Forum Discussion

Nimbostratus

Oct 18, 2017

Cipher Logging iRule

Hi folks, I'm currently using an iRule to log cipher usage. It works great. However, I need to modify to include the Virtual Server name in the log entry. Here's what I've been using: when HTTP_R...

Nimbostratus

Oct 20, 2017

It looks fine to me,

I have a similar rule which logs when the SSL handshake takes place:

when CLIENTSSL_HANDSHAKE {
    log local0.info "virtual=[virtual name], src_ip=[IP::client_addr], ssl_cipher=[SSL::cipher name], ssl_protocol=[SSL::cipher version], ssl_bits=[SSL::cipher bits]"
}

Starting in version 11. A virtual consists of the partition and the virtual-name, f.i.

/Common/test

using the following command you can get the virtual name without the partition:

set env_vserver [getfield [virtual] "/" 3]

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Cipher Logging iRule

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Managing iRules configuration

CPU load when Prometheus is scraping metrics from F5 BIG-IP LTM

[ASM] - How to disable the SQL injection attack signatures

Illigal Parameter addition as custom signature set wanted to Unblock

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

Related Content

Performance Logging iRule (Rule_http_log)

Cipher Suite Practices and Pitfalls

Logging/Blocking possible prompt injection

Getting Started with iRules: Logging & Comments

Forwarding Logs to SIEM Tools via HTTP Proxy for F5 Distributed Cloud Global Log Receiver

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS