Hello, When a config is changed often, and by different teams, it is not unusual that services do not get removed properly. How to know whether a node is not a member of a pool? If a certificate file is not used by an SSL profile? If a pool is not used by a virtual server? If a VLAN is never designated by VS or pool? Is there any tool you know to identify "useless" or obsolete data in a config. thank you very much Alberto

Its in the Diagnostics, "The configuration may contain unused objects " In my example it lists Unused Monitors, unused pools.

I know Enterprise manager can report on this. The problem for us is we use layer 7 load balancing using iRules with internal or external data groups and this makes those pools look like orphans. The clean-up method I use for SSL certs, profiles and nodes, irules and data groups is to delete all. Any object that’s that are used and part of another configuration object deleted! Example is a node that’s in a pool won't be deleted. I can't do this with my pools because it would delete about 2000 pools since they are only referenced out of a data group string instead of a virtual.

Man, I wish. We do this, but it is not easy. We have written a custom parsing routine which puts everything in a database. Then we run SQL queries against the database to find "unused" objects. The parsing logic is very complex, and subject to breaking periodically. If you can do this with an F5-tool, use that. Trying to write your own is a PITA.

iHealth can do this as well, and it's free with a support contract. The problems outlined by afedden are still applicable.

I uploaded a Qkview and tried every options possible in Ihealth and couldnt find where to find unused objects. The network map shows enabled and disabled objects but cant find a reference to unused objects. Anybody knows where this information is ?

identify unused objects in a config (bigIP.conf)

14 Replies

afedden_1985
Cirrus
Aug 18, 2014
I know Enterprise manager can report on this. The problem for us is we use layer 7 load balancing using iRules with internal or external data groups and this makes those pools look like orphans. The clean-up method I use for SSL certs, profiles and nodes, irules and data groups is to delete all. Any object that’s that are used and part of another configuration object deleted! Example is a node that’s in a pool won't be deleted. I can't do this with my pools because it would delete about 2000 pools since they are only referenced out of a data group string instead of a virtual.
smp_86112
Cirrostratus
Aug 18, 2014
Man, I wish. We do this, but it is not easy. We have written a custom parsing routine which puts everything in a database. Then we run SQL queries against the database to find "unused" objects. The parsing logic is very complex, and subject to breaking periodically. If you can do this with an F5-tool, use that. Trying to write your own is a PITA.
mimlo_61970
Cumulonimbus
Aug 18, 2014
iHealth can do this as well, and it's free with a support contract. The problems outlined by afedden are still applicable.
- mimlo_61970
  Cumulonimbus
  Nov 05, 2014
  Its in the Diagnostics, "The configuration may contain unused objects " In my example it lists Unused Monitors, unused pools.
- JBriere_176279
  Nimbostratus
  Nov 05, 2014
  I uploaded a Qkview and tried every options possible in Ihealth and couldnt find where to find unused objects. The network map shows enabled and disabled objects but cant find a reference to unused objects. Anybody knows where this information is ?
- Protectron_3914
  Nimbostratus
  Nov 05, 2014
  I just found it, i had so many objects in there that i couldnt believe this information was valid when i saw it first. Thanks :)
swo0sh_gt_13163
Altostratus
Nov 08, 2014
Guys,

Any idea based on which criteria iHealth define all the unused objects? Based on the traffic stat?

Thanks, Darshan
mimlo_61970
Cumulonimbus
Nov 10, 2014
Unused as in not referenced in the configuration anywhere, not unused as in there is no traffic to it.
- swo0sh_gt_13163
  Altostratus
  Jun 13, 2015
  Hey Mimlo, Yes, I realized the fact after combating with iHealth for quite sometime now. Thanks for the reply mate. Cheers! Darshan
Michelle_Johns1
Nimbostratus
Dec 08, 2015
I no longer see this in ihealth. Did it move? Is this info still available?
THi
Nimbostratus
Dec 08, 2015
F5 has changed iHealth site this Fall. The network map is no longer there. There is something called Config Explorer. I cannot find unused objects anymore... :o(
Ashish_Chakrava
Nimbostratus
Dec 01, 2016
Go to network map and search for particular VIP IP or pool member will show you where it is mapped
Ashish_Chakrava
Nimbostratus
Dec 01, 2016
Go to network map and search for particular VIP IP or pool member will show you where it is mapped