VMware 6V0-22.25 - VMware Avi Load 30.x Administrator

Avi Load Balancer supports client logging through Virtual Service analytics and client log filters. Client log filters are specifically designed to capture selected traffic, such as traffic from a chosen client IP address or matching log conditions. DataScripts can also write custom log data; VMware Avi DataScript documentation describes log-related functions and examples for creating local logs with custom data. HTTP policies can affect request and response processing and can be used with logging and analytics workflows. However, Custom Alert Config is for alert generation based on events or conditions; it is not a mechanism for creating custom client log entries. Therefore, the option that cannot be used to create custom client logs is Custom Alert Config .

The Basic Virtual Service creation wizard is intended for common application deployment and exposes only the most frequently required settings. Broadcom’s Avi documentation describes a Virtual Service as the application endpoint with an IP address, service ports, application type, pools, and related configuration. In the Basic wizard, administrators can choose the Application Type , such as HTTP, HTTPS, or other common application categories, while more detailed profile, policy, analytics, and log-throttle configuration is reserved for Advanced Setup or later editing. TCP/UDP profiles, HTTP Request Policies, and significant log throttle settings are advanced configuration items and are not the typical Basic wizard inputs. Therefore, the option available in Basic Virtual Service creation is Application Type .

In Avi Load Balancer architecture, the data plane is provided by Service Engines. Service Engines process application traffic, host Virtual Services, terminate client and server connections where appropriate, perform load balancing decisions, and execute pool health monitoring. The Controller is the centralized management, control, and analytics platform; it handles configuration, orchestration, lifecycle management, and log indexing. Configuration backups are also Controller administrative functions rather than Service Engine data-plane functions. Health monitoring must occur close to the traffic path because Service Engines need to know whether backend pool members are available before sending client requests to them. Therefore, among the listed options, Pool health monitoring is the function performed by the data plane.

Avi Load Balancer data-plane performance is provided by Service Engines, so scaling performance means increasing Service Engine processing capacity or distributing traffic across more Service Engines. Broadcom documentation for Autoscale Service Engines states that Avi supports three techniques to scale data-plane performance: vertical scaling of individual Service Engine performance, native horizontal scaling of Service Engines in a group, and ECMP horizontal scale-out. Increasing individual SE resources is vertical scaling. Native horizontal scale-out places a Virtual Service across multiple SEs using Avi’s native scale-out model. ECMP horizontal scale-out distributes traffic using equal-cost multipath routing. Increasing the maximum number of Service Engines only raises a limit; it does not itself scale active data-plane performance. Virtual Service priority affects placement decisions, not a direct scaling method.

The Pool > Server view is focused on backend server health and monitor-related visibility. From this location, Avi provides details about the selected pool member, including active and passive health monitor information, server health state, and health-check performance indicators such as monitor success and response timing. These details help administrators understand why a pool member is up, down, or degraded. Client response success percentage , however, is a Virtual Service or application traffic analytics metric, not a server health-monitor drill-down item. Client response success is based on application transactions between clients, the Service Engine, and backend servers, and is normally reviewed through Virtual Service analytics or logs rather than the Pool > Server health-monitor details. Therefore, the item not available from that server drill-down is Client response success percentage .

The Virtual Service Analytics page provides different graph categories for traffic, connection, timing, and error visibility. VMware Avi documentation states that the Requests chart shows the number of responses to requests per second and breaks down successful requests versus errors, including 4xx and 5xx errors. This makes the Requests graph the appropriate place to view the rate of HTTP 5xx errors for a Virtual Service. The Conns graph is focused on connection counts and rates, while End-to-End Timing shows timing components such as client RTT, server RTT, application response, and data transfer. “HTTP Errors” may sound plausible, but in the Avi Virtual Service Analytics graph naming described here, 5xx rate visibility is included under Requests.

Avi supports several persistence methods, and some require persistence tables stored in Service Engine memory. Client IP persistence uses a persistence table that maps client addresses to selected backend servers, which consumes Service Engine memory. TLS persistence also relies on state associated with TLS session behavior. App Cookie Persistence depends on application cookies and persistence handling that Avi must interpret or track. HTTP Cookie Persistence , however, is different because Avi can insert or use a cookie value that identifies the selected server, allowing the client to carry the persistence information in subsequent requests. This avoids maintaining the same kind of server-side persistence table in Service Engine memory. Therefore, the persistence type that does not consume Service Engine memory is HTTP Cookie Persistence .

WAF-related application traffic events are exposed through Virtual Service logs. In Avi Load Balancer, client application logs provide per-request visibility, including security-relevant events and WAF match details when WAF is enabled. The Logs tab on the Virtual Service detail screen is the operational location used to inspect these request-level entries. Alerts are used for alert conditions and system events, not for viewing each application traffic log. Analytics provides charts and performance summaries, while the Security tab is used for configuration or summarized security context depending on the UI view. Because the question asks where WAF-specific application traffic log messages are found for a Virtual Service, the correct operational location is the Logs tab of the Virtual Service detail screen.

VMware Avi Load Balancer supports HTTP-to-HTTPS redirection in more than one way. The HTTP application profile can perform a general HTTP-to-HTTPS redirect, but an HTTP Policy provides more granular control because policies can match on specific conditions and then apply actions. Avi documentation states that Virtual Service policies are more specific than general-purpose profiles and that policy rules take precedence over profile behavior. This makes HTTP Policy redirection more flexible than using only the HTTP profile, because administrators can build conditional redirect logic based on host, path, headers, or other HTTP match criteria. It is not incompatible with WAF, and it is not described as less efficient than DataScript for this purpose.