Forum Discussion

Nimbostratus

Sep 27, 2021

Logging TLS traffic less than TLSv1.2

I want to implement an iRule that logs TLS traffic that is less than TLSv1.2. Need to identify less secure (source) traffic to understand what applications need to be updated to TLSv1.2. The ...

Sep 27, 2021

Hi ,

this one works:

when HTTP_REQUEST {
    if {not (([SSL::cipher version] equals "TLSv1.2") or ([SSL::cipher version] equals "TLSv1.3"))} {
        log local0. "[virtual] [IP::client_addr] [SSL::cipher version] [HTTP::uri] [HTTP::host]"
    }
}

Daniel

Daniel_Wolf

MVP

Sep 27, 2021

Hi ,

this one works:

when HTTP_REQUEST {
    if {not (([SSL::cipher version] equals "TLSv1.2") or ([SSL::cipher version] equals "TLSv1.3"))} {
        log local0. "[virtual] [IP::client_addr] [SSL::cipher version] [HTTP::uri] [HTTP::host]"
    }
}

Daniel

Tom_L
Nimbostratus
Sep 27, 2021
Thanks Daniel. I really appreciate it. I'm going to test it out tonight.

Tom L
Tom_L
Nimbostratus
Sep 28, 2021
The iRule worked perfectly. Thank you Daniel.

Tom L

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Logging TLS traffic less than TLSv1.2

Recent Discussions

BigIP LTM update from v16 to v17

Troubleshooting SSL Connections

DEVICE-0202 Error while adding rSeries as a provider in CM

Reclaim disk space for BIG-IP tenants running on rSeries systems

Unable to get Internet in server using SWG forward Proxy.

Related Content

fellow traffic

Reminder: MFA now required to log in to DevCentral

ASM logs

How I did it - "Remote Logging with the F5 XC Global Log Receiver and Elastic"

Traffic Intelligence in AFM through Categories

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS