Troubleshooting an SSL OFFLOAD http application

If the SSL-encrypted content is already decrypted on the F5 system via SSL Offload (client-SSL profile applied to the virtual server), you can apply an HTTP-type profile to the virtual server and use an iRule (or perhaps even a Local Traffic Policy) that triggers on the HTTP_REQUEST event to log any and all parts of the HTTP payload you want to see for troubleshooting purposes. As for where to write these messages, one option would be to use a high-speed logging (HSL) publisher specifically designed to receive these messages. The example below logs the entire HTTP payload (not including HTTP headers) locally to /var/log/ltm at the debug level. Viewing of debug level messages can be controlled via the Configuration utility (GUI) or TMSH.

when HTTP_REQUEST {
    # Change X.X.X.X to the IP address of your choice
    if { [IP::addr [IP::client_addr] equals "X.X.X.X"] } {
        log local0.debug "HTTP payload from [IP::client_addr] is [HTTP::payload]"
    }
}

 For a nice example of logging HTTP request and response headers, see the article entitled Log HTTP Headers by hoolio.