Forum Discussion
NimbostratusLog client IP with ssl handshake failure?
BIG-IP v12.1.2 (Build 1.0.271)
One of the new features is to automatically log SSL Handshake Failures, which sounded great.
When I tested it this was the entry made in /var/log/ltm:
Jul 31 08:32:39 tm2-ma-qaappsdmz warning tmm[17995]: 01260009:4: Connection error: ssl_hs_rxhello:7429: unsupported version (40)That is not particularly helpful because it doesn't tell me who is failing so I can contact them to upgrade their side, just that some client has failed.
Is there a way to enable, in the default logging of handshake failures, the client IP?
7 Replies
amintejCirrus
If you want to see source IP, you need to configure Info or Debug level for SSL. System > Logs > Configuration > SSL. Once it is enabled you will see a message similar to this in the ltm file:
SSL Handshake failed for TCP 192.168.174.16:49678 -> 192.168.33.72:443
After troubleshooting your problem, it is recommended disabled debug logging. Please check:https://support.f5.com/csp/article/K15292
ekaleido_26616Cirrocumulus
I had the same issue a while back and Support recommended changing my logging level to stop logging that message and said it was informational only and could be ignored otherwise.
ekaleidoI had the same issue a while back and Support recommended changing my logging level to stop logging that message and said it was informational only and could be ignored otherwise.
