Export Virtual Server Configuration in CSV - tmsh cli script
Problem this snippet solves:
This is a simple cli script used to collect all the virtuals name, its VIP details, Pool names, members, all Profiles, Irules, persistence associated to each, in all partitions. A sample output would be like below,
One can customize the code to extract other fields available too. The same logic can be allowed to pull information's from profiles stats, certificates etc.
Update: 5th Oct 2020
Added Pool members capture in the code. After the Pool-Name, Pool-Members column will be found.
If a pool does not have members - field not present: "members" will shown in the respective Pool-Members column.
If a pool itself is not bound to the VS, then Pool-Name, Pool-Members will have none in the respective columns.
Update: 21st Jan 2021
Added logic to look for multiple partitions & collect configs
Update: 12th Feb 2021
Added logic to add persistence to sheet.
Update: 26th May 2021
Added logic to add state & status to sheet.
Update: 24th Oct 2023
Added logic to add hostname, Pool Status, Total-Connections & Current-Connections.
Note: The codeshare has multiple version, use the latest version alone. The reason to keep the other versions is for end users to understand & compare, thus helping them to modify to their own requirements. Hope it helps.
How to use this snippet:
Login to the LTM, create your script by running the below commands and paste the code provided in snippet
tmsh create cli script virtual-details
So when you list it, it should look something like below,
[admin@labltm:Active:Standalone] ~ # tmsh list cli script virtual-details
cli script virtual-details {
proc script::run {} {
puts "Virtual Server,Destination,Pool-Name,Profiles,Rules"
foreach { obj } [tmsh::get_config ltm virtual all-properties] {
set profiles [tmsh::get_field_value $obj "profiles"]
set remprof [regsub -all {\n} [regsub -all " context" [join $profiles "\n"] "context"] " "]
set profilelist [regsub -all "profiles " $remprof ""]
puts "[tmsh::get_name $obj],[tmsh::get_field_value $obj "destination"],[tmsh::get_field_value $obj "pool"],$profilelist,[tmsh::get_field_value $obj "rules"]"
}
}
total-signing-status not-all-signed
}
[admin@labltm:Active:Standalone] ~ #
And you can run the script like below,
tmsh run cli script virtual-details > /var/tmp/virtual-details.csv
And get the output from the saved file,
cat /var/tmp/virtual-details.csv
Old Codes:
cli script virtual-details {
proc script::run {} {
puts "Virtual Server,Destination,Pool-Name,Profiles,Rules"
foreach { obj } [tmsh::get_config ltm virtual all-properties] {
set profiles [tmsh::get_field_value $obj "profiles"]
set remprof [regsub -all {\n} [regsub -all " context" [join $profiles "\n"] "context"] " "]
set profilelist [regsub -all "profiles " $remprof ""]
puts "[tmsh::get_name $obj],[tmsh::get_field_value $obj "destination"],[tmsh::get_field_value $obj "pool"],$profilelist,[tmsh::get_field_value $obj "rules"]"
}
}
total-signing-status not-all-signed
}
###===================================================
###2.0
###UPDATED CODE BELOW
### DO NOT MIX ABOVE CODE & BELOW CODE TOGETHER
###===================================================
cli script virtual-details {
proc script::run {} {
puts "Virtual Server,Destination,Pool-Name,Pool-Members,Profiles,Rules"
foreach { obj } [tmsh::get_config ltm virtual all-properties] {
set poolname [tmsh::get_field_value $obj "pool"]
set profiles [tmsh::get_field_value $obj "profiles"]
set remprof [regsub -all {\n} [regsub -all " context" [join $profiles "\n"] "context"] " "]
set profilelist [regsub -all "profiles " $remprof ""]
if { $poolname != "none" }{
set poolconfig [tmsh::get_config /ltm pool $poolname]
foreach poolinfo $poolconfig {
if { [catch { set member_name [tmsh::get_field_value $poolinfo "members" ]} err] } {
set pool_member $err
puts "[tmsh::get_name $obj],[tmsh::get_field_value $obj "destination"],$poolname,$pool_member,$profilelist,[tmsh::get_field_value $obj "rules"]"
} else {
set pool_member ""
set member_name [tmsh::get_field_value $poolinfo "members" ]
foreach member $member_name {
append pool_member "[lindex $member 1] "
}
puts "[tmsh::get_name $obj],[tmsh::get_field_value $obj "destination"],$poolname,$pool_member,$profilelist,[tmsh::get_field_value $obj "rules"]"
}
}
} else {
puts "[tmsh::get_name $obj],[tmsh::get_field_value $obj "destination"],$poolname,none,$profilelist,[tmsh::get_field_value $obj "rules"]"
}
}
}
total-signing-status not-all-signed
}
###===================================================
### Version 3.0
### UPDATED CODE BELOW FOR MULTIPLE PARTITION
### DO NOT MIX ABOVE CODE & BELOW CODE TOGETHER
###===================================================
cli script virtual-details {
proc script::run {} {
puts "Partition,Virtual Server,Destination,Pool-Name,Pool-Members,Profiles,Rules"
foreach all_partitions [tmsh::get_config auth partition] {
set partition "[lindex [split $all_partitions " "] 2]"
tmsh::cd /$partition
foreach { obj } [tmsh::get_config ltm virtual all-properties] {
set poolname [tmsh::get_field_value $obj "pool"]
set profiles [tmsh::get_field_value $obj "profiles"]
set remprof [regsub -all {\n} [regsub -all " context" [join $profiles "\n"] "context"] " "]
set profilelist [regsub -all "profiles " $remprof ""]
if { $poolname != "none" }{
set poolconfig [tmsh::get_config /ltm pool $poolname]
foreach poolinfo $poolconfig {
if { [catch { set member_name [tmsh::get_field_value $poolinfo "members" ]} err] } {
set pool_member $err
puts "$partition,[tmsh::get_name $obj],[tmsh::get_field_value $obj "destination"],$poolname,$pool_member,$profilelist,[tmsh::get_field_value $obj "rules"]"
} else {
set pool_member ""
set member_name [tmsh::get_field_value $poolinfo "members" ]
foreach member $member_name {
append pool_member "[lindex $member 1] "
}
puts "$partition,[tmsh::get_name $obj],[tmsh::get_field_value $obj "destination"],$poolname,$pool_member,$profilelist,[tmsh::get_field_value $obj "rules"]"
}
}
} else {
puts "$partition,[tmsh::get_name $obj],[tmsh::get_field_value $obj "destination"],$poolname,none,$profilelist,[tmsh::get_field_value $obj "rules"]"
}
}
}
}
total-signing-status not-all-signed
}
###===================================================
### Version 4.0
### UPDATED CODE BELOW FOR CAPTURING PERSISTENCE
### DO NOT MIX ABOVE CODE & BELOW CODE TOGETHER
###===================================================
cli script virtual-details {
proc script::run {} {
puts "Partition,Virtual Server,Destination,Pool-Name,Pool-Members,Profiles,Rules,Persist"
foreach all_partitions [tmsh::get_config auth partition] {
set partition "[lindex [split $all_partitions " "] 2]"
tmsh::cd /$partition
foreach { obj } [tmsh::get_config ltm virtual all-properties] {
set poolname [tmsh::get_field_value $obj "pool"]
set profiles [tmsh::get_field_value $obj "profiles"]
set remprof [regsub -all {\n} [regsub -all " context" [join $profiles "\n"] "context"] " "]
set profilelist [regsub -all "profiles " $remprof ""]
set persist [lindex [lindex [tmsh::get_field_value $obj "persist"] 0] 1]
if { $poolname != "none" }{
set poolconfig [tmsh::get_config /ltm pool $poolname]
foreach poolinfo $poolconfig {
if { [catch { set member_name [tmsh::get_field_value $poolinfo "members" ]} err] } {
set pool_member $err
puts "$partition,[tmsh::get_name $obj],[tmsh::get_field_value $obj "destination"],$poolname,$pool_member,$profilelist,[tmsh::get_field_value $obj "rules"],$persist"
} else {
set pool_member ""
set member_name [tmsh::get_field_value $poolinfo "members" ]
foreach member $member_name {
append pool_member "[lindex $member 1] "
}
puts "$partition,[tmsh::get_name $obj],[tmsh::get_field_value $obj "destination"],$poolname,$pool_member,$profilelist,[tmsh::get_field_value $obj "rules"],$persist"
}
}
} else {
puts "$partition,[tmsh::get_name $obj],[tmsh::get_field_value $obj "destination"],$poolname,none,$profilelist,[tmsh::get_field_value $obj "rules"],$persist"
}
}
}
}
total-signing-status not-all-signed
}
###===================================================
### 5.0
### UPDATED CODE BELOW
### DO NOT MIX ABOVE CODE & BELOW CODE TOGETHER
###===================================================
cli script virtual-details {
proc script::run {} {
puts "Partition,Virtual Server,Destination,Pool-Name,Pool-Members,Profiles,Rules,Persist,Status,State"
foreach all_partitions [tmsh::get_config auth partition] {
set partition "[lindex [split $all_partitions " "] 2]"
tmsh::cd /$partition
foreach { obj } [tmsh::get_config ltm virtual all-properties] {
foreach { status } [tmsh::get_status ltm virtual [tmsh::get_name $obj]] {
set vipstatus [tmsh::get_field_value $status "status.availability-state"]
set vipstate [tmsh::get_field_value $status "status.enabled-state"]
}
set poolname [tmsh::get_field_value $obj "pool"]
set profiles [tmsh::get_field_value $obj "profiles"]
set remprof [regsub -all {\n} [regsub -all " context" [join $profiles "\n"] "context"] " "]
set profilelist [regsub -all "profiles " $remprof ""]
set persist [lindex [lindex [tmsh::get_field_value $obj "persist"] 0] 1]
if { $poolname != "none" }{
set poolconfig [tmsh::get_config /ltm pool $poolname]
foreach poolinfo $poolconfig {
if { [catch { set member_name [tmsh::get_field_value $poolinfo "members" ]} err] } {
set pool_member $err
puts "$partition,[tmsh::get_name $obj],[tmsh::get_field_value $obj "destination"],$poolname,$pool_member,$profilelist,[tmsh::get_field_value $obj "rules"],$persist,$vipstatus,$vipstate"
} else {
set pool_member ""
set member_name [tmsh::get_field_value $poolinfo "members" ]
foreach member $member_name {
append pool_member "[lindex $member 1] "
}
puts "$partition,[tmsh::get_name $obj],[tmsh::get_field_value $obj "destination"],$poolname,$pool_member,$profilelist,[tmsh::get_field_value $obj "rules"],$persist,$vipstatus,$vipstate"
}
}
} else {
puts "$partition,[tmsh::get_name $obj],[tmsh::get_field_value $obj "destination"],$poolname,none,$profilelist,[tmsh::get_field_value $obj "rules"],$persist,$vipstatus,$vipstate"
}
}
}
}
total-signing-status not-all-signed
}
Latest Code:
cli script virtual-details {
proc script::run {} {
set hostconf [tmsh::get_config /sys global-settings hostname]
set hostname [tmsh::get_field_value [lindex $hostconf 0] hostname]
puts "Hostname,Partition,Virtual Server,Destination,Pool-Name,Pool-Status,Pool-Members,Profiles,Rules,Persist,Status,State,Total-Conn,Current-Conn"
foreach all_partitions [tmsh::get_config auth partition] {
set partition "[lindex [split $all_partitions " "] 2]"
tmsh::cd /$partition
foreach { obj } [tmsh::get_config ltm virtual all-properties] {
foreach { status } [tmsh::get_status ltm virtual [tmsh::get_name $obj]] {
set vipstatus [tmsh::get_field_value $status "status.availability-state"]
set vipstate [tmsh::get_field_value $status "status.enabled-state"]
set total_conn [tmsh::get_field_value $status "clientside.tot-conns"]
set curr_conn [tmsh::get_field_value $status "clientside.cur-conns"]
}
set poolname [tmsh::get_field_value $obj "pool"]
set profiles [tmsh::get_field_value $obj "profiles"]
set remprof [regsub -all {\n} [regsub -all " context" [join $profiles "\n"] "context"] " "]
set profilelist [regsub -all "profiles " $remprof ""]
set persist [lindex [lindex [tmsh::get_field_value $obj "persist"] 0] 1]
if { $poolname != "none" }{
foreach { p_status } [tmsh::get_status ltm pool $poolname] {
set pool_status [tmsh::get_field_value $p_status "status.availability-state"]
}
set poolconfig [tmsh::get_config /ltm pool $poolname]
foreach poolinfo $poolconfig {
if { [catch { set member_name [tmsh::get_field_value $poolinfo "members" ]} err] } {
set pool_member $err
puts "$hostname,$partition,[tmsh::get_name $obj],[tmsh::get_field_value $obj "destination"],$poolname,$pool_status,$pool_member,$profilelist,[tmsh::get_field_value $obj "rules"],$persist,$vipstatus,$vipstate,$total_conn,$curr_conn"
} else {
set pool_member ""
set member_name [tmsh::get_field_value $poolinfo "members" ]
foreach member $member_name {
append pool_member "[lindex $member 1] "
}
puts "$hostname,$partition,[tmsh::get_name $obj],[tmsh::get_field_value $obj "destination"],$poolname,$pool_status,$pool_member,$profilelist,[tmsh::get_field_value $obj "rules"],$persist,$vipstatus,$vipstate,$total_conn,$curr_conn"
}
}
} else {
puts "$hostname,$partition,[tmsh::get_name $obj],[tmsh::get_field_value $obj "destination"],$poolname,none,none,$profilelist,[tmsh::get_field_value $obj "rules"],$persist,$vipstatus,$vipstate,$total_conn,$curr_conn"
}
}
}
}
}
Tested this on version:
13.0
Updated Oct 24, 2023
Version 2.0
jaikumar_f5MVP
Hi ,
Glad it was helpful. Regards to your requirement, it can be done in couple of ways, to what comes to my mind now,
1. Iapp templates, you can still customize them & use.
2. Use the load sys config merge option, list the to be cloned configs to a file, edit the parameters wherever required using sed cmd, & simply load it.
3. Go with simple bash or python script, where you'd take inputs using the read cmd & process it & let the backend functions to build your commands automatically. It's all scripting.
4. Using the rest API method & updating fields wherever required & just pushing it.
I use the 2nd & 3rd method when it's repetitive changes involving same pattern.
Chaitanya_24Nimbostratus
Hi
Thanks for the logical explanation!
Regarding the export script when we create it gets added in config/*script.conf
Is there any way we can remove it from .conf if we no longer need it?
Also can the above export script be converted to simple bash script. Could you let me know what changes would come in script for that.
Thanks Again!
- jaikumar_f5
Hi ,
If you just delete the script & save your configuration, it will get removed from script.conf file.
tmsh delete cli script <scrip-name>Well converting the script to bash is doable, but i'd say running it against tmos would be resource consuming as there will be multiple commands.
Hence the CLI method is better. The alternate approach would be to use the bigip.conf file & then parse it.
Basic bash would something like below article.
https://devcentral.f5.com/s/articles/bash-script-to-find-clientssls-mapped-to-virtual-servers-1143
- Chaitanya_24
Hi
Indeed thanks again for the explanation.
Will give it a try.
Ahmed_ZahranI tried to make it
But it didont work at all
can you please provide more details step by step
also i have version 15 of TMOS
- jaikumar_f5
Apologies on the late reply, sorry the steps shared above didn't help you.
Here's the steps,
Login to the CLI
If you are in bash, get inside tmos by running tmsh command.
tmshOnce your inside tmos, enter create cmd,
create cli script virtual-detailsThis should open the editor and there will be multiple default proc blocks like below,
Delete them all & add the one's i've shared in the code, use the code version 4.0 alone. All we need is proc script::run block code alone.
Using vi editor paste it.
save & exit.
Then when u run the below command. you should see the script.
tmsh list cli script virtual-detailsThen using tmsh run command, you can run it.
tmsh run cli script virtual-details > /var/tmp/virtual-details.csvOutput will be in /var/tmp/
Please let me know if you want more details.
Arthur_Pi have problem trying to save the file with this error:
Syntax Error: "cli" unexpected argument
There were errors. Continue editing(y) or discard changes(n) (y/n) y
- jaikumar_f5
Its my bad, i know why this would had come. After you run the create cli script command, you would had deleted everything & pasted the code.
So it wouldn't had the call of create script virtual-details, so just pasting with code from cli would throw this error.
Follow this thread, this would help you understand how to create it.
Export GTM/DNS Configuration in CSV - tmsh cli script
If you are still seeing issues, please let me know, I'll put a video tutorial.
Apologies on the late reply. been caught up with the recent vulnerabilities 😕
- Arthur_P
Is there a way this script can parse ASM policy with transparent/blocking mode association to the VIP and other objects?
- jaikumar_f5
Well yes it can be customized to achieve, but this is a ltm parser. So this would have to include block of parsing ASM 1st, & then doing a lookup to which VS that asm profile is mapped too. Let me see if i can make one quick.