSL Acceleration enabled under SSL Properties. If this does not apply to your issue please reach out to our support team by clicking the "Contact Support" link.
Hi and thanks for posting,
I've added your vote to the existing feature request for visibility into connecting client IPs and server-side NATs in the LoadMaster log. I will post here again when this feature is taken into a release.
Setting this stops my users from logging into the RDP server behind the NAT. If I take it off the users can log in fine. I need to know what time and what IP address is logging into RDP server. Is there any other way to log connections?
UPDATE: If I log at a VS level its ok, its just if I set this as SubVS level it stops the users log in.
Thanks in advnace
Hi, although I activate ESP logs last week I can only see logs from a few hours before. How can I use it to monitor all the connections to my virtual services and keep an historical log? is there any possibility to send the log file to another remote log server?
Thank you very much
Those options don't appear to be available for me.