Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Clear all filters
Answers

Can I schedule to export ASM policy to a file system?

I know ASM save the backup in history for changes. I wonder if I can schedule to export ASM policy to file system? For example, schedule to save ASM policy every day?

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

I don't think you can. You can write your own script that does this via the iControl REST API though.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

I'm pretty sure that this can't be done using the Web UI of the BIG-IP. If you don't mind using the SSH you could do this creating a cron job that will execute /usr/share/ts/bin/import_export_policy.pl script once a day.

The cron entry would probably look something like this:

0 23 * * * perl /usr/share/ts/bin/import_export_policy.pl -a export -f /var/asmbackup/policyName.bak -p 18 --format xml

-f is the location and the name of the file where the policy will be saved -p is the ID of the policy which to the best of my knowledge can be obtained by looking at the link of the policy edit page in Active Policies view

I understand that this is a bit messy, but it is the best I could figure out.

If you don't mind using an external system to perform this backup you could use iControl REST API for this. You could send a POST request to the /mgmt/tm/asm/tasks/export-policy endpoint with the following body:

{ 
    "filename":"/var/exported_policy.xml",
    "policyReference":" {
        "link":"https://localhost/mgmt/tm/asm/policies/policyId"
    }
}

The .xml file will be saved to the BIG-IP file system in the /var/ts/var/rest directory. A script could be created that could be scheduled on cron on Windows Scheduler depending on your system which would execute this script once a day and possibly store these files on another system.

If you decide to go this way, I could help you out with the script.

0
Comments on this Answer
Comment made 07-Apr-2016 by Epay NOC 4
Thank you so much for your answer. Just to add, u are adding an extra " in your jSON body after the policyReference, the correct should be { "filename":"/var/exported_policy.xml", "policyReference": { "link":"https://localhost/mgmt/tm/asm/policies/policyId" } }
0