Forum Discussion

Fallout1984's avatar
Fallout1984
Icon for Cirrocumulus rankCirrocumulus
Oct 01, 2021

Is it possible to display the session IDs associated with a particular user name via TMSH?

I question's come up regarding the ability to delete any active VPN sessions for a particular user name as part of off-boarding (for example, an employee quits, is fired, etc). I see how to display the list of sessions in TMSH, but not how to display by user name. The idea is to do the session purging via a script, which is fine provided one knows which session(s) to delete.

 

Thanks!

application delivery
BIG-IP Access Policy Manager (APM)
TMSH
  • Daniel_Wolf's avatar
    Daniel_Wolf
    Oct 01, 2021

    Better:

    [root@bigip01:Active:Standalone] config # sessiondump --allkeys | grep 'session\.logon\.last\.username' | grep john.doe | awk -F'.' '{print $1}'
b24a3ae7

    -F'.' will set the delimeter to .

    {print $1} will only show the first block until the delimeter of the returned output

  • Daniel_Wolf's avatar
    Daniel_Wolf
    Icon for MVP rankMVP
    Oct 01, 2021

    Hi ,

    are you lookig for this command:

    [root@bigip01:Active:Standalone] config # sessiondump --allkeys | grep 'session\.logon\.last\.username' | grep john.doe
b24a3ae7.session.logon.last.username 6 john.doe

    First 8 characters are the session ID you are looking for.

    KR

    Daniel 

    • Daniel_Wolf's avatar
      Daniel_Wolf
      Icon for MVP rankMVP
      Oct 01, 2021

      Better:

      [root@bigip01:Active:Standalone] config # sessiondump --allkeys | grep 'session\.logon\.last\.username' | grep john.doe | awk -F'.' '{print $1}'
b24a3ae7

      -F'.' will set the delimeter to .

      {print $1} will only show the first block until the delimeter of the returned output