BASH Script to find ClientSSL's mapped to Virtual Servers

Problem this snippet solves:

Often times we may require to generate a report to know how many of the clientssl profiles are mapped to which virtual servers. One can use the simple

tmsh list ltm virtual all one-line | grep ssl-profile-name
.

But this would focus on one particular profile alone.

How about for every clientssl profiles that's present and to which vip its mapped.

How to use this snippet:

Create a simple bash file and paste the below code.

[ltm1:Active:In Sync] ~ # vi find-clientssl-mapped-to-virtuals

Save and exit (wq).

Run the bash script.

[ltm1:Active:In Sync] ~ # bash find-clientssl-mapped-to-virtuals

Final output will be in CSV file like below, You can winscp the output from the location /var/tmp/

Filename would be

clientssl-mapped-to-virtuals-output.csv

Code :

#!/bin/bash
echo "Virtual Server, Client-SSL Profile" > /var/tmp/clientssl-mapped-to-virtuals-output.csv
profile_names=`tmsh list ltm profile client-ssl one-line | awk -F" " '{print $4}'`
for x in ${profile_names}
do
virtual_name=`tmsh list ltm virtual one-line | grep $x | awk -F" " '{print $3}'`
if [ "${virtual_name}" != "" ]
then
for y in ${virtual_name}
do
echo "$y,$x" >> /var/tmp/clientssl-mapped-to-virtuals-output.csv
done
fi
done

Tested this on version:

11.5
Updated Jun 06, 2023
Version 2.0

Was this article helpful?

5 Comments

  • Very nice, I was actually just doing the exact same thing.

    Here was my solution:

    for i in `tmsh list ltm virtual { destination  } |grep :https -B 1|grep ltm|awk '{print $3}'`; do 
    echo $i; 
    tmsh list ltm virtual $i { profiles }|grep clientside -B 1|grep -v clientside|grep -v tcp|grep -v "\-\-"|sed 's/{//g'; 
    echo; 
    done
    

  • Yup thats doable too. But instead of

    grep -v clientside|grep -v tcp|grep -v "\-\-"|sed 's/{//g
    you can combine them as
    grep -vE "clientside|tcp|--"
    too.

  • Thanks a lot guys for your help. I have tried executing this scrip. however I'm able to get the SSL client profile name and VIP which are in "Common" partition and I have also tried executing the script from other partition but it is not successful to get the SSL client profile and the associated VIP from the other partition.

     

    Could you please help me to modify the script to get the SSL client profile name and the associated VIP from other partition?

     

    Regards, Thiyagu

     

  • unfortunately both tricks did not work for me. the script creates empty csv and for loop also return nothing for me. even just running this list ltm virtual { destination } does not work so how i can expect further processing from this command