Scrubbing F5 config for username configuration

Dear Community,

I have gotten a few requests recently to investigate the use of usernames "by the F5". One such request was for the repeated failed login attempts "by the F5" using a certain username "SYSTEM". The logs were showing the attempts coming from the F5 Self IP. However, when I scrubbed the F5 config for any configuration that uses the username "SYSTEM", it came up empty.

I had another request for us to investigate the F5's use of a certain service account user, we will call it "svc_storage". They wanted to change the password of this service account and reached out to me because "they saw the F5 was using this account". However, when I scrubbed the entire running config for the use of "svc_storage" again, it turned up nothing.

I have been using the TMSH: "show running-config | grep" command to search for any configuration of these users. Is there a better way to do it?

I am also noticing that this command doesnt seem to return any iApp configurations either. Does this require a separate CLI command?

I hope my questions make sense. Thank you.

application delivery

Forum Discussion

Scrubbing F5 config for username configuration

Recent Discussions

iRule for Content Security Policy

CPU data, control and analytics plane utilization

Scrubbing F5 config for username configuration

Study Guides for 101 Exam

OWSAP Top 10 protection

Related Content

Run Advanced Containers like OPSWAT Content Scrubbing Directly On F5 Distributed Cloud Nodes

Scrubbing away DDoS attacks

Multiple Ways to Configure Usage Reporting in NGINX

Social Security Number Scrubbing

Persist connection based on NTLM username

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS