Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Performance Logging iRule (Rule_http_log)

Problem this snippet solves: Here's a logging iRule. You'll need a HSL syslog pool to log too. Various bits gathered from other posts on DevCentral. Sharing in case there is interest. Make sure you...
Updated May 10, 2022
big-ip
debugging
devops
irules
logging
reporting
TimRiker's avatar
TimRiker
Icon for Cirrocumulus rankCirrocumulus
May 12, 2020

What BIG-IP version are you using? I've tested from 11.x up through 14.x so far.

 

Note: if you reference HTTP2::version then you can ONLY apply the rule to VIPS with http2 enabled. I want to use the same iRule on any http vip whether it has compression, client / server encryption enabled, http2 enabled. ipv6 listen address, etc. I would prefer to be able to apply the rule to Layer 4 vips too, but I currently maintain 2 versions of the script. One for http vips and one for l4 vips.

 

The point is that when an http2 request is made, HTTP::version reports an incorrect version. This is clearly a bug. It's incorrect information.