Inspecting HTTPS traffic via SWG and iRules not SSL profiles

Hello

Our F5 is used as an application proxy. Clients connect to 8080 and F5 inspects the URLs via APM/SWG

All good for HTTP traffic, but we are unable to get HTTPs inspection/blocks to work.

Some applications cannot be decrypted due to security requirements.

Is is possible to use an iRule to inspect the virtual server (8080) traffic - it is clearly seen that client request some secure URLs via CONNECT host:port

The idea is for iRule to get URL from the CONNECT and compare it to the inspection policies. Can this be done?