Forum Discussion

NetSnoopy's avatar
NetSnoopy
Icon for Cirrus rankCirrus
Apr 04, 2019

(usefull) config export to csv for partitions

Hello, I wrote a shell script to export the most important config to a csv file. This was inspired from some other posts. The script runs on bash from a LB. For the CSV import to excel, you need to change the column B(named as VIP) to TEXT and enable word-wrap to the hole chart. The script collects field by field from running system. If you have a lot of configuration it can be need some time to finish. You can start with SCRIPTNAME PARTITION > EXPORTcsv direct from bash not tmsh. I hope it helps somebody, Cheers NetSnoopy

 

  • ! /bin/bash
    PARTITION=$1
     check if partition parameter set
    if [ -z "$PARTITION" ]
    then
        echo "Argument not present."
        echo "Useage $0 [PartitionName]"
        echo "to write a csv file append > FILENAME.csv"
        exit 99
    fi
     generate csv head line
    echo \"VS Name\"\;\"VIP\"\;\"Port\"\;\"Client SSL\"\;\"Server SSL\"\;\"Persistence\"\;\"Pool Name\"\;\"Balancing\"\;\"Pool Members Name\"\;\"Pool Members IP\"\;\"Members Port\"\;\"Monitor\"\;\"iRules\"
     collect vs names 
    VIRTUALS=$(tmsh list /ltm virtual /$PARTITION/* | grep "ltm virtual" | cut -d" " -f3)
    for VS in $VIRTUALS; 
     collect config parameter for each vs
    do
      VSNAME=$(echo $VS| cut -d "/" -f3) 
      echo -n \"$VSNAME\"\;
      DEST=$(tmsh list /ltm virtual $VS | grep destination | cut -d" " -f6 |cut -d "/" -f3 |cut -d"%" -f1 | cut -d":" -f1 )
      echo -n \"$DEST\"\;
      PORT=$(tmsh list /ltm virtual $VS | grep destination | cut -d" " -f6 |cut -d "/" -f3 | cut -d":" -f2 )
      echo -n \"$PORT\"\;
      collect SAN from all used Certs in clientssl profile
      SSLPROFILE=$(tmsh list /ltm virtual $VS | grep -B 1 clientside | grep -v clientside|cut -d "/" -f3|cut -d " " -f1 | grep -v "\-\-")
      echo -n \"
      if [ -n "$SSLPROFILE" ]
      then
        SSLCOUNT=$(tmsh list /ltm virtual $VS | grep -B 1 clientside | grep -v clientside|cut -d "/" -f3|cut -d " " -f1 | grep -v "\-\-" | wc -l )
        i=1
        for CLIENTSSL in $SSLPROFILE;
          do
            CERTNAME=$(tmsh list /ltm profile client-ssl /$PARTITION/$CLIENTSSL | grep -m 1 cert | sed  's/ cert //' | cut -d"/" -f2- | tr -d " " )
            if [[ "$CERTNAME" == "$PARTITION"* ]]
            then
              DOMAINS=$(tmsh list /sys file ssl-cert /$CERTNAME |grep "subject-alternative-name"| tr -d "\""|tr -s " "| cut -d" " -f3- | tr "DNS:" " "|tr "," "\n" |tr -d " " )
              echo -n "$DOMAINS"
            else
              DOMAINS=$(tmsh list /sys file ssl-cert /Common/$CERTNAME |grep "subject-alternative-name"| tr -d "\""|tr -s " "| cut -d" " -f3- | tr "DNS:" " "|tr "," "\n" |tr -d " " )
              echo -n "$DOMAINS"
            fi
            if [ "$i" -lt "$SSLCOUNT" ]
              then
              echo
            fi
            let "i++"
        done
      fi
      echo -n \"\;\"
      SERVERSSL=$(tmsh list /ltm virtual $VS | grep -B 1 serverside)
      check if backend ssl enabled
      if [[ "$SERVERSSL" == *serverssl* ]]
      then
        echo -n ReEncrypt
      fi
      echo -n \"\;
      Persistens
      PERSISTENCE=$(tmsh list /ltm virtual $VS | grep -A1 persist )
      echo -n \"
      if [ -n "$PERSISTENCE" ]
      then
        if [[ "$PERSISTENCE" == *"$PARTITION"* ]]
        then
          PERSISTENCE=$(tmsh list /ltm virtual $VS | grep -v "fallback-persistence" | grep -A1 persist | grep -v persist | cut -d"/" -f3 | cut -d" " -f1 )
          echo -n $PERSISTENCE
        else
          PERSISTENCE=$(tmsh list /ltm virtual $VS | grep -v "fallback-persistence" | grep -A1 persist | grep -v persist | tr -d " " | cut -d "{" -f1 )
          echo -n $PERSISTENCE
        fi
         get fallback-persistence
        fbPERSISTENCE=$(tmsh list /ltm virtual $VS | grep "fallback-persistence" | grep -v "type" | awk '{print $2}' )
        if [ -n "$fbPERSISTENCE" ]
        then
          echo 
          echo -n $fbPERSISTENCE
        fi
      fi
      echo -n \"\;
      pool informations 
      POOLNAME=$(tmsh list /ltm virtual $VS | grep pool | cut -d" " -f6 | cut -d "/" -f3)
      echo -n \"$POOLNAME\"\; 
       check if pool present
      if [ -n "$POOLNAME" ]
      then
         collect balancing type
        BLANCING=$(tmsh list /ltm pool /$PARTITION/$POOLNAME load-balancing-mode | grep "load-balancing-mode" | awk '{print $2}' )
        echo -n \"$BLANCING\"\;
         get pool members IP address 
        POOLMEMEBERS=$(tmsh list /ltm pool /$PARTITION/$POOLNAME | grep address | cut -d" " -f14|cut -d"%" -f1)
         how many poolmembers
        PMCOUNT=$(echo "$POOLMEMEBERS" | wc -l )
        poolmemeber name
        POOLMEMEBERSNAME=$(tmsh list /ltm pool /$PARTITION/$POOLNAME | grep  ":" | cut -d":" -f1)
        echo -n \"
        i=1
        for PMN in $POOLMEMEBERSNAME;
          do
            if [[ "$PMN" == *"$PARTITION"* ]]
            then
              PMNAME=$(echo "$PMN" | cut -d"/" -f3 )
              echo -n "$PMNAME"
            else
              echo -n "$PMN"
            fi
            if [ "$i" -lt "$PMCOUNT" ]
              then
              echo 
            fi
            let "i++"
        done
        echo -n \"\;\"
        i=1
        for PM in $POOLMEMEBERS;
          do 
            echo -n $PM
            if [ "$i" -lt "$PMCOUNT" ]
              then
              echo 
            fi
            let "i++"
        done
        echo -n \"\;
        collect Member Port
        MEMEBERSPORT=$(tmsh list /ltm pool /$PARTITION/$POOLNAME | cut -d ":" -f2 |grep -A 1 members  |grep '^[0-9a-z]'| cut -d" " -f1)
        echo -n \"$MEMEBERSPORT\"\; 
        collect Monitor
        MONITOR=$(tmsh list /ltm pool /$PARTITION/$POOLNAME  monitor | grep monitor | tr " " "\n" | grep -v "monitor\|{\|}" | grep -v '^[[:blank:]]*$' )
        echo -n \"
        MONITORCOUNT=$(echo "$MONITOR" | wc -l)
        i=1
        for MO in $MONITOR;
          do
            if [[ "$MO" == *"$PARTITION"* ]]
            then
              MONI=$(echo "$MO" | cut -d"/" -f3 )
              echo -n $MONI
            else
              echo -n $MO
            fi
            if [ "$i" -lt "$MONITORCOUNT" ]
              then
              echo 
            fi
            let "i++"
        done
        echo -n \"\;
      else
        echo -n \"\"\;\"\"\;\"\"\;\"\"\;\"\"\;
      fi
      collect irules
      IRULE=$(tmsh list /ltm virtual $VS rules |  grep -v "{\|}" | grep -v "rules none" )
      echo -n \"
      IRULECOUNT=$(echo "$IRULE" | wc -l)
      i=1
      for IR in $IRULE;
        do
          if [[ "$IR" == *"$PARTITION"* ]]
          then
            IRU=$(echo "$IRU" | cut -d"/" -f3 )
            echo -n $IRU
          else
            echo -n $IR
          fi
          if [ "$i" -lt "$IRULECOUNT" ]
            then
            echo 
          fi
          let "i++"
      done
      echo -n \"\;
      end line in csv
      echo
    done
    
  • Najim's avatar
    Najim
    Icon for Nimbostratus rankNimbostratus

    Hi,

    Thanks for sharing. I wondered if you have any scripts similar like this to export things like: SSL, redirects, hosts, headers, health checks, WAF rules, NAT per partition.

     

    Kind regards,

     

    Najim

  • Hello Najim,

    ssl, redirects(iRule) hosts and health checks are included. But not WAF. If you have a closer view you can easily found the components and modify to what you want. It would be nice if you share your code. 

    Cheers NetSnoopy

  •  - in another thread  mentioned that this codeblock had some missing comment hashtags. I also don't see hashtags at the beginning of comment sections. Based on the age of this snippet - it could have been an error in our ETL efforts during the platform migration.

     

    Can you review this code-block and let me know if you think it was right before we migrated? (So I might look for that pattern in other code-blocks and fix systemically)

    Thanks!

    Lief