CLI Command for specific machine "Session Deleted due to user inactivity"
Hello, I have this command that I use to search for a specific machine in the apm logs: zgrep -i "Username 'MACHINE_NAME_GOES_HERE'" /var/log/apm* |wc -l Then I have this one to search for the line “Session deleted due to user inactivity”. It produces a number from ALL machines that encountered this message: zgrep -i "Session deleted due to user inactivity." /var/log/apm* | wc -l I'm wondering if there is a command or another method to look up how many times a specific machine encountered a session deletion due to user inactivity?57Views0likes1CommentNeed help on CLI command to fetch < VIP Name + current connections >
Hello Experts , I need help in modifying below command which should also give me information of VIP name along with current connection . show ltm virtual recursive all | grep 'Availability\|Current Connections' As you can see this command only gives info of current connection but it will not tell which VIP has the current connection value ... blue.whale@(F5-BIGIP-ACT)(cfg-sync In Sync)(Active)(/Common)(tmos)# show ltm virtual recursive all | grep 'Availability\|Current Connections' Display all 1942 items? (y/n) y Availability : available Current Connections 0 0 - Availability : available Current Connections 38 0 - Availability : available Current Connections 0 0 - Availability : available Current Connections 73 0 - Availability : available Current Connections 0 0 - Availability : available Current Connections 0 0 -Solved53Views0likes1CommentImport PKCS 12 SSL to Device Certificate via API/Script or CLI on BIG-IP
We have more than 160 BIG-IP Virtual Edition with version 15.1.10.3 build 0.0.12. We need to import, in each one, an SSL Certificate in PFX/PKCS 12 format in the path System ›› Certificate Management: Device Certificate Management: Device Certificate. We looked in the documentation and the KB but we couldn't find a way to do it. Has anyone dealt with this and have a solution to do it via Script, CLI or API? Thank you.98Views0likes1CommentHow to generate ASM report from a pre-defined filter using TMSH
Is there a way to generate a report using a pre-defined report (filter) using CLI (TMSH)? Though I should be able to generate the same report by typing down the filter for the report in TMSH but TMSH does not understand the Drilldown for Security Policy for some reason. For instanace, when I try to run the following command it is not able to identify the Policy save analytics application-security report view-by attack-type measures { occurrences } drilldown {{ entity policy values { My_Security_Policy_Name } } } format pdf file foo.pdf range now-3w The error I get for above is : Data Input Error: Invalid entity value My_Security_Policy_Name This is strange because I am able to see and set Security Policies in the filter in GUI. I am using Big-IP 12.1.0.202Views0likes0CommentsiStats v13 command help
Hi, Here is help displayed by cli istats command: Usage: istats [-s ] [] is one of: 'set' 'incr' 'get' 'remove' 'dump' 'drop_row' 'drop_column' 'clear_row' is a single quoted argument: "keyspace ... " (like "ltm.pool /Common/mypool counter mystat") is one of: 'counter' 'gauge' 'string' 'text' 'signed' 'unsigned' 'bin' 'dec' 'hex' 'timestamp' 'timeval' 'uinthex' must be specified for 'set' and 'incr', and must be an integer for 'incr' The for a gauge may be negative. Use 2 dashes before the negative value (like 'incr "... gauge ..." -- -1') I wonder if there are is any info how to use operations like drop_row, drop_colum, clear_row What is [-s ] description "keyspace ... " - what is keyspace and column? If possible some example of key using all above elements and multiple columnsIs there any description what can be stored in types: 'text' 'signed' 'unsigned' 'bin' 'dec' 'hex' 'timestamp' 'timeval' 'uinthex'And how those behave in relation to value used. What is difference between timestamp and timeval. I had ipression that those can be set without using value (like automatically place current time at the moment key is created in value) but it seems not be the case.Piotr748Views0likes4CommentsUpgrade Verification - CLI tips and tricks
I mentioned recently in a conversation that I use to use the CLI to generate a snapshot of the bigip run state for pre/post comparison after an upgrade. By accident, I ran across these scripts today so here they are for your enjoyment. They are circa big-ip v12 so update as needed, feel free to post updated versions in the reply and i will tick them as the answer even. Pre-Change (Now supports partitions) # tmsh -c "cd /; show ltm virtual recursive" | awk '/Ltm::Virtual/ { printf $NF } /(Availability|State)/ { printf ":"$NF } /Reason/ { print ":"$NF} ' > bigip-virtual-state.pre # tmsh -c "cd /; show ltm pool recursive" | awk '/Ltm::Pool/ { printf $NF } /(Availability|State)/ { printf ":"$NF } /Reason/ { print ":"$NF} ' > bigip-pool-state.pre Post Change # tmsh -c "cd /; show ltm virtual recursive" | awk '/Ltm::Virtual/ { printf $NF } /(Availability|State)/ { printf ":"$NF } /Reason/ { print ":"$NF} ' > bigip-virtual-state.post # tmsh -c "cd /; show ltm pool recursive" | awk '/Ltm::Pool/ { printf $NF } /(Availability|State)/ { printf ":"$NF } /Reason/ { print ":"$NF} ' > bigip-pool-state.post Comparison # diff bigip-virtual-state.pre bigip-virtual-state.post # diff bigip-pool-state.pre bigip-pool-state.post586Views2likes1CommentTMSH CLI to modify objects with keyword variables in them
I am curious if there was a way to modify VIPs w/o specifically defining them within the command .. for example : modify ltm virtual Test-Donkey-HTTPS profiles delete { tcp-600 } profiles add { tcp } modify ltm virtual Prod-Donkey-HTTPS profiles delete { tcp-600 } profiles add { tcp } modify ltm virtual Stage-Donkey-HTTPS profiles delete { tcp-600 } profiles add { tcp } So above, I would like to replace all "Donkey" VIPs in one shot to adjust their profiles. Thank you!515Views0likes1CommentPool Member Nodes: Different Partitions, Same IP Address
In summary, I have created multiple partitions. I'm attempting to perform a merge configuration. I get an error stating that I cannot use the same IP address for two separate nodes that reside in different partitions. Is this be design? I'm performing a migration from A10. Can F5 have nodes in different partitions with the same IP address? Here is my error via the CLI: 0107003a:3: Pool member node (/WEB/pcf-prod-gorouter1) and existing node (/APP/pcf-prod-gorouter1) cannot use the same IP Address (10.66.36.12). As you can see by the names of the nodes, they reside in different partitions. Thanks in advance for the assistance.Solved2.2KViews1like3CommentsUsing Single Configuration File to Configure F5
I'm using the "tmsh load /sys config merge" CLI command to configure an F5 device. This command works great. However, for example, when it comes to configuring an LTM virtual server, by default, it creates a "Performance (Layer 4)" type of virtual server. I'd like for my SCF to configure a virtual server of type "Standar", however, I cannot find the property that will allow me to do this with an SCF. Is this possible? Does anyone know how I can accomplish this task? I'm performing a huge migration from A10 to F5 so any help would be greatly appreciated. Thanks in advance.Solved583Views0likes3Comments