Calculating HTTPS Payload in Splunk

Question

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;I have managed and configured F5 to send logs to splunk creating a pool specified with splunk IP and using an iRule in F5. Now I have no problem receiving HTTP payload traffic in splunk but when the client request comes via HTTPS request the payload is not displayed in splunk anymore. I want to know what steps&nbsp;should I take and what other iRules should I use.

jrahm · Answer

is the traffic that is arriving enrypted being decrypted or is that just a passthrough vip? More details would help us point you in a helpful direction.

amir-devops · Answer

Let me explain in this way, I have a website that is serving in HTTPS format. The traffic is arriving encrypted so to say. for testing environment I configured a FTP server without SSL certificate and I could receive the "bytes-out" and "bytes-in" in splunk with no problem, however when I receive the data from my website which is in HTTPS format none of the&nbsp;"bytes-out" and "bytes-in" fields are not shown in splunk. I have configured a Virtual Server with HTTPS which is a passthrough for HTTPS traffic.

amir-devops · Answer

I would appreciate if someone replies the solution&nbsp;🙏

Forum Discussion

Calculating HTTPS Payload in Splunk

3 Replies

Welcome! a la Communidad DevCentral LATAM de F5!

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

Recent Discussions

procedure power off viprion os 17.1.x

F5 Distributed Cloud Services Simulator Connect

Multiple Default Gateways

F5OS (r4800) web interface access issue

Delayed connection when traffic crosses router domains in F5 BIG-IP

Related Content

Setting up F5 Telemetry Streaming with Splunk Cloud

iRules Runtime Calculator Spreadsheet Generator

How I did it - "Visualizing Data with F5 TS and Splunk"

SSl TPS calculation

HTTP Payload Collection

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS