APM sessions broken out by access policy?

Question

I don't believe this is possible, but I'll ask just to be sure...

For VPN, based on their user ID or an Active Directory query, etc., a user is assigned an APM access policy appropriate for their level of access. Is it possible, beyond running a custom report via the GUI, to display/track the current number of users connected via one access policy or another?

I've used "tmsh show /apm license" to see how many licenses are consumed, and have also run reports via the GUI to see how many people have connected via a specific APM policy, but this is a bit beyond that. I'd think there would have to be some mechanism to tally not only connections via an APM policy, but one to update the total whenever a session terminates.

Thanks!

boneyard · Accepted Answer

i dont believe that is available within one easy command.

you do have the sessiondump command and with some scripting around that you might be able to get what you want.

https://techdocs.f5.com/en-us/bigip-15-1-0/big-ip-access-policy-manager-visual-policy-editor/session-variables/sessiondump-command-usage.html

some example output here:

https://support.f5.com/csp/article/K80934060

fallout1984 · Answer

Awesome - thanks!

Forum Discussion

APM sessions broken out by access policy?

2 Replies

Recent Discussions

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

Related Content

OWASP Tactical Access Defense Series: Broken Authentication and BIG-IP APM

Auditing Security Policy Updates

Mitigation of OWASP API Security Risk: Broken Authentication using F5 XC Platform

OWASP Tactical Access Defense Series: Broken Object Property Level Authorization and BIG-IP APM

OWASP Tactical Access Defense Series: Broken Object Level Authorization and BIG-IP APM