Forum Discussion
4 Replies
Sort By
- Srini_87152Cirrostratus
Hi,
you can refer client ssl statistics via tmsh or gui..
tmsh show ltm profile client-ssl < client ssl profile name>
Thx
Srini
i don't believe there is anything built in that will give you both the protocol version and the sources in one nice report. you will have to do some work yourself to make that happen.
- Srini_87152Cirrostratus
Thats right, we cant see source IPs commign on which version but stats will give ovarall communnication of the vip which its talking.
Thx
Srini
- nitassEmployee
I know that we can use irule to log live requests protocol version but that would not give me the stats in a correct report format.
is istats applicable?
Introduction to iStats Part 1: Overview by Colin Walker
https://devcentral.f5.com/articles/introduction-to-istats-part-1-overviewe.g.
// config root@(ve13a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual bar ltm virtual bar { destination 172.28.24.10:443 ip-protocol tcp mask 255.255.255.255 pool foo profiles { clientssl { context clientside } tcp { } } rules { qux } source 0.0.0.0/0 source-address-translation { type automap } translate-address enabled translate-port enabled vs-index 7 } root@(ve13a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule qux ltm rule qux { when CLIENTSSL_HANDSHAKE { ISTATS::incr "ltm.virtual [virtual name] counter [SSL::cipher version]:[IP::client_addr]" 1 } } // stats [root@ve13a:Active:In Sync] config tmsh show ltm virtual bar |awk '/User-defined/,0' User-defined Value tlsv1_172_28_24_1 1 tlsv1_2_172_28_24_1 1