Forum Discussion

Mark_Edwards_20's avatar
Mark_Edwards_20
Icon for Nimbostratus rankNimbostratus
Dec 12, 2012

HSL: Request Log Parameters - SSL Cipher and Version

Hello,

 

I am trying to replicate an apache request log with an HSL request profile on our LTM. I have come pretty close using the documentation, but have not been able to find the parameters for SSL Version and SSL Cipher Name. These can be captured using an iRule (SSL::Version and SSL::Cipher name). However, I prefer to do this without iRules, if possible. The documentation (http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-implementations-11-2-1/21.htmlunique_971487147) does not indicate that these parameters exist, but the documentation is itself inconsistent (under NCSA_COMBINED it mentions parameters not included in the table of supported paraemeters - these do work, so they clearly do exist). I have tried a variety of combinations but cannot get this information out of the LTM. Does anybody know if there are HSL request/response log parameters for SSL version and SSL cipher name? Better yet, does anybody know where on teh LTM all these usable parameters are defined (a .h file or something?) Thanks.

 

 

Mark

 

3 Replies

  • Hi Mark,

     

     

    Those are good questions. I'm not sure there's a complete definition of the available parameters on BIG-IP. I don't see any SSL variables for the request logging profile. I wonder (but hope it's not the case) that since the request logging profile is primarily for HTTP that maybe there aren't predefined variables for SSL-related parameters.

     

     

    Can you open a case with F5 Support to check on this and reply with the case number and/or result?

     

     

    I think the undefined references in NCSA_COMBINED are derived from the HTTP header name so ${user-agent} would get the equivalent value as [HTTP::header value "user-agent"].

     

     

    Thanks, Aaron
  • Aaron,

     

    Thanks - case number is 1-100343348. Will post again when I have more info.

     

     

    Mark

     

  • kevals's avatar
    kevals
    Icon for Nimbostratus rankNimbostratus

    Mark, I have the same problem Do you have more info from the F5 support?

     

    Best regards Slawek