How can I find the unknown methods in F5 logs

Maybe you should try explaining your query bit more.

Exchange Server 2016 co-existence with Exchange 2010 published on F5 sends "Bad Request" response to F5 client requests due to unknown http method.

Once I change HTTP profile to allow Unknown HTTP method, users are able to access Outlook published on F5.

However I could not find out which HTTP method is unknown to F5, how to identify that F5 receives a client request that contains unknown Method.

I enabled logging and pasted the logs below.

From these logs, how do you find out how F5 handles unknown method?

: ============================================= : Client 17.20.6.22:52646 -> mail.laundrydesk.com/ews/exchange.asmx (request) : Cache-Control: no-cache : Connection: Keep-Alive : Pragma: no-cache : Content-Type: text/xml; charset=utf-8 : Cookie: OutlookSession="{80F3696D-4CCD-40B7-94BB-13977AC30C05}" : User-Agent: Microsoft Office/15.0 (Windows NT 10.0; Microsoft Outlook 15.0.4787; Pro) : X-User-Identity: sales@laundrydesk.com : Depth: 0 : Content-Length: 468 : Host: mail.laundrydesk.com : Authorization: Negotiate TlRMTVNTUAADAAAAGAAYAJYAAABSAVIBrgAV8lG6 : X-Forwarded-For: 17.20.6.22 : ============================================= : ============================================= : Client 17.20.6.22:52289 -> mail.laundrydesk.com/ews/exchange.asmx (response) - status: 400 : Cache-Control: private : Content-Type: text/html; charset=utf-8 : Server: Microsoft-IIS/10.0 : request-id: 068ffd46-ae13-4cb1-b41a-62d71e0de41a : X-CalculatedBETarget: ldhubcas3.laundrydesk.com : X-AspNet-Version: 4.0.30319 : Persistent-Auth: true : X-Powered-By: ASP.NET : X-FEServer: LDEX02 : Date: Thu, 27 Dec 2018 09:43:18 GMT : Content-Length: 48 : =============================================

I think the only way to find it out is to capture the data between F5 and the real servers using wireshark and analyse them.Do update with your findings, cheers.