Forum Discussion

MVP

Aug 13, 2025

Solved

Is it possible to properly log protobuf?

I'm currently receiving decoded traffic in span mode.
However, content-type: application/proto is not logged properly.
Is there a way to resolve this issue?

when HTTP_REQUEST {
    # Check for Protobuf content-type
    if {[HTTP::header "Content-Type"] contains "application/proto"} {
        # Collect the payload (up to 1MB; adjust size if needed, but beware of performance impact)
        HTTP::collect [HTTP::header "Content-Length"]
    }
}

when HTTP_REQUEST_DATA {
    # Convert binary payload to hex for logging
    set payload [HTTP::payload]
    binary scan $payload H* hex_payload
    log local0. "Protobuf Payload (Hex): $hex_payload | Client IP: [IP::client_addr] | URI: [HTTP::uri]"
    
    # Optional: Release the payload to continue processing
    HTTP::release
}

Hello,

You would need to have the traffic sent through a VIP to apply an irule that could potentially do some conversion etc.. I have not tested this so please do this in a non-prod environment! I highly recommend checking out our F5 AI Assistant Introduces iRules Code Generation for BIG-IP | F5 !

4 Replies

Jeffrey_Granier
Employee
Aug 14, 2025
when HTTP_REQUEST { # Check for Protobuf content-type if {[HTTP::header "Content-Type"] contains "application/proto"} { # Collect the payload (up to 1MB; adjust size if needed, but beware of performance impact) HTTP::collect [HTTP::header "Content-Length"] } } when HTTP_REQUEST_DATA { # Convert binary payload to hex for logging set payload [HTTP::payload] binary scan $payload H* hex_payload log local0. "Protobuf Payload (Hex): $hex_payload | Client IP: [IP::client_addr] | URI: [HTTP::uri]" # Optional: Release the payload to continue processing HTTP::release }

Hello,

You would need to have the traffic sent through a VIP to apply an irule that could potentially do some conversion etc.. I have not tested this so please do this in a non-prod environment! I highly recommend checking out our F5 AI Assistant Introduces iRules Code Generation for BIG-IP | F5 !
- neeeewbie
  MVP
  Aug 19, 2025
  How can I use this AI assistant?
  Is it free?
  - Jeffrey_Granier
    Employee
    Aug 19, 2025
    Its best to reach out to your F5 Account Team/SE on getting AI assistant setup, its currently free 😀 You can also paste in previous iRules and ask the assistant to explain its functions, very helpful when taking over iRules that others have written
neeeewbie
MVP
Aug 18, 2025
Thank you for sharing your knowledge.
I checked this iRule. To reduce errors, check the Content-Length before using HTTP::collect.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Is it possible to properly log protobuf?

4 Replies

Security Best Practices for F5 Products

F5 AppWorld 2026 Registration - early bird pricing.

Kostas Injeyan - October 2025 Featured Member

Recent Discussions

Need Advice on below issue

SSO login for APM Profiles

Virtual Server Configuration requirements for ISO 8583 traffic (Single persistent TCP session)

threat hunting guide

Webtop which has VNC for macos users

Related Content

Sync-failover group doesn't sync properly

TCL Error possibly causing TCP Resets?

iRule [string range...] not chunking data properly

Protobuf support in ASM

Modify vCMP-Guest with ansible not possible?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS