Forum Discussion
Finding all virtual servers with "log all traffic" policy applied via API
Hello,
I am trying to locate virtual server configs in my F5 environment that are configured to log all traffic requests. Obviously, this has a detrimental impact to F5 logging performance. Is there a way to use the TMSH shell or REST API to interrogate the F5 appliance via a script and get a listing of all virtuals that use a "log all traffic" policy so I can change the policy and give our logging servers a bit of respite?
Thank you,
Kyle
- AubreyKingF5Moderator
tmsh list ltm virtual one-line | egrep 'og.all.traffic'
Give that a shot?
- JRahmAdmin
Hi kyle_martin_evop,
AubreyKingF5's solution will work with a slight modification:
tmsh list ltm virtual one-line | egrep -i 'log.all.requests' | awk '{ print $3 }'
You could run bash via iControl rest against all your BIG-IPs to get this output.
but you can also do this natively via iControl REST against the virtual endpoint:
#### # GET request to -> https://ltm15/mgmt/tm/ltm/virtual?$select=name,securityLogProfiles, #### # RESULT: { "kind": "tm:ltm:virtual:virtualcollectionstate", "selfLink": "https://localhost/mgmt/tm/ltm/virtual?$select=name%2CsecurityLogProfiles%2C&ver=15.1.8.1", "items": [ { "name": "nginx-vip-tls", "securityLogProfiles": [ "\"/Common/Log all requests\"" ], "securityLogProfilesReference": [ { "link": "https://localhost/mgmt/tm/security/log/profile/~Common~Log%20all%20requests?ver=15.1.8.1" } ] }, { "name": "testapp-vip" }, { "name": "testappssl-vip" } ] }
You can then parse this on the client side to cut down to match only the virtual servers with the matching condition.
- JRahmAdmin
Whipped up a sample python script using the bigrest module to iterate through multiple hosts and virtuals...only tested against my one host and virtual, but should be a start as an idea of what you can do:
from bigrest.bigip import BIGIP with open('hosts.txt', 'r') as hostfile: hosts = [line.strip() for line in hostfile] for host in hosts: b = BIGIP(host, 'admin', 'admin', session_verify=False) try: vips = b.load('/mgmt/tm/ltm/virtual') for vip in vips: if 'securityLogProfiles' in vip.properties.keys(): if '"/Common/Log all requests"' in vip.properties.get('securityLogProfiles'): print(f'Host: {host}, Virtual: {vip.properties.get("name")}') except Exception as e: print(e)
When run:
python logallrequests.py Host: 172.16.2.115, Virtual: nginx-vip-tls
hosts file is just a text file with a single host per line...
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com