LTM log filled with /Common/_sys_APM_Exchange <http_request> - Illegal argument (line 1) invoked from within "HTTP::username&q

This happens when a client is sending an invalid HTTP Authorization header. It seems to happen sometimes with some versions of IOS for iPhones, etc. _sys_APM_Exchange is an internal (built-in) irule, along with the other _sys irules. The Exchange one is used to handle Exchange clients.

It can be safely ignored. If you'd like to get to the bottom of it, you can perform packet capture decryption to see what the actual contents of the authorization header is, or perhaps add another irule to just log all of the authorization headers sent from clients and their IP address. Note that this data will contain usernames and passwords, so must be protected.