Forum Discussion

slashlinux's avatar
slashlinux
Icon for Nimbostratus rankNimbostratus
May 18, 2021

ltmClientSslStatActiveHandshakeRejected for each ssl profile

Hi team,   I have a question/problem. In the company where I work as Devops we have several bigip instances with 6 SSL profile and each is limited depending on connection / sessions and sometimes...
BIG-IP
cloud
devops
TMSH
Dario_Garrido's avatar
Dario_Garrido
Icon for MVP rankMVP
May 18, 2021

Hello SlashLinux.

You could collect SSL Handshakes info from your TMSH stats.

root@(bigip)(cfg-sync Standalone)(Active)(/Common)(tmos)# show ltm profile client-ssl CSSL_profile | grep shake
Certificates/Handshakes
  Mid-Connection Handshakes                                         0
  Secure Handshakes                                                 0
  Current Active Handshakes                                         0
  Insecure Handshakes Accepted                                      0
  Insecure Handshakes Rejected                                      0
  Extended Master Secret Handshakes                                 0
  Handshake Failures                                                0
  Active Handshakes Rejected                                        0
  Bypasses By Handshake Alert                                       0
  Verified Handshake Count                                          0
  Connection mirror handshake success                               0

After that, you could create a Custom MIB using this:

https://support.f5.com/csp/article/K13596

Regards,

Dario.