Monitor WAF routing

Question

Hello, 
 
 I have configured a WAF rule with path routing to 2 servers. 
 Everything seems working as expected but I want to know If trafic is well balanced between each servers. 
 Is there a way to find this information on the Sophos? 
 I tried tcpdump and web server protection logs but I cannot find this information. 
 
 Do you have any ideas or tips? 
 Thanks for your help. 
 Maxime

Evianne · Answer

Hi, 
 this information is available. 
 
 Go to the Advanced Shell (Device Management > Advanced Shell). 
 Edit the reverseproxy.conf under /usr/apache/conf/httpd.conf 
 Replace the line 'LogLevel notice' with 'LogLevel notice proxy:debug' 
 Restart WAF: service WAF:restart -ds nosync 
 
 In /log/reverseproxy.log, you should see lines like 
 [...][proxy:debug] [...] HTTP: connection complete to 10.8.1.1:80 (yourwebserverA) 
 [...][proxy:debug] [...] HTTP: connection complete to 10.8.1.2:80 (yourwebserverB) 
 
 Best, 
 Sabine

Evianne · Answer

Sorry for the late response. 
 
 You need to make the system partition read-writable first: 
 mount -o remount,rw / 
 
 When you're done editing the file, remount the / partition read-only: 
 mount -o remount,ro / Best, Sabine