unable to question about getting hsl data to be formatted properly in splunk

We're using the following i-rule to craft the data for sending it to the Splunk server:

when CLIENT_ACCEPTED {
    set client_address [IP::client_addr]
    set vip [IP::local_addr]
}
when HTTP_REQUEST {
    set http_host [HTTP::host]:[TCP::local_port]
    set http_uri [HTTP::uri]
    set http_url $http_host$http_uri
    set http_method [HTTP::method]
    set http_version [HTTP::version]
    set http_user_agent [HTTP::header "User-Agent"]
    set http_content_type [HTTP::header "Content-Type"]
    set http_referrer [HTTP::header "Referer"]
    set tcp_start_time [clock clicks -milliseconds]
    set req_start_time [clock format [clock seconds] -format "%Y/%m/%d %H:%M:%S"]
    set cookie [HTTP::cookie names]
    set user [HTTP::username]
    set virtual_server [LB::server]
      
    if { [HTTP::header Content-Length] > 0 } then {
        set req_length [HTTP::header "Content-Length"]
    } else {
        set req_length 0
    }
}
when HTTP_RESPONSE {
    set res_start_time [clock format [clock seconds] -format "%Y/%m/%d %H:%M:%S"]
    set node [IP::server_addr]
    set node_port [TCP::server_port]
    set http_status [HTTP::status]
    set req_elapsed_time [expr {[clock clicks -milliseconds] - $tcp_start_time}]
    if { [HTTP::header Content-Length] > 0 } then {
        set res_length [HTTP::header "Content-Length"]
    } else {
        set res_length 0
    }
    set hsl [HSL::open -proto UDP -pool splunk_hsl_pool]
    HSL::send $hsl "<190>,f5_irule=Splunk-iRule-HTTP,src_ip=$client_address,vip=$vip,http_method=$http_method,http_host=$http_host,http_uri=$http_uri,http_url=$http_url,http_version=$http_version,http_user_agent=\"$http_user_agent\",http_content_type=$http_content_type,http_referrer=\"$http_referrer\",req_start_time=$req_start_time,cookie=\"$cookie\",user=$user,virtual_server=\"$virtual_server\",bytes_in=$req_length,res_start_time=$res_start_time,node=$node,node_port=$node_port,http_status=$http_status,req_elapsed_time=$req_elapsed_time,bytes_out=$res_length\r\n"
}
when LB_FAILED {
    log local0. "f5_irule=Splunk-iRule-LB_FAILED,src_ip=$client_address,vip=$vip,http_method=$http_method,http_host=$http_host,http_uri=$http_uri,http_url=$http_url,http_version=$http_version,http_user_agent=\"$http_user_agent\",http_content_type=$http_content_type,http_referrer=\"$http_referrer\",req_start_time=$req_start_time,cookie=\"$cookie\",user=$user,virtual_server=\"$virtual_server\",bytes_in=$req_length"
}

We tested it by first sending the data locally and it's getting formatted OK, as per the following:

Dec 11 15:45:10 10.192.156.163 context_name="/Common/fwd_vs",dest_ip="192.168.36.45",dest_port="80",device_product="Advanced Firewall Module",device_vendor="F5",device_version="12.1.0.0.0.1690",errdefs_msgno="23003161", errdefs_msg_name="Firewall NAT",event_name="Session Start",ip_protocol="TCP",duration="",severity="7",route_domain="0",source_ip="10.10.10.168",source_port="33868",timestamp="Dec 11 2015 09:23:01",translated_dest_ip="192.168.36.45",translated_dest_port="80",translated_route_domain="0", translated_source_ip="10.192.156.163",translated_source_port="33868"
 

However, when we're sending it to the Splunk server, it's not interpreting the variables, just sending the text. For instance, the $client_address variable comes out as $client_address, not the value inside it.

Has anyone come across an issue like this and could shed the light on it?

Thanks.