cancel
Showing results for 
Search instead for 
Did you mean: 

get only non-default object properties via iControl REST

tatmotiv
Altostratus
Altostratus

Hi all.

 

I'm looking for a way to receive all non-default properties of an object via iControl REST. Basically, I need all those properties that would be listed when running "tmsh list xyz" without "all-properties".

 

For example, on my test-device, "tmsh list" will return the following individual properties for a client-ssl profile...

 

list ltm profile client-ssl /PA999-Test1/test_clientssl ltm profile client-ssl PA999-Test1/test_clientssl { app-service none cert Common/default.crt cert-key-chain { default { cert Common/default.crt key Common/default.key } } chain none defaults-from Common/clientssl inherit-certkeychain true key Common/default.key passphrase none }

...while querying the same object via ICR will return all properties, including default and inherited settings:

 

> curl -sk -u admin:xxxxxxxx https://my-bigip/mgmt/tm/ltm/profile/client-ssl/~PA999-Test1~test_clientssl | python -mjson.tool { "alertTimeout": "10", "allowNonSsl": "disabled", "authenticate": "once", "authenticateDepth": 9, "cacheSize": 262144, "cacheTimeout": 3600, "cert": "/Common/default.crt", "certExtensionIncludes": [ "basic-constraints", "subject-alternative-name" ], "certKeyChain": [ { "cert": "/Common/default.crt", "key": "/Common/default.key", "name": "default" } ], "certLifespan": 30, "certLookupByIpaddrPort": "disabled", "ciphers": "DEFAULT", "defaultsFrom": "/Common/clientssl", "forwardProxyBypassDefaultAction": "intercept", "fullPath": "/PA999-Test1/test_clientssl", "generation": 39, "genericAlert": "enabled", "handshakeTimeout": "10", "inheritCertkeychain": "true", "key": "/Common/default.key", "kind": "tm:ltm:profile:client-ssl:client-sslstate", "maxRenegotiationsPerMinute": 5, "modSslMethods": "disabled", "mode": "enabled", "name": "test_clientssl", "partition": "PA999-Test1", "peerCertMode": "ignore", "peerNoRenegotiateTimeout": "10", "proxySsl": "disabled", "proxySslPassthrough": "disabled", "renegotiateMaxRecordDelay": "indefinite", "renegotiatePeriod": "indefinite", "renegotiateSize": "indefinite", "renegotiation": "enabled", "retainCertificate": "true", "secureRenegotiation": "require", "selfLink": "https://localhost/mgmt/tm/ltm/profile/client-ssl/~PA999-Test1~test_clientssl?ver=11.6.0", "sessionMirroring": "disabled", "sessionTicket": "disabled", "sniDefault": "false", "sniRequire": "false", "sslForwardProxy": "disabled", "sslForwardProxyBypass": "disabled", "sslSignHash": "any", "strictResume": "disabled", "tmOptions": [ "dont-insert-empty-fragments" ], "uncleanShutdown": "enabled" }

Does anybody have a simple solution for this? Is there some option that can be passed with the GET request? I want to avoid polling the "defaults-from" object, too and then determin the difference.

 

Many thanks in advance

 

Martin

 

1 REPLY 1

ksuuk
Nimbostratus
Nimbostratus

Hi,

 

I had same issue and asked help from support, they found solution, so here it is:

 

There is an RFE for our Development team to implement the "?options=non-default-properties" as the default output. This RFE currently has number ID674071, however it is only targeted for a future version, for a future release.

 

You'll have to add "?options=non-default-properties" in front of the object you're querying.

 

Instead of:

 

curl -sk -u admin:xxxxxxxx | python -m json.tool

 

Use:

 

curl -sk -u admin:xxxxxxxx | python -m json.tool