Piyush,
Thanks for letting us know that it worked. Also, thanks for pointing out that this option is not in the documentation. I will let the documentation team know.
In the meantime (for anyone following this thread), here is the list of all available attributes (taken from a 10.0.2.0 system). I noticed 4 that are not mentioned in the doc (marked in bold below):
# The following directives can be used to customize the log format.
#
# %a: Client IP Address
# %A: Local IP Address
# %b: Bytes in the response excluding HTTP headers in CLF format: '-' instead
# of 0 when no bytes are returned.
# %B: Bytes in the response excluding HTTP headers
# %{attribute}C:
# Attribute from the TAM credential named 'Attribute'
# %{cookie}e:
# Contents of the Cookie 'cookie' in the request
# %{cookie}E:
# Contents of the Cookie 'cookie' in the response
# %d: Transaction identifier, or session sequence number.
# %F: Time taken to serve the request in microseconds
# %h: Client host
# %H: Request protocol
# %{header}i:
# Contents of the Header 'header' in the request
# %j: The name of the junction servicing the request
# %J: The length of time, in microseconds, that the junction server spent
# processing the request. This will include the time that it took to send
# the request to the server, the length of time that it took the server to
# process the request, and the length of time that it took to read and
# process the response header.
# %l: Client logname (RFC 1314) (default -)
# %m: Request method (i.e. GET, POST, HEAD)
# %{header}o:
# Contents of the Header 'header' in the response
# %M: The time, in Common Log Format, at which the request was received# with millisecond precision.# %p: Port over which the request was received
# %q: The decoded query string (prepended with '?' or empty)
# %Q: The raw query string (prepended with '?' or empty).
# %r: First line of the request with decoded URL
# %R: First line of the request with decoded URL including
HTTP://HOSTNAME# %s: Response status
# %S: The hostname of the junctioned server which serviced this request.# %t: Time in Common Log Format format
# %{format}t:
# The time in the given format
# %T Time taken to serve the request in seconds, or part thereof
# %u: Remote user
# %U: The URL requested
# %v: Canonical ServerName of the server servicing the request
# %z: The decoded path string# %Z: The raw path string
Jon.
------------------------------
Jon Harry
Consulting IT Security Specialist
IBM
------------------------------
Original Message:
Sent: Tue September 07, 2021 04:59 AM
From: Piyush Agrawal
Subject: Logging of which backend junction server
Thanks Jan and Øyvind, It worked as excpected. it would be nice to add it on https://www.ibm.com/docs/en/sva/10.0.2?topic=logging-customizing-http-request-log
------------------------------
Piyush Agrawal
https://www.linkedin.com/in/piyush-norway/
Gjensidige Norway
Original Message:
Sent: Mon September 06, 2021 08:37 AM
From: Jon Harry
Subject: Logging of which backend junction server
Hi Øyvind,
According to the WebSEAL configuration file, the %S option will give you what you're looking for in request.log:
# %S: The hostname of the junctioned server which serviced this request.
I don't know which version introduced this option but I see it in config file for v9.0.6.0 so anything from there on should be fine.
Jon.
------------------------------
Jon Harry
Consulting IT Security Specialist
IBM
Original Message:
Sent: Mon September 06, 2021 08:05 AM
From: Øyvind Bergerud
Subject: Logging of which backend junction server
Hi,
We have junctions with many backend servers, where some servers are responding faster than others. We are using the %J option to create stats.
Is it possible to log in the request log which junctioned server served the request?
------------------------------
Øyvind Bergerud
------------------------------