Forum Discussion
CirrusiRule to email when TLS version is chosen
Dear ,
Please check the below irule and user alert configuration to send email.
Below irule is to log the Client TLS Version :
Irule name : TLS_ver_email_irule
when CLIENTSSL_HANDSHAKE {
log local0.info " VIP -[IP::local_addr] client_connected_ver [SSL::cipher version]"
}
Edit the user alert configuration “/config/” to send the matched logs to email.
alert TLS "Rule /Common/TLS_ver_email_irule <CLIENTSSL_HANDSHAKE>: (.*) TLSv1.1" {
email toaddress=" kkk@abc.com"
fromaddress="@abc.com"
body="client connected using TLSv1.1"
}
Note: this match is based on irule name as well ,so be attention while creating the alerts in user configuration file, repeat the alert configuration for tslv1.0
Regards,
Karthick Yokesh K
CirrusThanks so much for the response...could you explain more about the user alert portion? I am working with a development F5 box, for testing. the user_alert.conf file was blank and there was no smtp servers setup. I have setup an smtp server within the gui and tested it out...I entered the alert information in the user_aler.conf and restarted alertd. I don't have any indication that any emails are being generated, I can see the entries in the ltm logs. I modified the ssmtp config per the post to allow for snmp trap alerts. Could you please offer any insights on how to troubleshoot?
Thanks,
Joe
CirrusI got it working...I had an extra space in the user_alert.conf file...
Thanks so much again...
Joe
