Encrypt HSL traffic

Question

Are there any methods to encrypt High Speed Logging (HSL) traffic sent to a remote host? An SSH tunnel from the BIG-IP doesn't seem possible since the management GUI disallows a pool member assigned to a self-ip address.

what_lies_bene1 · Answer

There's no built-in HSL encryption supported but you could use an iRule to encrypt the log data and something on the server side to decrypt it (although I've no idea what).

hooleylist · Answer

It's a bit roundabout, but... 
&nbsp;  
&nbsp; You could target a pool containing the IP:port of a virtual server.  On that VS, you could configure a server SSL profile and a pool containing a syslog server IP:port that accepts SSL encrypted syslog. 
&nbsp;  
&nbsp; Aaron

randy_abrams · Answer

OK. Thanks

Forum Discussion

Encrypt HSL traffic

3 Replies

Recent Discussions

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

Related Content

Let's Encrypt

Automate Let's Encrypt Certificates on BIG-IP

Encrypting Cookies

Use Kubernetes Cert-Manager to Maintain Let's Encrypt Certificates

HSL logging fully asycnronous? Using HSL::send via iRule - will it pause http processing of request?