Tom_L
Sep 27, 2021Nimbostratus
Logging TLS traffic less than TLSv1.2
I want to implement an iRule that logs TLS traffic that is less than TLSv1.2. Need to identify less secure (source) traffic to understand what applications need to be updated to TLSv1.2.
The iRule below logs ALL TLS traffic, which is overwhelming. Only want to log the less secure TLS protocols only.
when HTTP_REQUEST {
log local0. "[virtual] [IP::client_addr] [SSL::cipher version] [HTTP::uri] [HTTP::host]"
}
Please let me know how I can accomplish this with an iRule.
Thanks
Tom L
Hi ,
this one works:
when HTTP_REQUEST { if {not (([SSL::cipher version] equals "TLSv1.2") or ([SSL::cipher version] equals "TLSv1.3"))} { log local0. "[virtual] [IP::client_addr] [SSL::cipher version] [HTTP::uri] [HTTP::host]" } }
KR
Daniel