Forum Discussion
NimbostratusLog client IP with ssl handshake failure?
BIG-IP v12.1.2 (Build 1.0.271)
One of the new features is to automatically log SSL Handshake Failures, which sounded great.
When I tested it this was the entry made in /var/log/ltm:
Jul 31 08:32:39 tm2-ma-qaappsdmz warning tmm[17995]: 01260009:4: Connection error: ssl_hs_rxhello:7429: unsupported version (40)That is not particularly helpful because it doesn't tell me who is failing so I can contact them to upgrade their side, just that some client has failed.
Is there a way to enable, in the default logging of handshake failures, the client IP?
amintejCirrus
If you want to see source IP, you need to configure Info or Debug level for SSL. System > Logs > Configuration > SSL. Once it is enabled you will see a message similar to this in the ltm file:
SSL Handshake failed for TCP 192.168.174.16:49678 -> 192.168.33.72:443
After troubleshooting your problem, it is recommended disabled debug logging. Please check:https://support.f5.com/csp/article/K15292
ekaleido_26616Cirrocumulus
I had the same issue a while back and Support recommended changing my logging level to stop logging that message and said it was informational only and could be ignored otherwise.
ekaleidoI had the same issue a while back and Support recommended changing my logging level to stop logging that message and said it was informational only and could be ignored otherwise.
