Forum Discussion
How do I decrypt pcaps from the selfIP to Pool members for health monitor traffic?
I can apply and irule and decrypt pcaps for a conversation with a cleint to virtual server and the server-side, but cannot find any documentation on how to get the Pre Master Secret keys for a health monitor conversation.
I am not aware of any way but maybe you could enable logging under a pool member and see what you want?
My TLS decrypt script should also decrypt monitor traffic.
https://community.f5.com/t5/codeshare/decrypting-tls-with-the-tcpdump-sslprovider/ta-p/298680
- K2Nimbostratus
I'm running V14.1.5.1, so to the best of my knowledge "sys db tcpdump.sslprovider" is not available. thanks anyway.
K2Your best bet is to capture the traffic and save it to a file using the following link.
https://support.f5.com/csp/article/K411
Once you have the file saved then transfer it to your PC/laptop/server and decrypt the traffic using wireshark and the following link.
https://unit42.paloaltonetworks.com/wireshark-tutorial-decrypting-https-traffic/
I don't believe you can really do this any other way that is clean.
In general good information, but the question is here how to get that key log file information. For a health monitor you don't really seem to have a way.
You can just do curl with the same content. Else perhaps have a look at the server logs?
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com