DataScript: Functions
Introduction
DataScripts are comprised of any number of function or method calls which can be used to inspect and act on traffic flowing through a virtual service. DataScript’s functions are exposed via Lua libraries and grouped into modules: string, vs, http, pool, ssl and crypto. Other Lua libraries may also be used, following the documentation from lua.org. The following functions are available.
DataScript
String | Description |
string.beginswith( source, target ) | Search for string in beginning of a string |
string.contains( source, target ) | Search contains a string in another string |
string.endswith( source, target ) | Search for string at the end of a string |
string.len( source ) | Returns number of characters in string |
string.lower( source ) | Change a string to lower case |
string.split( source_string, delimiter ) | Parses a string into substrings |
string.sub( source, begin, [end] ) | Extract a sub-string from a string |
string.upper( source ) | Change a string to upper case |
L4 | |
avi.l4.read(num_bytes) | Read the payload from the socket buffer. This function is available starting with 18.2.5. |
avi.l4.collect(num_bytes) | Gather the num_bytes before subjecting the payload to the DataScript. This function is available starting with 18.2.5. |
VS | |
avi.vs.analytics.counter(metric_name, [operation], [value]) | Creates and manipulates a counter-type metric. Refer to User-defined Metrics. |
avi.vs.analytics.gauge(metric_name, [operation], [value]) | Creates and manipulates a gauge-type metric. Refer to User-defined Metrics. |
avi.vs.analytics.get_metric(metric_name, metric_type) | Return the user-defined metric value if one with the given name and given type exists. Refer to User-defined Metrics. |
avi.vs.client_ip( ) | Returns the client IP address |
avi.vs.client_port( ) | Returns the client source port |
avi.vs.close_conn([reset]) | Close the current TCP/UDP connection |
avi.vs.ip( ) | Returns IP address of the VS |
avi.vs.log( ) | Write a custom log to VS > client logs |
avi.vs.name( ) | Returns the name of the VS |
avi.vs.port( ) | Returns the VS port of the connection |
avi.vs.persist(key, [lifetime], [pool]) | Creates peristence entry using the key used after load balancing traffic |
avi.vs.rate_limit( type, string_to_limit, [defer_action=False] ) | Rate limits entities of various kinds. |
avi.vs.reqvar.* | Set a global variable usable across events |
avi.vs.table_insert( [table_name,] key, value [, lifetime] ) | Store custom data in a time based table |
avi.vs.table_lookup( [table_name,] key [, lifetime_exten] ) | Lookup data in a table |
avi.vs.table_refresh( [table_name,] key [, lifetime_exten] ) | Update the expire time for a table entry |
avi.vs.table_remove( [table_name,] key ) | Remove data from a table |
avi.vs.get_open_conns() | Returns the total number of open connections per service engine attached to the current virtual service |
avi.vs.se_count() | Returns the total number of service engines attached to the current virtual service |
avi.vs.se() | Returns the UUID of the service engine handling the request |
HTTP | |
avi.http.add_cookie( table ) | Insert a new cookie |
avi.http.add_header( name, value ) | Insert a new header and value |
avi.http.close_conn( [reset] ) | Close or reset a TCP connection |
avi.http.cookie_exists( name, [context] ) | Validate if a cookie already exists |
avi.http.disable() | Upgrade (disable) HTTP processing for the current connection, which will subsequently be treated as layer 4 TCP |
avi.http.get_cookie( name [, context] ) | Return the values of a cookie |
avi.http.get_cookie_names ( [context] ) | Return the names of cookies |
avi.http.get_header( [[name] [context]] ) | Return header names or their values |
avi.http.get_host_tokens( [start [, end]] ) | Return a subsection of the host |
avi.http.get_path( [parse] ) | Returns the URI's path /path.index.htm |
avi.http.get_path_tokens( [start [, end]] ) | Return a subsection of the path |
avi.http.get_query( [arg_name | avi.QUERY_TABLE] [, decode] ) | Returns the URI's query ?a=1&b=2 |
avi.http.get_req_body([size_in_kb]) | Returns part or all of the client request body. |
avi.http.get_request_id() | Returns the request ID. |
avi.http.get_reqvar() | Gets (reads) data stored in a variable via the avi.http.set() function. |
avi.http.get_response_body(size [, offset]) | Gets (reads) a specified number of kilobytes from the buffered response body starting at the specified kilobyte offset. |
avi.http.get_uri( [false] ) | Returns the URI (path plus query) |
avi.http.get_userid( ) | Returns the user ID for the session |
avi.http.hostname( ) | Return the hostname requested by client |
avi.http.internal_status() | Returns HTTP status as a string |
avi.http.method( ) | Return the client's request method |
avi.http.protocol( ) | Returns the session protocol, http or https |
avi.http.redirect( uri [,status] ) | Redirect a request |
avi.http.remove_cookie_attribute | Removes the existing cookie attributes value in the HTTP response |
avi.http.remove_cookie( name1, [name2, ...] ) | Remove an existing cookie |
avi.http.remove_header( name ) | Remove all instances of a header |
avi.http.replace_cookie( table ) | Replace an existing cookies values |
avi.http.replace_header( name, value ) | Replace an existing header's value |
avi.http.response( status, [headers, [body]] ) | Send a defined HTTP response page |
avi.http.saml_session_decrypt( ) | Returns a string of the decrypted SAML session cookie if it exists; else nil |
avi.http.scheme( ) | Returns http:// or https:// |
avi.http.secure( ) | Returns on for https, nil for http |
avi.http.set_path( new_uri ) | Modify the path of a request |
avi.http.set_query( integer | string | table ) | Modify the query of a request |
avi.http.set_reqvar() | Sets (write) arbitrary data from an HTTP request event into a variable. These variables have scope across the HTTP_REQ and HTTP_RESP events. |
avi.http.set_response_body_buffer_size(size) | Sets the maximum response body to be buffered. |
avi.http.set_server_timeout( time ) | Set a custom timeout value for a particular request. |
avi.http.set_uri( new_uri ) | Change the URI |
avi.http.set_userid( ) | Sets the user ID for the session |
avi.http.status( ) | Returns status code to be sent to client |
avi.http.update_cookie() | Modify the existing cookie attributes value in the HTTP response. |
avi.http.disable_auth | Disables the client authentication |
Pool | |
avi.pool.get_server_status( pool, server, port ) | Returns the up/down status of the server |
avi.pool.get_servers( pool ) | Returns up and total server count |
avi.pool.get_active_server_list( pool ) | Returns the IP addresses of all active servers in a pool |
avi.pool.select( pool [, server [, port]] ) | Pick a specific pool |
avi.pool.server_ip( ) | Returns the IP of the selected server |
avi.pool.get_server_info() | Returns the IP address and port of the server |
avi.poolgroup.select( pool ) | Pick a specific pool group |
avi.pool.chash( string ) | Sets the string value that the consistent hash load-balancing algorithm hashes on to choose a server within the selected pool |
Groups | |
avi.ipgroup.contains( ipgroup, ip-address ) | Compare an IP address against IPs within an IP Group |
avi.stringgroup.beginswith( stringgroup, string ) | Compare a string against a list of strings within a string group |
avi.stringgroup.contains( stringgroup, string ) | Compare a string against a list of strings within a string group |
avi.stringgroup.equals( stringgroup, string ) | Compare a string against a list of strings within a string group |
avi.stringgroup.endswith( stringgroup, string ) | Compare a string against a list of strings within a string group |
SSL | |
avi.ssl.cipher( [true] ) | Return the SSL ciphers and settings |
avi.ssl.client_cert( [ [avi.CLIENT_CERT] [, avi.CLIENT_CERT_FINGERPRINT] [, avi.CLIENT_CERT_SUBJECT] [, avi.CLIENT_CERT_ISSUER] [, avi.CLIENT_CERT_SERIAL]] ) | Returns the client's certificate, or part of it |
avi.ssl.protocol( ) | Return the SSL version |
avi.ssl.server_name( ) | Return SNI name field |
avi.ssl.set_ssl_profile() | This API can be used to change the SSL profile to a different profile based on some factors like Client IP, TLS servername, and more |
avi.ssl.set_ssl_certificate | This API can be used to change the SSL key and certificate to a different object based on factors like Client IP, TLS servername, and more |
avi.ssl.set_pki_profile | This API can be used to change the PKI profile of the initial or the renegotiated TLS session based on factors like Client IP, TLS servername, HTTP host or URI etc. |
avi.ssl.renegotiate() | This API can be used to renegotiate TLS connection with the client after changing the PKI profile, mode and frequency based on factors like Client IP, TLS servername, HTTP host or URI and more |
avi.ssl.client_cert_verify_error() | This API is used to get the result of the client certificate authentication and CRL checks. |
avi.ssl.client_cert_verify_error_string() | This API accepts a verify error code and returns an error string associated with that error code |
avi.ssl.get_client_cert_verify_mode() | This API is used to get the client certificate authentication mode. |
avi.ssl.client_cert_verified() | This API is used to find out whether if client certificate verification is complete. |
avi.ssl.clear_client_cert_verify_error() | This API is used to clear SSL client certificate verification error on the TLS connection |
avi.ssl.log_client_cert_verify_error() | This API is used to log the client certificate authentication failure. The error is added to the application log as a significance. |
avi.ssl.remove_session() | This API is used to clear SSL session cache entry of the TLS connection |
Crypto | |
avi.crypto.decrypt( ciphertext, key [, iv [, algo]] ) | Decrypt content |
avi.crypto.encrypt( plaintext, key [, iv [, algo]] ) | Encrypt content |
Utilities | |
avi.utils.base64_decode( string ) | Decode content |
avi.utils.base64_encode( string ) | Encode content |
avi.utils.get_geo_from_ip (ip_string, [flag]) | Used to extract geolocation database information |
avi.utils.ip.addr (ipaddr, netmask) | Accepts an IP address and netmask and returns the network address |
avi.utils.murmur_hash ( string ) avi.utils.sha1_hash ( string ) avi.utils.md5_hash ( string ) |
Hash content |
avi.utils.rand_bytes( num_bytes ) | Generate cryptographically secure random bytes |
avi.utils.get_ip_reputation(ip_addr) | Used to check IP reputation of a given IP address |
Note: DataScripts can hash arbitrary data using one of three functions supporting their corresponding named hashing methods: MurmurHash, SHA-1, and MD5.
For more information, refer to DataScript: avi.utils.murmur_hash (), avi.utils.sha1_hash (), avi.utils.md5_hash ().
Document Revision History
Date | Change Summary |
---|---|
December 07, 2020 | Updated the content for avi.http.disable_auth(Version 20.1.3) |