What about TCP requests or not HTTP traffic? It seems TCP traffic is
still logged when using:
http-request set-log-level silent if { src -f aws-checks.list }
[Bryan]
------ Original Message ------
From: "Willy Tarreau" <w...@1wt.eu>
To: "Bryan Rodriguez" <polarph...@gmail.com>
Cc: haproxy@formilux.org
Sent: 10/16/2015 10:28:13 AM
Subject: Re: Multiple Monitor-net
On Fri, Oct 16, 2015 at 05:18:24PM +0000, Bryan Rodriguez wrote:
AWS health check monitoring comes from the following networks.
Logging
is going crazy. I read that only the last monitor-net is read. Is
there a way to filter from the logs all the following requests?
monitor-net 54.183.255.128/26
monitor-net 54.228.16.0/26
monitor-net 54.232.40.64/26
monitor-net 54.241.32.64/26
monitor-net 54.243.31.192/26
monitor-net 54.244.52.192/26
monitor-net 54.245.168.0/26
monitor-net 54.248.220.0/26
monitor-net 54.250.253.192/26
monitor-net 54.251.31.128/26
monitor-net 54.252.254.192/26
monitor-net 54.252.79.128/26
monitor-net 54.255.254.192/26
monitor-net 107.23.255.0/26
monitor-net 176.34.159.192/26
monitor-net 177.71.207.128/26
Yes, instead of using monitor-net, you can use a redirect (if the
checker
accepts it) or go to a specific backend instead, and use the "silent"
log-level :
http-request set-log-level silent if { src -f aws-checks.list }
http-request redirect location / if { src -f aws-checks.list }
Or :
use-backend aws-checks if { src -f aws-checks.list }
backend aws-checks
http-request set-log-level silent
error-file 503 /path/to/forged/response.http
Then you put all those networks (one per line) in a file called
"aws-checks.list" and that will be easier.
Hoping this helps,
Willy
