The most concise resource for tcpdump might be: http://www.tcpdump.org/tcpdump_man.html, or simply "man" the BIG-IP command line:
man tcpdump
But to troubleshoot SSL-related errors, you'd probably be better off with ssldump. The syntax is similar but not quite the same as tcpdump. And you can find syntax information here: http://ssldump.sourceforge.net/ssldump-man.html, or again man it from the BIG-IP command line:
man ssldump
But to answer your question more directly, here's an example of a common ssldump command line:
ssldump -AdNn -i [VLAN] port 443 [and any additional filters]
where:
-A means to print all record fields
-d means to display the application data traffic
-N means to attempt to parse ASN.1 when it appears
-n means to NOT not try to resolve host names (like -n in tcpdump)
-i means the interface or VLAN to listen on (like -i in tcpdump)
"port 443" is the first display filter. ssldump seems to need at least one display filter.
[any additional filters] is any additional tcpdump-style capture filters that you might want to use.