Manual Chapter : Perflow and subsession variables

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 15.0.1, 15.0.0
Manual Chapter

Perflow and subsession variables

Perflow variables exist only while a per-request policy runs. Perflow variables for a per-request policy subroutine exist while the subsession exists. Multiple subsessions can run simultaneously. The table lists per-low variables and their values.
Name
Value, if known
perflow.ad.last.authresult
Last authentication result.
perflow.agent_category_lookup.type
Agent category type.
perflow.agent_ending.result
0
(success) or
1
(failure).
perflow.agent_failed.reason
Reason for agent failure.
perflow.agent_license.status
Status of the agent license.
perflow.agent_license.type
Type of agent license.
perflow.agent.state
Agent state.
perflow.api.api_server
Set by the Request Classification agent when the matching path is associated with a server. Also set by the API Server Selection agent.
perflow.api.traffic_key.user_id
API traffic user ID.
perflow.api.traffic_key.user_group_id
API traffic user group ID.
perflow.api.traffic_key.client_app_id
API traffic client application ID.
perflow.api.traffic_key.service_tier
API traffic service tier.
perflow.api.traffic_key.organization_id
API traffic organization ID.
perflow.api_rate_limiting.error_string
Set by the API Rate Limiting Enforcement agent if an error occurred.
perflow.api.proxy_error
API proxy error.
perflow.api.proxy_auth_type
API proxy authorization type.
perflow.api_rate_limiting.result
Set by the API Rate Limiting Enforcement agent indicating whether enforcement succeeded.
perflow.apmd_agent.state
APM daemon state.
perflow.application_filter_lookup.result.action
0
(reject) or
1
(allow).
perflow.application_lookup.result.effective_ application
Name of the application that is ultimately used.
perflow.application_lookup.result.effective_ family
Name of the application family that is ultimately used.
perflow.application_lookup.result.families
Comma-separated list of application families.
perflow.application_lookup.result.names
Comma-separated list of application names.
perflow.application_lookup.result.primary_ application
Name of the application that APM determines is the primary one.
perflow.application_lookup.result.primary_family
Name of the application family that Access Policy Manager (APM) determines is the primary one. (An application might fit into more than one application family.)
perflow.bypass_lookup.result.ssl
SSL bypass lookup result.
perflow.assign_credentials.password
Password from Assign Credentials agent.
perflow.assign_credentials.share_password
Shared password from Assign Credentials agent.
perflow.assign_credentials.username
Username from Assign Credentials agent.
perflow.branching.url
Name of branching URL.
perflow.bypass_lookup.result.ssl
0
(http) or
1
(https).
perflow.category_lookup.failure
0
(success) or
1
(server failure).
perflow.category_lookup.result.categories
Comma-separated list of categories.
perflow.category_lookup.result.custom categories
Unique number that identifies a custom category; used internally.
perflow.category_lookup.result.display category
Name of the display category.
perflow.category_lookup.result.effective_category
Name of the category that is ultimately used.
perflow.category_lookup.result.filter_name
Name of the URL filter.
perflow.category_lookup.result.hostname
Host name retrieved from SSL input.
perflow.category_lookup.result.numcategories
Integer. Total number of categories in the comma-separated list of categories.
perflow.category_lookup.result.numcustom categories
Integer. Total number of custom categories in the comma-separated list of custom categories.
perflow.category_lookup.result.primarycategory
Name of the category that APM determines is the primary one. (A URL might fit into more than one category, such as news and sports.)
perflow.category_lookup.result.url
Requested URL.
perflow.client.information.hash
Client information.
perflow.client.information.header
Client information header.
perflow.client.information.metadata.header
Client information metadata header.
perflow.client.ip.address
Client IP address.
perflow.client.port
Client port number.
perflow.credential.block
Credential block.
perflow.credential.blockkeys
perflow.custom
Unique number that identifies a custom category; used internally.
perflow.custom.flow
Custom flow.
perflow.decision_box.result
0
(continue) or
1
(cancel) selected for the Confirm Box action in the subroutine.
perflow.ending.redirect.captive.url
Ending redirect captive portal URL.
perflow.epi.error_code
End-point inspection error code.
perflow.epi.result
End-point inspection result.
perflow.ip.geolocation.continent.result
Continent based on geolocation of the IP address.
perflow.ip.geolocation.country.code.result
Country code based on geolocation of the IP address.
perflow.ip.geolocation.country.name.result
Country name based on geolocation of the IP address.
perflow.ip.geolocation.failure
Geolocation failure.
perflow.ip.geolocation.region.result
Region based on geolocation of the IP address.
perflow.ip.reputation.failure
IP reputation failure.
perflow.ip.reputation.result
IP reputation result.
perflow.irule_agent_id
iRule agent ID.
perflow.l7_protocol_lookup.result
Layer 7 protocol lookup result.
perflow.last.logon.itemname
Last logon.
perflow.logon_save_user_credentials_ block
Saved user credentials block.
perflow.mangled.url
Name of mangled URL.
perflow.map.subroutine_subsession
Subroutine subsession.
perflow.oauth.scope.auth_hdr_name
OAuth scope header name.
perflow.oauth.scope.auth_hdr_value
OAuth scope header value.
perflow.oauth.scope.status_code
OAuth scope status codes.
perflow.oauth.scope.status_string
OAuth scope status string.
perflow.on_demand_cert.result
0
(success) or
1
(failure) of On-Demand Certificate authentication in the subroutine.
perflow.on_demand_cert.orig_uri
Originating URI of the On-Demand Certificate in the subroutine.
perflow.policy_path
Policy path.
perflow.policy_path_count
Policy path count.
perflow.protocol_lookup.result
http
or
https
. Defaults to https.
perflow.proxy_select.selection_reused
Proxy select reuse.
perflow.redirect.url
Redirect URL.
perflow.renderer.status_code
Renderer status code.
perflow.renderer.status_code_from
Where renderer status code is from.
perflow.renderer.status_code_to
Where renderer status code is going to.
perflow.renderer.token
Renderer token.
perflow.renderer.url
Renderer URL.
perflow.request_analytics.failure
0
(success) or
1
(server failure).
perflow.request_classification.path_id
Set by the Request Classification agent.
perflow.resource_assign_pool.name
Pool name assigned.
perflow.response_analytics.failure
0
(success) or
1
(server failure).
perflow.response_header_names
Response header names.
perflow.response_headers_num
Response headers number.
perflow.response_headers_set
Response headers set.
perflow.response_header_values
Response header values.
perflow.response_selection.response
Set by the Response Selection agent.
perflow.save.validated.credentials
Validated credentials to save.
perflow.scratchpad
Scratchpad.
perflow.scratchpad.flow
Scratchpad flow.
perflow.service_path
Service path.
perflow.session_check.session_found
Session found during service check.
perflow.session.id
Session ID.
perflow.server.ip.address
Server IP address.
perflow.server.port
Server port number.
perflow.ssl_bypass_set
0
(bypass) or
1
(intercept). SSL Bypass Set and SSL Intercept Set items update this value.
perflow.ssl.bypass_default
0
(bypass) or
1
(intercept). Specified in the client SSL profile, used when SSL Bypass Set and SSL Intercept Set items not included in per-request policy.
perflow.ssl_check.ssl_found
SSL check found SSL.
perflow.ssl.client_cipher_name
Client SSL cipher name.
perflow.ssl.client_cipher_version
Client SSL cipher version.
perflow.ssl.server_cipher_name
Server SSL cipher name.
perflow.ssl.server_cipher_version
Server SSL cipher version.
perflow.ssl.server_cert.response_control
Server SSL certificate response control.
perflow.ssl.server_cert.status
Server SSL certificate status.
perflow.sso_configuration_select.name
Single sign on configuration name.
perflow.subroutine.gating_expr
Subroutine gating expression.
perflow.subroutine.invalidated
0
(validated) or
1
(invalidated) subroutine.
perflow.subroutine.loop_countdown
Subroutine loop countbown.
perflow.subroutine.name
Name of the subroutine.
perflow.subroutine.out_terminal
Name of the subroutine out terminal.
perflow.subroutine_skip_agent_cb_flag
Subroutine skip agent flag.
perflow.subsession.id
Subsession ID.
perflow.subsession.lifetime
Subsession length.
perflow.subsession.lookup
Subsession lookup.
perflow.subsession.state
Subsession state.
perflow.subsession.state_lookup
Subsession state lookup.
perflow.swg_license.consume
Secure Web Gateway consumer license.
perflow.swg_limited_license.consume
Secure Web Gateway limited consumer license.
perflow.urlfilter_lookup.result.action
3
(confirm),
2
(block) or
1
(allow).
perflow.username
User name.
perflow.subroutine.loop_countdown
Number of iterations remaining on a subroutine loop.
subsession.logon.last.username
User name for the last login.
subsession.logon.last.authtype
Last authentication type
subsession.ad.last.actualdomain
Domain name for the last login.
subsession.ad.last.authresult
0
(success) or
1
(failure) of Active Directory authentication in the subroutine.
subsession.ad.last.errmsg
Displays the error message for the last login.
subsession.api_authentication.scheme
Set by the API Authentication agent. Set to either
basic
or
bearer
based on the authentication header in the request.
subsession.ldap.last.authresult
0
(success) or
1
(failure) of LDAP authentication in the subroutine.
subsession.ldap.last.errmsg
Displays the error message for the last login.
subsession.radius.last.attr.filter-id
RADIUS attribute filter ID
subsession.radius.last.attr.framed-compression
RADIUS attribute framed compression.
subsession.radius.last.attr.framed-mtu
RADIUS attribute framed MTU.
subsession.radius.last.attr.framed-protocol
RADIUS attribute framed protocol.
subsession.radius.last.attr.service-type
RADIUS attribute service type.
subsession.radius.last.errmsg
Displays the error message for the last login.
subsession.radius.last.result
0
(success) or
1
(failure) of RADIUS authentication in the subroutine.