Hello,
You can use that code:
when HTTP_REQUEST {
if {[SSL::cipher version] equals "TLSv1"} {
set hsl [HSL::open -proto UDP -pool syslog_server_pool]
set time [clock format [clock seconds] -format "%d/%b/%Y:%H:%M:%S %Z"]
HSL::send $hsl "<190> TLSv1 Request Detected: Time = $time, Client IP:Port = [IP::client_addr]:[TCP::client_port], F5 VIP:Port = [clientside {IP::local_addr}]:[clientside {TCP::local_port}]"
}
}
You will need to create a pool with name "syslog_server_pool" and add your remote log server. You can change the pool name of course but it should be the same as in the iRule.
The output should looks like that:
Msg: TLSv1 Request Detected: Time = 06/Jun/2017:19:08:05 EEST, Client IP:Port = 10.10.10.100:58978, F5 VIP:Port = 10.10.10.20:443