Manual Chapter :
Perflow and
subsession variables
Applies To:
Show Versions
BIG-IP APM
- 15.0.1, 15.0.0
Perflow and
subsession variables
Perflow variables exist only while a per-request policy
runs. Perflow variables for a per-request policy subroutine exist while the subsession exists.
Multiple subsessions can run simultaneously. The table lists per-low variables and their
values.
Name | Value, if known |
|---|---|
perflow.ad.last.authresult | Last authentication result. |
perflow.agent_category_lookup.type | Agent category type. |
perflow.agent_ending.result | 0 (success) or 1 (failure). |
perflow.agent_failed.reason | Reason for agent failure. |
perflow.agent_license.status | Status of the agent license. |
perflow.agent_license.type | Type of agent license. |
perflow.agent.state | Agent state. |
perflow.api.api_server | Set by the Request Classification agent when the matching path is associated with
a server. Also set by the API Server Selection agent. |
perflow.api.traffic_key.user_id | API traffic user ID. |
perflow.api.traffic_key.user_group_id | API traffic user group ID. |
perflow.api.traffic_key.client_app_id | API traffic client application ID. |
perflow.api.traffic_key.service_tier | API traffic service tier. |
perflow.api.traffic_key.organization_id | API traffic organization ID. |
perflow.api_rate_limiting.error_string | Set by the API Rate Limiting Enforcement agent if an error occurred. |
perflow.api.proxy_error | API proxy error. |
perflow.api.proxy_auth_type | API proxy authorization type. |
perflow.api_rate_limiting.result | Set by the API Rate Limiting Enforcement agent indicating whether enforcement
succeeded. |
perflow.apmd_agent.state | APM daemon state. |
perflow.application_filter_lookup.result.action
| 0 (reject) or 1 (allow). |
perflow.application_lookup.result.effective_
application
| Name of the application that is ultimately used. |
perflow.application_lookup.result.effective_
family | Name of the application family that is ultimately
used. |
perflow.application_lookup.result.families | Comma-separated list of application families. |
perflow.application_lookup.result.names | Comma-separated list of application names. |
perflow.application_lookup.result.primary_
application | Name of the application that APM determines is the primary
one. |
perflow.application_lookup.result.primary_family | Name of the application family that Access Policy Manager
(APM) determines is the primary one. (An application might fit into more than one
application family.) |
perflow.bypass_lookup.result.ssl | SSL bypass lookup result. |
perflow.assign_credentials.password | Password from Assign Credentials agent. |
perflow.assign_credentials.share_password | Shared password from Assign Credentials agent. |
perflow.assign_credentials.username | Username from Assign Credentials agent. |
perflow.branching.url | Name of branching URL. |
perflow.bypass_lookup.result.ssl | 0 (http) or 1 (https). |
perflow.category_lookup.failure | 0 (success) or 1 (server
failure). |
perflow.category_lookup.result.categories
| Comma-separated list of categories. |
perflow.category_lookup.result.custom
categories | Unique number that identifies a custom category; used internally. |
perflow.category_lookup.result.display category | Name of the display category. |
perflow.category_lookup.result.effective_category
| Name of the category that is ultimately used. |
perflow.category_lookup.result.filter_name | Name of the URL filter. |
perflow.category_lookup.result.hostname | Host name retrieved from SSL input. |
perflow.category_lookup.result.numcategories | Integer. Total number of categories in the comma-separated list of categories.
|
perflow.category_lookup.result.numcustom
categories | Integer. Total number of custom categories in the
comma-separated list of custom categories. |
perflow.category_lookup.result.primarycategory
| Name of the category that APM determines is the primary one. (A URL might fit
into more than one category, such as news and sports.) |
perflow.category_lookup.result.url | Requested URL. |
perflow.client.information.hash | Client information. |
perflow.client.information.header | Client information header. |
perflow.client.information.metadata.header | Client information metadata header. |
perflow.client.ip.address | Client IP address. |
perflow.client.port | Client port number. |
perflow.credential.block | Credential block. |
perflow.credential.blockkeys | |
perflow.custom | Unique number that identifies a custom category; used internally. |
perflow.custom.flow | Custom flow. |
perflow.decision_box.result | 0 (continue) or 1 (cancel) selected for the
Confirm Box action in the subroutine. |
perflow.ending.redirect.captive.url | Ending redirect captive portal URL. |
perflow.epi.error_code | End-point inspection error code. |
perflow.epi.result | End-point inspection result. |
perflow.ip.geolocation.continent.result | Continent based on geolocation of the IP address. |
perflow.ip.geolocation.country.code.result | Country code based on geolocation of the IP address. |
perflow.ip.geolocation.country.name.result | Country name based on geolocation of the IP address. |
perflow.ip.geolocation.failure | Geolocation failure. |
perflow.ip.geolocation.region.result | Region based on geolocation of the IP address. |
perflow.ip.reputation.failure | IP reputation failure. |
perflow.ip.reputation.result | IP reputation result. |
perflow.irule_agent_id | iRule agent ID. |
perflow.l7_protocol_lookup.result | Layer 7 protocol lookup result. |
perflow.last.logon.itemname | Last logon. |
perflow.logon_save_user_credentials_ block | Saved user credentials block. |
perflow.mangled.url | Name of mangled URL. |
perflow.map.subroutine_subsession | Subroutine subsession. |
perflow.oauth.scope.auth_hdr_name | OAuth scope header name. |
perflow.oauth.scope.auth_hdr_value | OAuth scope header value. |
perflow.oauth.scope.status_code | OAuth scope status codes. |
perflow.oauth.scope.status_string | OAuth scope status string. |
perflow.on_demand_cert.result | 0 (success) or 1 (failure) of On-Demand
Certificate authentication in the subroutine. |
perflow.on_demand_cert.orig_uri | Originating URI of the On-Demand Certificate in the subroutine. |
perflow.policy_path | Policy path. |
perflow.policy_path_count | Policy path count. |
perflow.protocol_lookup.result | http or https . Defaults to
https. |
perflow.proxy_select.selection_reused | Proxy select reuse. |
perflow.redirect.url | Redirect URL. |
perflow.renderer.status_code | Renderer status code. |
perflow.renderer.status_code_from | Where renderer status code is from. |
perflow.renderer.status_code_to | Where renderer status code is going to. |
perflow.renderer.token | Renderer token. |
perflow.renderer.url | Renderer URL. |
perflow.request_analytics.failure | 0 (success) or 1 (server failure). |
perflow.request_classification.path_id | Set by the Request Classification agent. |
perflow.resource_assign_pool.name | Pool name assigned. |
perflow.response_analytics.failure | 0 (success) or 1 (server failure). |
perflow.response_header_names | Response header names. |
perflow.response_headers_num | Response headers number. |
perflow.response_headers_set | Response headers set. |
perflow.response_header_values | Response header values. |
perflow.response_selection.response | Set by the Response Selection agent. |
perflow.save.validated.credentials | Validated credentials to save. |
perflow.scratchpad | Scratchpad. |
perflow.scratchpad.flow | Scratchpad flow. |
perflow.service_path | Service path. |
perflow.session_check.session_found | Session found during service check. |
perflow.session.id | Session ID. |
perflow.server.ip.address | Server IP address. |
perflow.server.port | Server port number. |
perflow.ssl_bypass_set | 0 (bypass) or 1 (intercept). SSL Bypass
Set and SSL Intercept Set items update this value. |
perflow.ssl.bypass_default | 0 (bypass) or 1 (intercept). Specified
in the client SSL profile, used when SSL Bypass Set and SSL Intercept Set items not
included in per-request policy. |
perflow.ssl_check.ssl_found | SSL check found SSL. |
perflow.ssl.client_cipher_name | Client SSL cipher name. |
perflow.ssl.client_cipher_version | Client SSL cipher version. |
perflow.ssl.server_cipher_name | Server SSL cipher name. |
perflow.ssl.server_cipher_version | Server SSL cipher version. |
perflow.ssl.server_cert.response_control | Server SSL certificate response control. |
perflow.ssl.server_cert.status | Server SSL certificate status. |
perflow.sso_configuration_select.name | Single sign on configuration name. |
perflow.subroutine.gating_expr | Subroutine gating expression. |
perflow.subroutine.invalidated | 0 (validated) or 1 (invalidated)
subroutine. |
perflow.subroutine.loop_countdown | Subroutine loop countbown. |
perflow.subroutine.name | Name of the subroutine. |
perflow.subroutine.out_terminal | Name of the subroutine out terminal. |
perflow.subroutine_skip_agent_cb_flag | Subroutine skip agent flag. |
perflow.subsession.id | Subsession ID. |
perflow.subsession.lifetime | Subsession length. |
perflow.subsession.lookup | Subsession lookup. |
perflow.subsession.state | Subsession state. |
perflow.subsession.state_lookup | Subsession state lookup. |
perflow.swg_license.consume | Secure Web Gateway consumer license. |
perflow.swg_limited_license.consume | Secure Web Gateway limited consumer license. |
perflow.urlfilter_lookup.result.action | 3 (confirm), 2 (block) or 1 (allow). |
perflow.username | User name. |
perflow.subroutine.loop_countdown | Number of iterations remaining on a subroutine loop. |
subsession.logon.last.username | User name for the last login. |
subsession.logon.last.authtype | Last authentication type |
subsession.ad.last.actualdomain | Domain name for the last login. |
subsession.ad.last.authresult | 0 (success) or 1 (failure) of Active
Directory authentication in the subroutine. |
subsession.ad.last.errmsg | Displays the error message for the last login. |
subsession.api_authentication.scheme | Set by the API Authentication agent. Set to either basic or
bearer based on the authentication header in the
request. |
subsession.ldap.last.authresult | 0 (success) or 1 (failure) of LDAP
authentication in the subroutine. |
subsession.ldap.last.errmsg | Displays the error message for the last login. |
subsession.radius.last.attr.filter-id | RADIUS attribute filter ID |
subsession.radius.last.attr.framed-compression | RADIUS attribute framed compression. |
subsession.radius.last.attr.framed-mtu | RADIUS attribute framed MTU. |
subsession.radius.last.attr.framed-protocol | RADIUS attribute framed protocol. |
subsession.radius.last.attr.service-type | RADIUS attribute service type. |
subsession.radius.last.errmsg | Displays the error message for the last login. |
subsession.radius.last.result | 0 (success) or 1 (failure) of RADIUS
authentication in the subroutine. |
