BigIP Report Old
Problem this snippet solves:
This codeshare has been deprecated due to a hosting platform corruption. I have moved code and conversation to a new record (on the same original URL) https://devcentral.f5.com/s/articles/bigip-report
can be Overview
This is a script which will generate a report of the BigIP LTM configuration on all your load balancers making it easy to find information and get a comprehensive overview of virtual servers and pools connected to them.
This information is used to relay information to our NOC and developers to give them insight in where things are located and to be able to plan patching and deploys. I also use it myself as a quick way get information or gather data used as a foundation for RFC's, ie get a list of all external virtual servers without compression profiles.
The script has been running on 13 pairs of load balancers, indexing over 1200 virtual servers for several years now and the report is widely used across the company and by many companies and governments across the world.
It's easy to setup and use and only requires guest permissions on your devices.
Demo/Preview
Please note that it takes time to make these so sometimes they're a bit outdated and they only cover one HA pair. However, they still serve the purpose of showing what you can expect from the report.
Interactive demo
http://loadbalancing.se/bigipreportdemo/
Screen shots
The main report:
The device overview:
Certificate details:
How to use this snippet:
This codeshare has been deprecated due to a hosting platform corruption. I have moved code and conversation to a new record (on the same original URL) https://devcentral.f5.com/s/articles/bigip-report
Installation instructions
BigipReport REST
This is the only branch we're updating since middle of 2020 and it supports 12.x and upwards (maybe even 11.6).
Download: https://loadbalancing.se/downloads/bigipreport-v5.5.4.zip
Documentation, installation instructions and troubleshooting: https://loadbalancing.se/bigipreport-rest/
Docker support
This will be the recommended way of running bigipreport in the near future. It's still undergoing testing but it's looking really good so far.
https://loadbalancing.se/2021/01/05/running-bigipreport-on-docker/
BigipReport (Legacy)
Older version of the report that only runs on Windows and is depending on a Powershell plugin originally written by Joe Pruitt (F5).
BigipReport (Stable):
https://loadbalancing.se/downloads/bigipreport-5.3.1.zip
BigipReport (BETA): https://loadbalancing.se/downloads/bigipreport-5.4.0-beta.zip
iControl Snapin: https://loadbalancing.se/downloads/f5-icontrol.zip
Documentation and installation instructions:
https://loadbalancing.se/bigip-report/
Upgrade instructions
Protect the report using APM and active directory
Written by DevCentral member Shann_P:
https://loadbalancing.se/2018/04/08/protecting-bigip-report-behind-an-apm-by-shannon-poole/
Got issues/problems/feedback?
Still have issues? Drop a comment below. We usually reply quite fast. Any bugs found, issues detected or ideas contributed makes the report better for everyone, so it's always appreciated.
---
Also trying out a Discord channel now. You're welcome to hang out with us there:
Code :
85931,86647,90730
Tested this on version:
13.0
974 Comments
Hermann, it is possibl, but all about time on my side. Some periods I have more, some I have less. :)
Do you have any suggestions as to how to integrate it? I must confess my experience with GTM is a bit limited.
/Patrik
Nadj. You're lucky I am such a stubborn man. :) I will install 11.6 and try.
/Patrik
nadj_354479Nimbostratus
I am a woman and not a man :(
- nadj_354479
I think must use a useful one that looks for the vulnerability and when that a vulnerability has been discovered under certain version the report triggers an alert to the user, but how to be informed that the vulnerability was detected its not yet to find :(
I did not call you a man, it is ME that is a stubborn man. I agree regarding the vulnerability scans. However, I do not have access to such a system... :(
- nadj_354479
oki ^^ I will continue my research and when I find something I will keep you informed ^^
- Patrick_Farrel1
If current installed version < current available version in your branch -> status = vulnerable. :)
That would however require parsing this page when the report runs: https://support.f5.com/csp/article/K2200
Not a bad idea Patrick but their pages are generated with javascripts and a bit tricky to parse. Not a big fan in general either as it's prone to breaking as all it'd take is for F5 to change their mark-up.
/Patrik
- nadj_354479
Hi, patrick
this a vulnérabilité CVE-2017-6154 was détected
nadj,
Tom_KPatrik, said it previously, will say it again, this is an awesome tool. Wondering it there is any granularity in granting permissions to see pool and virtual servers and nodes. Is there anything already in place or could something be set up that could restrict access by partition like when users login to the management interface. Our security team does not want everyone to be able to see all the nodes, pools and virtual servers. Regards, Tom
