Forum Discussion

Amir-DevOps's avatar
Icon for Nimbostratus rankNimbostratus
Sep 13, 2022

Calculating HTTPS Payload in Splunk







I have managed and configured F5 to send logs to splunk creating a pool specified with splunk IP and using an iRule in F5. Now I have no problem receiving HTTP payload traffic in splunk but when the client request comes via HTTPS request the payload is not displayed in splunk anymore. I want to know what steps should I take and what other iRules should I use.

3 Replies

  • is the traffic that is arriving enrypted being decrypted or is that just a passthrough vip? More details would help us point you in a helpful direction.

  • Let me explain in this way, I have a website that is serving in HTTPS format. The traffic is arriving encrypted so to say. for testing environment I configured a FTP server without SSL certificate and I could receive the "bytes-out" and "bytes-in" in splunk with no problem, however when I receive the data from my website which is in HTTPS format none of the "bytes-out" and "bytes-in" fields are not shown in splunk. I have configured a Virtual Server with HTTPS which is a passthrough for HTTPS traffic.