BIG-IP Report

Problem this snippet solves:

Overview

This is a script which will generate a report of the BIG-IP LTM configuration on all your load balancers making it easy to find information and get a comprehensive overview of virtual servers and pools connected to them.

This information is used to relay information to NOC and developers to give them insight in where things are located and to be able to plan patching and deploys. I also use it myself as a quick way get information or gather data used as a foundation for RFC's, ie get a list of all external virtual servers without compression profiles.

The script has been running on 13 pairs of load balancers, indexing over 1200 virtual servers for several years now and the report is widely used across the company and by many companies and governments across the world.

It's easy to setup and use and only requires auditor (read-only) permissions on your devices.

Demo/Preview

Interactive demo

http://loadbalancing.se/bigipreportdemo/

Screen shots

The main report:

The device overview:

Certificate details:

How to use this snippet:

Installation instructions

BigipReport REST

This is the only branch we're updating since middle of 2020 and it supports 12.x and upwards (maybe even 11.6).

Updated Oct 16, 2024
Version 11.0
application delivery
devops
iControl
LTM
microsoft powershell with icontrol
  • LiefZimmerman's avatar
    LiefZimmerman
    Icon for Admin rankAdmin
    Apr 22, 2021

    Due to a platform corruption during the 2019 migration I have worked with   team to move his original legacy codeshare to this new record (same URL).

    The legacy codeshare is temporarily available at https://devcentral.f5.com/s/articles/bigip-report-old

     

    The negative repercussions of this change are:

    • the nearly 1000 historical comments appear that they must will have to remain on the legacy record.
    • the numerous *likes* stayed with the legacy record (smash that like at the top right of this page!! if you like it)
    • anyone bookmarking that legacy record will not be notified of changes made here (click that bookmark icon)

     

    The positive repercussions of this are:

    • Patrik can now make edits to the entry - making updates more likely and timely. (a deep in the weeds corruption I couldn't ferret out)
    • You all only have to deal with one set of comments here - making conversation easier. (another part of the corruption)
    • And, looking on the bright side of a negative, I don't have to find out (yet) what happens when the comment counter rolls over to 1000.😩

     

    Thank you for your patience and persistence with Patrik's awesome contribution and thank you for your dedication to our community.

  • Patrik_Jonsson's avatar
    Patrik_Jonsson
    Icon for MVP rankMVP
    May 26, 2021

    New release v5.5.9. Well done Tim!

    I've updated the Kubernetes containers with the new code and also triggered the :latest tag for you Cowboys who likes to use that. :)

     

    Got questions/feedback/an insatiable lust for nerd talk? Join us on Discord:

    https://discord.gg/W2y2cFX7

     

    Kind regards,

    Patrik

  • BenT's avatar
    BenT
    Icon for Altocumulus rankAltocumulus
    Jun 03, 2021

    Modules directory is missing from the zip file.

     

    Line |

    2255 | . .\modules\Get-ExpiredCertificates.ps1

       |  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

       | The term '.\modules\Get-ExpiredCertificates.ps1' is not recognized as a name of a cmdlet, function, script

       | file, or executable program. Check the spelling of the name, or if a path was included, verify that the path is

       | correct and try again.

     

  • Patrik_Jonsson's avatar
    Patrik_Jonsson
    Icon for MVP rankMVP
    Jun 03, 2021

    Hi Ben

    Apologies, been out enjoying the sun in the afternoon.

    Thanks for reporting, will fix the script that creates deploy and get back to you.

     

    /Patrik

  • BenT's avatar
    BenT
    Icon for Altocumulus rankAltocumulus
    Jun 03, 2021

    I've tried a few times over the last few hours, the zip sizes are identical and the modules folder isn't in the zip.

  • BenT's avatar
    BenT
    Icon for Altocumulus rankAltocumulus
    Jun 04, 2021

    That got it. Thanks!

    Have you looked at port-lists and/or policies? For port-lists, the VIPs aren't contained in the virtual, but are in a traffic-matching-criteria object instead. I don't know how difficult it would be to add the logic to show the VIPs for those in bigipreport or any associated policies.

    Here is an example config for the port-lists. 

    net port-list /Common/web_443-8443-8080_ports {
    description web_443-8443-8080_ports
    ports {
        443 { }
        8080 { }
        8443 { }
    }
}ltm pool /Common/pool_vip_portlist_example {
    load-balancing-mode least-connections-node
    members {
        /Common/172.1.2.5:0 {
            address 172.1.2.5
        }
        /Common/172.1.2.6:0 {
            address 172.1.2.6
        }
    }
    monitor /Common/https_basic_443
}
ltm traffic-matching-criteria /Common/vip_portlist_example_VS_TMC_OBJ {
    destination-address-inline 1.2.3.4
    destination-port-list /Common/web_443-8443-8080_ports
    protocol tcp
    source-address-inline 0.0.0.0
}
ltm virtual /Common/vip_portlist_example {
    ip-protocol tcp
    pool /Common/pool_vip_portlist_example
    profiles {
        /Common/fastL4 { }
    }
    serverssl-use-sni disabled
    source-address-translation {
        type automap
    }
    traffic-matching-criteria /Common/vip_portlist_example_VS_TMC_OBJ
    translate-address enabled
    translate-port enabled
    vlans {
        /Common/proxy-vlan
    }
    vlans-enabled
}
  • Patrik_Jonsson's avatar
    Patrik_Jonsson
    Icon for MVP rankMVP
    Jun 04, 2021

    Hi Ben

    Glad it helped. I added a feature request for you on Github. You can go here:

     

    https://github.com/net-utilities/BigIPReport/issues/69

     

    and then watch it for updates.

     

    I'm afraid I can't give any timelines since both me and Tim does this on our spare time. I normally try to squash bugs pretty fast but features happens when time permits. :)

     

    /Patrik