Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

How to log Virtual Service Connections using ESP

Summary:

ESP (Edge Security Pack) can be used to log connections to a virtual service by Client Source IP address, even if ESP is not used for user authentication.

Details:

Enable ESP on the relevant virtual service and under ESP logging enable "Connection". Then Set Client Authentication mode to "Delegate to server" (in previous firmware this is "none") and enter your "Allowed Virtual Hosts, multiple hosts can be specified, using space-separated.

Under "Allowed Virtual Directories" use "/*". 

This means all requests will be pre-excluded and therefore passed to the server. However, the option under ESP logging will ensure all connections are logged by the Client IP address.

 

Logs can be viewed under

Logging Options > Extended Log files > ESP Connection Log.

 


Was this article helpful?
0 out of 0 found this helpful

Comments

Avatar

Ben Granholm

Those options don't appear to be available for me.

0

Avatar

Justin Federico

@its-netsvcs

You will not be able to see the ESP Options if your virtual service is for HTTPS and you do not have SSL Acceleration enabled under SSL Properties. If this does not apply to your issue please reach out to our support team by clicking the "Contact Support" link.

0

Avatar

Mark Hoffmann

Hi and thanks for posting,

I've added your vote to the existing feature request for visibility into connecting client IPs and server-side NATs in the LoadMaster log. I will post here again when this feature is taken into a release.

Best regards,
Mark

0

Avatar

infrastructure

Setting this stops my users from logging into the RDP server behind the NAT. If I take it off the users can log in fine. I need to know what time and what IP address is logging into RDP server. Is there any other way to log connections?

 

UPDATE: If I log at  a VS level its ok, its just if I set this as  SubVS level it stops the users log in.

Thanks in advnace

Andrew

0

Avatar

Infraestructura de Sistemas

Hi, although I activate ESP logs last week I can only see logs from a few hours before. How can I use it to monitor all the connections to my virtual services and keep an historical log? is there any possibility to send the log file to another remote log server?
Thank you very much

0