Difference between revisions of "F5 get objects"
Jump to navigation
Jump to search
(Created page with "Here is an example of dumping virtual machines {code} curl -sku $AD_USER:$AD_PASS -X GET https://lb.example.com/mgmt/tm/ltm/virtual | jq > virtual.json {code} {code} for i in...") |
|||
| Line 1: | Line 1: | ||
Here is an example of dumping virtual machines | Here is an example of dumping virtual machines | ||
| − | + | ``` | |
curl -sku $AD_USER:$AD_PASS -X GET https://lb.example.com/mgmt/tm/ltm/virtual | jq > virtual.json | curl -sku $AD_USER:$AD_PASS -X GET https://lb.example.com/mgmt/tm/ltm/virtual | jq > virtual.json | ||
| − | + | ``` | |
| − | + | ``` | |
for i in $(cat virtual.json | jq -r .items[].destination | awk -F/ '{print $3}' | awk -F: '{print $1}' | sort -u); do host $i; done | for i in $(cat virtual.json | jq -r .items[].destination | awk -F/ '{print $3}' | awk -F: '{print $1}' | sort -u); do host $i; done | ||
| − | + | ``` | |
Here is good way of getting actual domain names being used via https (adjust as needed) too but be careful on prod boxes | Here is good way of getting actual domain names being used via https (adjust as needed) too but be careful on prod boxes | ||
| − | + | ``` | |
tshark -l -i any -f 'dst port ( 443 )' -Y 'ssl.handshake.extension.type == "server_name" || http.host' -T fields -e ip.src -e ip.dst -e tcp.dstport -e http.host -e ssl.handshake.extensions_server_name | tshark -l -i any -f 'dst port ( 443 )' -Y 'ssl.handshake.extension.type == "server_name" || http.host' -T fields -e ip.src -e ip.dst -e tcp.dstport -e http.host -e ssl.handshake.extensions_server_name | ||
| − | + | ``` | |
Revision as of 17:58, 20 January 2023
Here is an example of dumping virtual machines
curl -sku $AD_USER:$AD_PASS -X GET https://lb.example.com/mgmt/tm/ltm/virtual | jq > virtual.json
for i in $(cat virtual.json | jq -r .items[].destination | awk -F/ '{print $3}' | awk -F: '{print $1}' | sort -u); do host $i; done
Here is good way of getting actual domain names being used via https (adjust as needed) too but be careful on prod boxes
tshark -l -i any -f 'dst port ( 443 )' -Y 'ssl.handshake.extension.type == "server_name" || http.host' -T fields -e ip.src -e ip.dst -e tcp.dstport -e http.host -e ssl.handshake.extensions_server_name