27-Jan-2022 07:51
Hey,
Does anybody know how to get the profile statistics of a virutal server. They are definitely stored somewhere. You can view them in the WebGUI when looking at the statistics of a virtual server.
I know how to retrieve Traffic and Syncookie stats via: {bigipHost}/mgmt/tm/ltm/virtual/{vs-name}/stats, then slice through the returned data. But it does not contain the profile stats.
The goal is to get the SSL Client profile stats so I can see if older less secure TLS versions and cipher are still being used by clients. There are still some old servers in our environment not able to use TLSv1.2, and if I institute our highly secure SSL Client profile on all virtual servers, stuff will break.
I have about 550 virtuals to check. I do not want to go through each one manually.
Cheers and thanks,
Patrick
Solved! Go to Solution.
28-Jan-2022 08:11
Hi Enes_Afsin_Al,
I had to rewrite the command as:
tmsh show ltm virtual \/*\/* profile detail | grep -E "Ltm::Virtual Server|Ltm::ClientSSL|Ltm::ServerSSL|Protocol Version"
Reversed the slashes, and the redirect to file (> /var/tmp/tlsstats.txt) did not work. But what displayed on screen looked correct.
I then took this command and started to build a REST API call. I finally came up with:
https://{BigIPHost}/mgmt/tm/ltm/virtual/{vs-name}/profiles/{profile-name}/stats
I can then tear into the returned object to get the stats out and build a CSV file
Thanks for the lead.
Patrick
27-Jan-2022 11:26
Hi Patrick,
tmsh show ltm virtual /\*/\* profiles detail | egrep "Ltm::Virtual Server|Ltm::ClientSSL|Ltm::ServerSSL|Protocol Version" > /var/tmp/tlsstats.txt
The command will create tlsstats.txt file to the /var/tmp/ directory. Can you try?
28-Jan-2022 08:11
Hi Enes_Afsin_Al,
I had to rewrite the command as:
tmsh show ltm virtual \/*\/* profile detail | grep -E "Ltm::Virtual Server|Ltm::ClientSSL|Ltm::ServerSSL|Protocol Version"
Reversed the slashes, and the redirect to file (> /var/tmp/tlsstats.txt) did not work. But what displayed on screen looked correct.
I then took this command and started to build a REST API call. I finally came up with:
https://{BigIPHost}/mgmt/tm/ltm/virtual/{vs-name}/profiles/{profile-name}/stats
I can then tear into the returned object to get the stats out and build a CSV file
Thanks for the lead.
Patrick
28-Jan-2022
01:27
- last edited on
28-Jan-2022
09:25
by
JRahm
Also see if the F5 telemetry streaming to Splunk or other SIEM would not be a better way to do things :