Capture SSL Profile Protocol Stats - Bash

Problem this snippet solves:

The code will help you capture all client ssl profiles present on the bigip. For every client ssl profile thats there, it will be check if its referenced in any of the virtuals thats present, if the same clientssl profile is referenced in multiple places, the same will be captured as well.

Finally the mapped output will be shown in csv format, you can open it on excel.

How to use this snippet:

have to create a script file first. We shall use the /var/tmp/ directory.

Use vi editor to create a file name tls_protocol_stats.sh

command will be,

vi tls_protocol_stats.sh

Then we copy our code from the snippet and place it on the file and save it.

We simply use bash to run,

bash tls_protocol_stats.sh

If one wants to make it executable, change the permissions and run it as,

./tls_protocol_stats.sh

So the output will be on client-ssl-output.csv file. Full path will be /var/tmp/client-ssl-output.csv

If you open it, it will look like below,

Code :

#!/bin/bash
echo "Virtual Server, Client-SSL Profile, SSLv2, SSLv3, TLSv1.0, TLSv1.1, TLSv1.2, DTLS" > client-ssl-output.csv
profile_names=`tmsh list ltm profile client-ssl one-line | awk -F" " '{print $4}'`
for x in ${profile_names}
do
virtual_name=`tmsh list ltm virtual one-line | grep $x | awk -F" " '{print $3}'`
if [ "${virtual_name}" != "" ]
then
cmd=`tmsh show ltm profile client-ssl $x | grep Version | awk -vORS=, '{ print $5 }'`
for y in ${virtual_name}
do
echo "$y,$x,$cmd" >> client-ssl-output.csv
done
fi
done

Tested this on version: