Capture Virtual Server Clientssl Profile & Ciphers Mapping - Bash
Problem this snippet solves:
The code will help you capture all client ssl profiles present on the bigip. For every client ssl profile that's there, it will pull its ciphers suite & if the client-ssl profile is referenced in any of the virtuals that's present, if the same clientssl profile is referenced in multiple places, the same will be captured as well.
This code can be modified to serverssl profile and same can be captured vice-versa.
How to use this snippet:
Have to create a script file first. We shall use the /var/tmp/ directory.
Use vi editor to create a file name virtual-clientssl-ciphers.sh
command will be,
vi /var/tmp/virtual-clientssl-ciphers.sh
Then we copy our code from the snippet and place it on the file and save it.
We simply use bash to run,
bash /var/tmp/virtual-clientssl-ciphers.sh
So the output will be on /var/tmp/virtual-clientssl-cipher.csv file.
If you open it on excel, it will look like below,
Code :
#!/bin/bash echo "Virtual Server, Client-SSL Profile, Cipher" > /var/tmp/virtual-clientssl-cipher.csv profile_names=`tmsh list ltm profile client-ssl one-line | awk -F" " '{print $4}'` for x in ${profile_names} do ciphers=`tmsh list ltm profile client-ssl $x ciphers | grep ciphers | awk '{print$2}'` virtual_name=`tmsh list ltm virtual one-line | grep $x | awk -F" " '{print $3}'` if [ "${virtual_name}" != "" ] then for y in ${virtual_name} do echo "$y,$x,$ciphers" >> /var/tmp/virtual-clientssl-cipher.csv done fi done
Tested this on version:
13.1