Forum Discussion

Nimbostratus

Jan 18, 2021

BIG-IP 13.X - Connections per Cipher String

I'm tasked with identifying how many connections we have on TLS 1.0 vs 1.1 vs 1.2 and we are running BIG-IP 13.X We are looking to phase out TLS 1.0 and 1.1 - but we want to find out how many con...

MVP

Jan 19, 2021

For sure there is more than one solution for this. You could simply log to /var/log/ltm with an iRule

when HTTP_REQUEST {
    log local0. "TLS Logging - Client: [IP::client_addr] Server: [virtual name] Cipher: [SSL::cipher version]" }

And since logging locally is not a great idea.... You could also use HSL, Splunk in my example, for remote logging:

when CLIENT_ACCEPTED {
    set hsl [HSL::open -publisher /Common/splunk]
}
 
when HTTP_REQUEST {
    HSL::send $hsl "TLS Logging - Client: [IP::client_addr] Server: [virtual name] Cipher: [SSL::cipher version]"    
}

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

BIG-IP 13.X - Connections per Cipher String

F5 Academies Are Back – And We’re Coming to a City Near You

Introducing the F5 Application Study Tool (AST)

Recent Discussions

About F5 idle timeout and keep-alive

Problem with sending BotDefense logs to remote server

OSPF traps on BIG-IP v14

[APM] - How to clear the cached certificate for specific url

Fireeye AX integration with F5 via API.

Related Content

BIG-IP Telemetry Streaming to Azure

BIG-IP connection mirroring in public cloud doesn't work, but why?

Getting Started with BIG-IP Next: Fundamentals

Decrypting BIG-IP Packet Captures without iRules

Decrypting BIG-IP Packet Captures Automatically

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS