Parameters to tcpdump are the same as any other Linux system. Because it's just a red-hat tcpdump at the base of it.
Normally I'd use something like
tcpdump -i -nn -e xx.xx.xx.xx and port 443
or similar.
However if your'e diagnosing SSL errors, then using ssldump may be of more use. ssldump accepts the same filter (The 'xx.xx.xx.xx and port 443' part) but you can give it the SSL certs being used at the server end (Which you have access to if you're running it on the same BigIP that's doing the SSL offloading) and then it will not only tell you the steps in the protocol, but will also decode any encrypted traffic as well.
There's an ssldump solution note available -> Overview of packet tracing with the ssldump utility