Forum Discussion
aj1
Nimbostratus
Nimbostratustmsh show /sys connection cs-client-addr x.x.x.x using iControl REST
Been going through the iControl REST reference and it appears appending
statstmsh show ...tmsh show /sys connectionstmsh list ...I would also like to trim that down (Since this is going to be a high load system) using
cs-client-addrget_active_connection_v2{
"apiRawValues": {
"apiAnonymous": "Sys::Connections\n10.0.0.3:37843 10.0.0.2:179 10.0.0.3:37843 10.0.0.2:179 tcp 5 (slot/tmm: 1/0) none\n10.0.1.3:57092 10.0.1.2:179 10.0.1.3:57092 10.0.1.2:179 tcp 6 (slot/tmm: 1/3) none\n10.0.2.5:37506 10.0.2.4:179 10.0.2.5:37506 10.0.2.4:179 tcp 9 (slot/tmm: 1/1) none\n10.0.3.3:48427 10.0.3.2:179 10.0.3.3:48427 10.0.3.2:179 tcp 5 (slot/tmm: 1/0) none\n10.0.4.5:56145 10.0.4.32:53 10.0.4.5:56145 10.0.4.32:53 udp 0 (slot/tmm: 1/0) none\nTotal records returned: 6\n"
},
"kind": "tm:sys:connection:connectionstats",
"selfLink": "https://localhost/mgmt/tm/sys/connection/stats?ver=11.6.0"
}
Thanks in advance!
10 Replies
mbbusby_59444I am looking for a response to this too. F5?
- Kevin_Stewart
Employee
Try this:
curl -sk -u 'admin:admin' -H "Content-Type: application/json" -X GET "https://x.x.x.x/mgmt/tm/sys/connection?options=ss-client-addr+192.168.6.100&ss-clint-port+33761" |perl -pe 's/\\n/,\n/g' 
aj1Thank you Kevin. That worked like a charm. What would be the best way to parse the response table in
to display the inside address for the outside address sent in the request (that isapiAnonymous
). In the below output, I'd like to get the inside IPcs-server-addr
.172.25.52.251%4$ curl -sk -u "admin:admin" -H "Content-Type: application/json" -X GET "https://x.x.x.x/mgmt/tm/sys/connection?options=ss-client-addr+197.72.208.78" | perl -pe 's/\\n/,\n/g' {"kind":"tm:sys:connection:connectionstats","selfLink":"https://localhost/mgmt/tm/sys/connection?options=ss-client-addr+197.72.208.78&ver=11.6.0","apiRawValues":{"apiAnonymous":"Sys::Connections, 172.25.52.251%4:41334 69.28.57.177%4:10086 197.72.208.78:1142 69.28.57.177:10086 tcp 499 (slot/tmm: 1/0) none, 172.25.52.251%4:60179 193.235.206.82%4:4070 197.72.208.78:1043 193.235.206.82:4070 tcp 47 (slot/tmm: 1/0) none, Total records returned: 2, "}}- Kevin_Stewart
Okay, so you're output should look like this, yes?
{"kind":"tm:sys:connection:connectionstats","selfLink":"https://localhost/mgmt/tm/sys/connection?options=ss-client-addr+197.72.208.78&ver=11.6.0","apiRawValues":{"apiAnonymous":"Sys::Connections, 172.25.52.251%4:41334 69.28.57.177%4:10086 197.72.208.78:1142 69.28.57.177:10086 tcp 499 (slot/tmm: 1/0) none, 172.25.52.251%4:60179 193.235.206.82%4:4070 197.72.208.78:1043 193.235.206.82:4070 tcp 47 (slot/tmm: 1/0) none, Total records returned: 2, "}}If so, are you just looking for the first address?
- aj1
Yes Kevin, that is what my o/p looks like. Just want it to be cleaner at this point, by extracting the first address and displaying only that. I'm using python and the
lib for GET(ting) the data, and currently, I can see a fraction of the connection table for that outside ip (requests
). Thanks.cs-server-addr>>> import requests >>> print connTable['apiRawValues']['apiAnonymous'] Sys::Connections 172.25.52.251%4:41334 69.28.57.177%4:10086 197.72.208.78:1142 69.28.57.177:10086 tcp 499 (slot/tmm: 1/0) none 172.25.52.251%4:60179 193.235.206.82%4:4070 197.72.208.78:1043 193.235.206.82:4070 tcp 47 (slot/tmm: 1/0) none - Kevin_Stewart
One option?
import re for line in open("test.txt", "r"): if re.search(r'^[^a-zA-Z].*', line) is not None: ip = line.split(" ") print ip[0] - Kevin_Stewart
Haven't tried it, but
import re for line in connTable['apiRawValues']['apiAnonymous']: if re.search(r'^[^a-zA-Z].*', line) is not None: ip = line.split(" ") print ip[0] - Kevin_Stewart
Okay, for the sake of testing I just rebuilt the whole thing:
import re import subprocess p1 = subprocess.Popen([ 'curl', '-sk', '-u', 'admin:admin', '-H','Content-Type: application/json', '-H','Accept: application/json', '-X','GET', 'https://x.x.x.x/mgmt/tm/sys/connection' ],stdout=subprocess.PIPE) p2 = subprocess.Popen([ 'perl', '-pe', '\'s/\\n/,\n/g\'' ],stdin=p1.stdout,stdout=subprocess.PIPE) result = str(p2.communicate()).split('\\n') for line in result: if re.search('^[0-9].*', line) is not None: ip = line.split(" ") print ip[0] - aj1
Works now! Turns out I was missing
🙂 Thank you for the detailed example above, interesting way of approaching it usingconnTable.split('\n')
.subprocess - aj1
Hi Kevin. Apologies, should have tested this first time around, but it appears specifying the
option doesn't trim down the table any further, and instead gives all connection table entries based ofss-client-port+33761
. I can see only one entry on the BIG-IP (expected), but multiple when the same options are specified in GET.ss-client-addr+192.168.6.100show sys connection ss-client-addr 197.72.206.124 ss-client-port 1199 Sys::Connections 172.25.24.86%4:49327 68.67.176.52%4:443 197.72.206.124:1199 68.67.176.52:443 tcp 578 (slot/tmm: 1/1) none Total records returned: 1 $ curl -sk -u 'admin:admin' -H "Content-Type: application/json" -X GET "https://x.x.x.x/mgmt/tm/sys/connection?options=ss-client-addr+197.72.206.124&ss-client-port+1199" { "kind": "tm:sys:connection:connectionstats", "selfLink": "https://localhost/mgmt/tm/sys/connection?options=ss-client-addr+198.82.208.128&ver=11.6.0", "apiRawValues": { "apiAnonymous": "Sys::Connections\n172.25.24.86%4:49435 54.243.90.245%4:443 197.72.206.124:1051 54.243.90.245:443 tcp 35 (slot/tmm: 1/1) none\n172.25.24.86%4:49327 68.67.176.52%4:443 197.72.206.124:1199 68.67.176.52:443 tcp 582 (slot/tmm: 1/1) none\n172.25.24.86%4:49412 17.143.160.159%4:5223 197.72.206.124:1028 17.143.160.159:5223 tcp 402 (slot/tmm: 1/1) none\nTotal records returned: 3\n" } }
