SSL logging impact on f5?

Hi,

An iRule which logs SSL handshake details to a Remote Syslog server (HSL) would not be a problem. Test in QA first and after a successful test in QA, proceed to PROD by progressively enabling it on more Virtual Servers (don't have to implement for all services at once).

• When using an iRule logging solution, try to avoid on-appliance logging if possible (i.e. /var/log/ltm or /var/log/user.notice). If you need a permanent solution, go for remote logging (HSL).
• If you were thinking about SSL Debug as your logging solution (

  tmsh modify /sys db log.ssl.level value Debug

  ), I would not recommend that as your permanent SSL logging solution since it does not qualify for one. Any built-in debug commands are meant to be used for short-term to troubleshooting on-going incidents or problems.