Forum Discussion

Nimbostratus

Nov 19, 2015

SSL Cipher (reporting, graphing, logging)

We are in the process of disabling weaker Cipher strengths on our https servers, I wondered if anyone has any experience of getting the F5 to log and report on the Cipher strength that each browser s...

Nimbostratus

Nov 19, 2015

I have a slightly more verbose iRule for this.

when HTTP_REQUEST {

    if { [info exists logged] && $logged == 1 }{
         Do nothing. Already logged for this connection
    } else {
        set logged 1
        log "Rule CIPHER_logging fired, from [IP::remote_addr] to vip [IP::local_addr] Cipher [SSL::cipher name]:[SSL::cipher version]:[SSL::cipher bits] Client:[HTTP::header "User-Agent"]:[HTTP::host]"
    }
}

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)