Export GTM/DNS Configuration in CSV - tmsh cli script
Problem this snippet solves: This is a simple cli script used to collect all the WideIP, LB Method, Status, State, Pool Name, Pool LB, Pool Members, Pool Fall back, Last Resort pool info in CSV format. A sample output would be like below, One can customize the code to extract other fields available too. Check out my other codeshare of LTM report. Note: The codeshare may get multiple version, use the latest version alone. The reason to keep the other versions is for end users to understand & compare, thus helping them to modify to their own requirements. Hope it helps. How to use this snippet: Login to the GTM/DNS, create your script by running the below commands and paste the code provided in snippet, tmsh create cli script gtm-config-parser Delete the proc blocks, so it looks something like below, create script gtm-config-parser { ## PASTE THE CODE HERE ## } and paste the code provided in the snippet. Note: When you paste it, the indentation may be realigned, it shouldn't cause any errors, but the list output would show improperly aligned. Feel free to delete the tab spaces in the code snippet & paste it while creating, so indentation is aligned properly. And you can run the script like below, tmsh run cli script gtm-config-parser > /var/tmp/gtm-config-parser-output.csv And get the output from the saved file, open it on excel. Format it & use it for audit & reporting. cat /var/tmp/gtm-config-parser-output.csv Feel free to add more elements as per your requirements. For version 13.x & higher, there requires a small change in the code. Refer the comments section. Thanks to @azblaster Code : proc script::run {} { puts "WIP,LB-MODE,WIP-STATUS,WIP-STATE,POOL-NAME,POOL-LB,POOL-MEMBERS,POOL-FB,LASTRESORT-POOL" foreach { obj } [tmsh::get_config gtm wideip all-properties] { set wipname [tmsh::get_name $obj] set wippools [tmsh::get_field_value $obj pools] set lbmode [tmsh::get_field_value $obj "pool-lb-mode"] set lastresort [tmsh::get_field_value $obj "last-resort-pool"] foreach { status } [tmsh::get_status gtm wideip $wipname] { set wipstatus [tmsh::get_field_value $status "status.availability-state"] set wipstate [tmsh::get_field_value $status "status.enabled-state"] } foreach wippool $wippools { set pool_name [tmsh::get_name $wippool] set pool_configs [tmsh::get_config /gtm pool $pool_name all-properties] foreach pool_config $pool_configs { set pool_lb [tmsh::get_field_value $pool_config "load-balancing-mode"] set pool_fb [tmsh::get_field_value $pool_config "fallback-mode"] if { [catch { set member_name [tmsh::get_field_value $pool_config "members" ]} err] } { set pool_member $err } else { set pool_member "" set member_name [tmsh::get_field_value $pool_config "members"] foreach member $member_name { append pool_member "[lindex $member 1] " } } puts "$wipname,$lbmode,$wipstatus,$wipstate,$pool_name,$pool_lb,$pool_member,$pool_fb,$lastresort" } } } } Tested this on version: 11.6
(usefull) config export to csv for partitions
Hello, I wrote a shell script to export the most important config to a csv file. This was inspired from some other posts. The script runs on bash from a LB. For the CSV import to excel, you need to change the column B(named as VIP) to TEXT and enable word-wrap to the hole chart. The script collects field by field from running system. If you have a lot of configuration it can be need some time to finish. You can start with SCRIPTNAME PARTITION > EXPORTcsv direct from bash not tmsh. I hope it helps somebody, Cheers NetSnoopy
Network Access - SSLVPN - client system proxy settings
Hi all, I was wondering if someone could tell me whether the Network Access module (with the BigIP Edge Client) has support for changing the client's proxy settings. The setup is as follows: - standard Access Policy with logon page > radius auth > resource assign (network access) If the client cannot find its proxy server (defined by a PAC file that is indicated by a URL preset in the browser), it will not open the logon page when he clicks connect in the bigip edge client as this page is loaded from the virtual server's IP. So if the edge client could be configured to override the proxy settings, it will be able to load this page. The problem arises from the fact that the computers normally never leave the internal network and thus can always find the proxy file. If they leave the network and try to dialin, the not-finding-the-proxy-file will prevent them from opening any page whatsoever - including when the edge client wants to open the logon page - meaning they will never be able to connect to the VPN. I know that for example Juniper SA can do this perfectly fine, and it seems like a basic feature to me, but I cannot find it anywhere. Is it missing or should I buy new glasses? Kind regards, Thomas
Self IP config-sync problem
Hello everyone, I'm new to this device and have a problem. The administrator before me make Self IP address to point to some adress that is now Gateway on this new network. When I try to delete it I get this error: 01071412:3: Cannot delete IP (192.168.XXX.XXX) because it is used by the system config-sync setting. I have MGMT access only to Web interface. Do you have some advice for me? How to change this settings? I can not change Gateway address ... Thanks! Ivan
Deploying LTM and GTM on the same bigip box
Hello all, We will be deploying the LTM and GTM modules on the same hardware and I'm looking for any deployment guides that would outline networking or communication requirements / recommended practices. We're not going to be using route domains, so does this mean all queries from gtm to ltm resources will be kept "in house" so to speak, or will it still require going out on the wire? We are planning at this point to have a dedicate physical (or logical) interface to the gtm listener. Thanks in advance for any insight. Regards.
