BigIP Report Old
Problem this snippet solves:
This codeshare has been deprecated due to a hosting platform corruption. I have moved code and conversation to a new record (on the same original URL) https://devcentral.f5.com/s/articles/bigip-report
can be Overview
This is a script which will generate a report of the BigIP LTM configuration on all your load balancers making it easy to find information and get a comprehensive overview of virtual servers and pools connected to them.
This information is used to relay information to our NOC and developers to give them insight in where things are located and to be able to plan patching and deploys. I also use it myself as a quick way get information or gather data used as a foundation for RFC's, ie get a list of all external virtual servers without compression profiles.
The script has been running on 13 pairs of load balancers, indexing over 1200 virtual servers for several years now and the report is widely used across the company and by many companies and governments across the world.
It's easy to setup and use and only requires guest permissions on your devices.
Demo/Preview
Please note that it takes time to make these so sometimes they're a bit outdated and they only cover one HA pair. However, they still serve the purpose of showing what you can expect from the report.
Interactive demo
http://loadbalancing.se/bigipreportdemo/
Screen shots
The main report:
The device overview:
Certificate details:
How to use this snippet:
This codeshare has been deprecated due to a hosting platform corruption. I have moved code and conversation to a new record (on the same original URL) https://devcentral.f5.com/s/articles/bigip-report
Installation instructions
BigipReport REST
This is the only branch we're updating since middle of 2020 and it supports 12.x and upwards (maybe even 11.6).
Download: https://loadbalancing.se/downloads/bigipreport-v5.5.4.zip
Documentation, installation instructions and troubleshooting: https://loadbalancing.se/bigipreport-rest/
Docker support
This will be the recommended way of running bigipreport in the near future. It's still undergoing testing but it's looking really good so far.
https://loadbalancing.se/2021/01/05/running-bigipreport-on-docker/
BigipReport (Legacy)
Older version of the report that only runs on Windows and is depending on a Powershell plugin originally written by Joe Pruitt (F5).
BigipReport (Stable):
https://loadbalancing.se/downloads/bigipreport-5.3.1.zip
BigipReport (BETA): https://loadbalancing.se/downloads/bigipreport-5.4.0-beta.zip
iControl Snapin: https://loadbalancing.se/downloads/f5-icontrol.zip
Documentation and installation instructions:
https://loadbalancing.se/bigip-report/
Upgrade instructions
Protect the report using APM and active directory
Written by DevCentral member Shann_P:
https://loadbalancing.se/2018/04/08/protecting-bigip-report-behind-an-apm-by-shannon-poole/
Got issues/problems/feedback?
Still have issues? Drop a comment below. We usually reply quite fast. Any bugs found, issues detected or ideas contributed makes the report better for everyone, so it's always appreciated.
---
Also trying out a Discord channel now. You're welcome to hang out with us there:
Code :
85931,86647,90730
Tested this on version:
13.0
974 Comments
Nice work Tim, PR has been merged and the link to the release is in the description above.
Evan_HendrickNimbostratus
When running this against one of my load balancers, the calls seem to error out. This causes an error which states "There are no pools to check status" so the polling VIP check fails. When I watch the PowerShell script run, I see this at the beginning of the errors:
Successfully loaded the config file: D:\BIG-IP Report Runner\bigipreportconfig.xml 2020-03-18 14:57:15 Configuring the console window 2020-03-18 14:57:15 Pre-execution checks 2020-03-18 14:57:15 Loaded F5 iControl snapin 2020-03-18 14:57:15 Pre execution checks was successful 2020-03-18 14:57:15 Enabling TLS1.2 2020-03-18 14:57:15 Getting data from %REDACTED% 2020-03-18 14:57:16 iControl session successfully established 2020-03-18 14:57:16 Getting hostname 2020-03-18 14:57:16 Hostname is %REDACTED% 2020-03-18 14:57:17 Fetching information about the device 2020-03-18 14:57:18 Caching LTM information from %REDACTED% 2020-03-18 14:57:18 Caching certificates 2020-03-18 14:57:21 Caching monitors 2020-03-18 14:57:22 Caching data groups 2020-03-18 14:57:23 Caching Pools Exception calling "get_member_v2" with "1" argument(s): "Exception caught in LocalLB::urn:iControl:LocalLB/Pool::get_member_v2() Exception: Common::OperationFailed primary_error_code : 16908336 (0x01020030) secondary_error_code : 0 error_string : 01020036:3: The requested query_reply () was not found." At D:\BIG-IP Report Runner\bigipreport-5.1.9.ps1:1218 char:2 + [array]$PoolMembers = $F5.LocalLBPool.get_member_v2($PoolList) + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [], MethodInvocationException + FullyQualifiedErrorId : SoapHeaderException Exception calling "get_member_v2" with "1" argument(s): "Exception caught in LocalLB::urn:iControl:LocalLB/Pool::get_member_v2() Exception: Common::OperationFailed primary_error_code : 16908336 (0x01020030) secondary_error_code : 0 error_string : 01020036:3: The requested query_reply () was not found." At D:\BIG-IP Report Runner\bigipreport-5.1.9.ps1:1218 char:2 + [array]$PoolMembers = $F5.LocalLBPool.get_member_v2($PoolList) + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [], MethodInvocationException + FullyQualifiedErrorId : SoapHeaderException Exception calling "get_member_object_status" with "2" argument(s): "Could not find element by name: members" At D:\BIG-IP Report Runner\bigipreport-5.1.9.ps1:1219 char:2 + [array]$PoolMemberstatuses = $F5.LocalLBPool.get_member_object_st ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [], MethodInvocationException + FullyQualifiedErrorId : SoapHeaderException Exception calling "get_member_object_status" with "2" argument(s): "Could not find element by name: members" At D:\BIG-IP Report Runner\bigipreport-5.1.9.ps1:1219 char:2 + [array]$PoolMemberstatuses = $F5.LocalLBPool.get_member_object_st ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [], MethodInvocationException + FullyQualifiedErrorId : SoapHeaderException Exception calling "get_member_priority" with "2" argument(s): "Could not find element by name: members" At D:\BIG-IP Report Runner\bigipreport-5.1.9.ps1:1220 char:2 + [array]$PoolMemberpriorities = $F5.LocalLBPool.get_member_priorit ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [], MethodInvocationException + FullyQualifiedErrorId : SoapHeaderException Exception calling "get_member_priority" with "2" argument(s): "Could not find element by name: members" At D:\BIG-IP Report Runner\bigipreport-5.1.9.ps1:1220 char:2 + [array]$PoolMemberpriorities = $F5.LocalLBPool.get_member_priorit ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [], MethodInvocationException + FullyQualifiedErrorId : SoapHeaderException Exception calling "get_all_member_statistics" with "1" argument(s): "Exception caught in LocalLB::urn:iControl:LocalLB/Pool::get_all_member_statistics() Exception: Common::OperationFailed primary_error_code : 16908336 (0x01020030) secondary_error_code : 0 error_string : 01020036:3: The requested query_reply () was not found." At D:\BIG-IP Report Runner\bigipreport-5.1.9.ps1:1225 char:2 + [array]$PoolMemberStatistics = $F5.LocalLBPool.get_all_member_sta ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [], MethodInvocationException + FullyQualifiedErrorId : SoapHeaderException Exception calling "get_all_member_statistics" with "1" argument(s): "Exception caught in LocalLB::urn:iControl:LocalLB/Pool::get_all_member_statistics() Exception: Common::OperationFailed primary_error_code : 16908336 (0x01020030) secondary_error_code : 0 error_string : 01020036:3: The requested query_reply () was not found." At D:\BIG-IP Report Runner\bigipreport-5.1.9.ps1:1225 char:2 + [array]$PoolMemberStatistics = $F5.LocalLBPool.get_all_member_sta ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [], MethodInvocationException + FullyQualifiedErrorId : SoapHeaderExceptionAfter those initial errors, I see a sea of:
Cannot index into a null array. At D:\BIG-IP Report Runner\bigipreport-5.1.9.ps1:1236 char:3 + $PoolMemberStatisticsDict = Get-PoolMemberStatisticsDictionar ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (:) [], RuntimeException + FullyQualifiedErrorId : NullArrayI have four LTM Environments, three of them this worked without error, this last environment has this error. The only real difference between the environments is that this one does not use BIG-IQ to manage it. Anything to point me in the right direction would be greatly appreciated.
Thanks,
Evan
- TimRiker
Cirrocumulus
I'm assuming it's not a SnapIn issue as you say it works against other servers. What versions are they running? Is the non-working one an old version of BIG-IP? Does it have any pools? The script assumes there is at least one pool. I've not tried it against a BIP-IP with no pools, or even just one pool. Try creating a pool and running again if it has no pools, or even just one pool.
- Evan_Hendrick
All LTMs are at least 14.x.
Two environments are BIG-IP 14.1.0.3 Build 0.0.6 Point Release 3, and two environments are BIG-IP 14.1.2.2 Build 0.0.4 Point Release 2. The one that doesn't work is the later, but the other environment running 14.1.2.2 works OK.
There are pools, and they have members. Looking through the pools.json file it appears the members are missing from there, but other information appears to be intact.
A pool entry from a working environment:
{ "name": "/Common/%REDACTED%_https_pool", "description": "", "monitors": [ "/Common/https" ], "members": [ { "name": "/Common/%REDACTED%", "ip": "%REDACTED%", "port": "443", "availability": "AVAILABILITY_STATUS_GREEN", "enabled": "ENABLED_STATUS_ENABLED", "status": "Pool member is available", "priority": 0, "currentconnections": "0", "maximumconnections": "283" } ], "loadbalancingmethod": "Round Robin", "actiononservicedown": "None", "allownat": "Yes", "allowsnat": "Yes", "orphaned": false, "loadbalancer": "%REDACTED%", "availability": "AVAILABILITY_STATUS_GREEN", "enabled": "ENABLED_STATUS_ENABLED", "status": "The pool is available" }Here is a pool entry from the environment with issues:
{ "name": "/Common/%REDACTED%_https_pool", "description": "", "monitors": [ "/Common/tcp" ], "members": null, "loadbalancingmethod": "Round Robin", "actiononservicedown": "None", "allownat": "Yes", "allowsnat": "Yes", "orphaned": false, "loadbalancer": "%REDACTED%", "availability": "AVAILABILITY_STATUS_GREEN", "enabled": "ENABLED_STATUS_ENABLED", "status": "The pool is available" } 
Abed_AL-RCirrostratus
i was running v5.0.6 and it was ok
i reinstalled to v5.3.1 , it is working , but it is failing to load "asm" policies and ltm "datagroups"
- TimRiker
If I recall correctly, asm policies and datagroups are loaded over the REST interface in v5.3.1 where everything else comes from the SOAP interface. Can you do a REST call using the current credentials?
It occurs to me that we are not ignoring certificates in v5.3.1 for rest calls like my REST only branch does. On my setup, I have a valid externally signed wildcard certificate on each F5 like *.example.com and then we have lb-ppe-a.example.com as the host listed in the xml so rest calls match the certificate. Does the certificate match on your setup? I'll put a patch in to ignore the certificate on REST calls in the current tree like I've already fixed my tree.
If you can use "Device" entries with fully qualified names that match the device certificate that should fix your issue.
https://github.com/epacke/BigIPReport/issues/174
Could you try adding -SkipCertificateCheck to the Invoke-RestMethod and Invoke-WebRequest calls in the ps1 script? There are three of them. One to get credentials, one to load adm policies and one to load datagroups.
Ignore all this. -SkipCertficateCheck is only on newer releases of powershell, and newer releases should probably be using my REST version instead. 😕
- TimRiker
I've not been able to duplicate this. I have tested against 14, upgrading to 15 now. In the "timriker" branch on github I don't use the snapin at all. Everything there is through REST instead of SOAP through the snapin.
REST has issues in my environment. Logins fail frequently so the script often has missing information. I'm working in F5 on it, but no progress so far.
- Evan_Hendrick
Tim --
I pulled your version of the code and it seems to be a lot happier -- I'm wondering if there is some intermittent problem with iControl Snapin for one of my device groups.. The main caveat I saw was that you can't use the guest role anymore because it doesn't support "list sys crypt recursive", which is needed to pull certificate information, I think the auditor role solves for this though.
I get some strange errors when I run (below), not sure if they're REST authentication attempts and can be ignored or if there is some other error.
The following handled errors was thrown during the execution Receive-Job %IP_ADDR_REDACTED% Receive-Job %IP_ADDR_REDACTED% Receive-Job %IP_ADDR_REDACTED% The following exceptions were thrown during script execution Category Linenumber Line Stacktrace MethodInvocationException 1771 At D:\BIG-IP Report Runner\bigipreport.ps1:1771 char:17 + $lines=Receive-Job -Job $job + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ at Get-LTMInformation, : line 1107 at GetDeviceInfo, : line 1712 at , : line 1745 PropertyNotFoundException 1771 At D:\BIG-IP Report Runner\bigipreport.ps1:1771 char:17 + $lines=Receive-Job -Job $job + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ at Get-LTMInformation, : line 1014 at GetDeviceInfo, : line 1712 at , : line 1745 PropertyNotFoundException 1771 At D:\BIG-IP Report Runner\bigipreport.ps1:1771 char:17 + $lines=Receive-Job -Job $job + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ at Get-LTMInformation, : line 1014 at GetDeviceInfo, : line 1712 at , : line 1745 
BcssiNetworkingThis looks and works great!!! The only problem is that when we try to export using the CSV option, the report data looks really bad in Excel. Anyone know why this is occuring? We are using the latest stable version.
"<input type=""text"" name=""loadBalancer"" value=""Load Balancer"" class=""search_init"" data-column-name=""Load Balancer"" data-setting-name=""showLoadBalancerColumn"">","<input type=""text"" name=""vipName"" value=""VIP Name"" class=""search_init"" data-column-name=""Virtual server"" data-setting-name=""showVirtualServerColumn"">","<input type=""text"" name=""ipPort"" value=""IP:Port"" class=""search_init"" data-column-name=""IP:Port"" data-setting-name=""showIPPortColumn"">","<input type=""text"" name=""asmPolicies"" size=""6"" value=""ASM"" class=""search_init"" data-column-name=""ASM Policies"" data-setting-name=""showASMPoliciesColumn"">","<input type=""text"" name=""sslProfile"" size=""6"" value=""SSL C/S"" class=""search_init"" data-column-name=""SSL Profile"" data-setting-name=""showSSLProfileColumn"">","<input type=""text"" name=""compressionProfile"" size=""6"" value=""Compression"" class=""search_init"" data-column-name=""Compression Profile"" data-setting-name=""showCompressionProfileColumn"">","<input type=""text"" name=""persistenceProfile"" size=""6"" value=""Persistence"" class=""search_init"" data-column-name=""Persistence Profile"" data-setting-name=""showPersistenceProfileColumn"">","<input type=""text"" name=""pool_members"" value=""Pool/Members"" class=""search_init"" data-column-name=""Pools/Members"" data-setting-name=""showPoolsMembersColumn"">"
"ADC-NP-F5-P","<span class=""statusicon""><img src=""images/blue-square-questionmark.png"" alt=""Unknown (Enabled)"" title=""Unknown (Enabled) - The children pool member(s) either don't have service checking enabled, or service check results are not available yet""/></span><span class=""textstatus"">UNKNOWN</span> AAA-TESTING-VS.app/AAA-TESTING-VS_redir_vs","172","N/A","No/No","No","No","N/A"
- BcssiNetworking
- This looks and works great!!! The only problem is that when we try to export using the CSV option, the report data looks really bad in Excel. Anyone know why this is occuring? We are using the latest stable version.
- "<input type=""text"" name=""loadBalancer"" value=""Load Balancer"" class=""search_init"" data-column-name=""Load Balancer"" data-setting-name=""showLoadBalancerColumn"">","<input type=""text"" name=""vipName"" value=""VIP Name"" class=""search_init"" data-column-name=""Virtual server"" data-setting-name=""showVirtualServerColumn"">","<input type=""text"" name=""ipPort"" value=""IP:Port"" class=""search_init"" data-column-name=""IP:Port"" data-setting-name=""showIPPortColumn"">","<input type=""text"" name=""asmPolicies"" size=""6"" value=""ASM"" class=""search_init"" data-column-name=""ASM Policies"" data-setting-name=""showASMPoliciesColumn"">","<input type=""text"" name=""sslProfile"" size=""6"" value=""SSL C/S"" class=""search_init"" data-column-name=""SSL Profile"" data-setting-name=""showSSLProfileColumn"">","<input type=""text"" name=""compressionProfile"" size=""6"" value=""Compression"" class=""search_init"" data-column-name=""Compression Profile"" data-setting-name=""showCompressionProfileColumn"">","<input type=""text"" name=""persistenceProfile"" size=""6"" value=""Persistence"" class=""search_init"" data-column-name=""Persistence Profile"" data-setting-name=""showPersistenceProfileColumn"">","<input type=""text"" name=""pool_members"" value=""Pool/Members"" class=""search_init"" data-column-name=""Pools/Members"" data-setting-name=""showPoolsMembersColumn"">"
- "ADC-NP-F5-P","<span class=""statusicon""><img src=""images/blue-square-questionmark.png"" alt=""Unknown (Enabled)"" title=""Unknown (Enabled) - The children pool member(s) either don't have service checking enabled, or service check results are not available yet""/></span><span class=""textstatus"">UNKNOWN</span> AAA-TESTING-VS.app/AAA-TESTING-VS_redir_vs","172","N/A","No/No","No","No","N/A"
- Like
