Table of Contents · gtm monitor mysql gtm monitor nntp gtm monitor none gtm monitor oracle gtm monitor pop3 gtm monitor postgresql gtm monitor radius-accounting gtm monitor radius

11717171819232324252526272828292931313233333434353636394040424343444444444748505254575861636566697072757778818385878992939697

100

Table of Contents

Table of ContentsF5 TMSH Reference - 16.xGeneral

greptimetmsh

Commandscdcpcreatedeleteeditexitgeneratehelpinstalllistloadmodifymvpublishpwdquitrebootreset-statsrestartrunsavesend-mailshowshutdownstartstopsubmit

Modulesanalytics

analytics afm-sweeper reportanalytics afm-sweeper scheduled-reportanalytics application-security-anomalies reportanalytics application-security-anomalies scheduled-reportanalytics application-security-incidents reportanalytics application-security-network reportanalytics application-security-network scheduled-reportanalytics application-security reportanalytics application-security scheduled-reportanalytics asm-bypass reportanalytics asm-bypass scheduled-reportanalytics asm-cpu reportanalytics asm-cpu scheduled-reportanalytics asm-enforced-entities reportanalytics asm-learning-suggestions reportanalytics asm-memory reportanalytics asm-memory scheduled-reportanalytics asm-policy-changes reportanalytics asm-violation reportanalytics asm-violation scheduled-reportanalytics bot-defense-event reportanalytics cpu-per-vip reportanalytics cpu reportanalytics cpu scheduled-reportanalytics device-traffic reportanalytics device-traffic scheduled-reportanalytics disk-info reportanalytics disk-info scheduled-report

101104107109111114115118120124127130133136138139141146148150152154156159160162165166170172173175177179181183185188190192194195200203205207209211213216217220221223225228231233235237240242244247248249253255258

259259262

analytics dns-cache-resolver reportanalytics dns-profile reportanalytics dns-protocol scheduled-reportanalytics dns-rpz reportanalytics dns reportanalytics dns scheduled-reportanalytics dos-l3 reportanalytics dos-l3 scheduled-reportanalytics dos-l7 reportanalytics dos-vis-attacks reportanalytics dos-vis-common reportanalytics dos-vis-vips reportanalytics fw-nat reportanalytics fw-nat scheduled-reportanalytics global-settingsanalytics gtm-wideip reportanalytics http reportanalytics http scheduled-reportanalytics ip-intelligence reportanalytics ip-intelligence scheduled-reportanalytics ip-layer reportanalytics ip-layer scheduled-reportanalytics lsn-pool reportanalytics lsn-pool scheduled-reportanalytics memory-per-process reportanalytics memory reportanalytics memory scheduled-reportanalytics network reportanalytics network scheduled-reportanalytics network stale-rulesanalytics pem reportanalytics pem scheduled-reportanalytics pool-traffic reportanalytics pool-traffic scheduled-reportanalytics proc-cpu reportanalytics proc-cpu scheduled-reportanalytics protocol-inspection reportanalytics protocol-security-http reportanalytics protocol-security-http scheduled-reportanalytics protocol-security reportanalytics protocol-security scheduled-reportanalytics reportanalytics sip-dos reportanalytics sip-dos scheduled-reportanalytics sip reportanalytics sip scheduled-reportanalytics ssl-orchestrator-service-virtual reportanalytics ssl-orchestrator-service-virtual scheduled-reportanalytics ssl-orchestrator reportanalytics ssl-orchestrator scheduled-reportanalytics swg-blocked reportanalytics swg-blocked scheduled-reportanalytics swg reportanalytics swg scheduled-reportanalytics system-monitor reportanalytics tcp-analytics reportanalytics tcp-analytics scheduled-reportanalytics tcp reportanalytics tcp scheduled-reportanalytics tmm-dns-zone reportanalytics traffic-classification reportanalytics traffic-classification scheduled-reportanalytics udp reportanalytics udp scheduled-reportanalytics uri-typeanalytics vcmp reportanalytics vcmp scheduled-reportanalytics virtual reportanalytics virtual scheduled-report

api-protectionapi-protection profile apiprotectionapi-protection response

264265265266268269271272273275276278279280282284286287289291292294295298301302303305307308309311312312313315316317318320322323324327329330331332333335336337338340341342343344346347348349350351352352353355356358360361

api-protection serverapm

apm aaa active-directory-trusted-domainsapm aaa active-directoryapm aaa crldpapm aaa endpoint-management-systemapm aaa f5-mfa-configurationapm aaa f5-service-connectorapm aaa http-connector-requestapm aaa http-connector-transportapm aaa httpapm aaa kerberos-keytab-fileapm aaa kerberosapm aaa ldapapm aaa oamapm aaa oauth-providerapm aaa oauth-requestapm aaa oauth-serverapm aaa ocspapm aaa okta-connectorapm aaa radiusapm aaa saml-idp-automationapm aaa saml-idp-connectorapm aaa samlapm aaa securidapm aaa tacacsplusapm access-infoapm aclapm apm-avr-configapm client imageapm configuration captchaapm epsec epsec-packageapm epsec software-statusapm licenseapm log-settingapm ntlm machine-accountapm ntlm ntlm-authapm oauth db-instanceapm oauth jwk-configapm oauth jwt-configapm oauth jwt-provider-listapm oauth oauth-claimapm oauth oauth-client-appapm oauth oauth-resource-serverapm oauth oauth-scopeapm oauth purged-entriesapm oauth token-detailsapm policy access-policyapm policy agent aaa-active-directoryapm policy agent aaa-client-certapm policy agent aaa-crldpapm policy agent aaa-httpapm policy agent aaa-ldapapm policy agent aaa-oauthapm policy agent aaa-ocspapm policy agent aaa-radiusapm policy agent aaa-samlapm policy agent aaa-securidapm policy agent acct-radiusapm policy agent acct-tacacsplusapm policy agent api-authenticationapm policy agent api-server-selectionapm policy agent decision-boxapm policy agent dynamic-aclapm policy agent ending-allowapm policy agent ending-denyapm policy agent ending-redirectapm policy agent endpoint-check-machine-certapm policy agent endpoint-check-softwareapm policy agent endpoint-linux-check-fileapm policy agent endpoint-linux-check-processapm policy agent endpoint-mac-check-file

363364365366368369370372373374375377378379380381382383385386387391392393394395396397398399400401401402402402403408412414418419420421423424426427428433435436437439441442444445446448449451452452454456461463465466468469

apm policy agent endpoint-mac-check-processapm policy agent endpoint-machine-infoapm policy agent endpoint-windows-browser-cache-cleanerapm policy agent endpoint-windows-check-fileapm policy agent endpoint-windows-check-processapm policy agent endpoint-windows-check-registryapm policy agent endpoint-windows-group-policyapm policy agent endpoint-windows-info-osapm policy agent endpoint-windows-protected-workspaceapm policy agent external-logon-pageapm policy agent http-header-modifyapm policy agent ip-geolocation-lookupapm policy agent ip-reputation-lookupapm policy agent irule-eventapm policy agent kerberosapm policy agent l7-protocol-lookupapm policy agent loggingapm policy agent logon-pageapm policy agent message-boxapm policy agent oamapm policy agent oauth-authzapm policy agent request-classificationapm policy agent resource-assignapm policy agent response-selectionapm policy agent route-domain-selectionapm policy agent server-cert-response-controlapm policy agent server-cert-statusapm policy agent session-checkapm policy agent ssl-checkapm policy agent tacacsplusapm policy agent variable-assignapm policy customization-groupapm policy customization-languagesapm policy image-fileapm policy policy-itemapm policy windows-group-policy-fileapm profile accessapm profile connectivityapm profile exchangeapm profile oauthapm profile remote-desktopapm profile vdiapm report custom-report-fieldapm resource app-tunnelapm resource client-rate-classapm resource client-traffic-classifierapm resource ipv6-leasepoolapm resource leasepoolapm resource network-accessapm resource portal-accessapm resource remote-desktop citrix-client-bundleapm resource remote-desktop citrix-client-package-fileapm resource remote-desktop citrixapm resource remote-desktop questapm resource remote-desktop rdpapm resource remote-desktop vmware-viewapm resource sandboxapm resource webtop-linkapm resource webtopapm saml artifact-resolution-serviceapm saml attribute-consuming-serviceapm saml auth-context-class-listapm sessionapm sso basicapm sso form-basedapm sso form-basedv2apm sso kerberosapm sso ntlmv1apm sso ntlmv2apm sso oauth-bearerapm sso saml-resourceapm sso saml-sp-automation

470472475476476

477478478479480482483484

484484485489491492493495495497498501502503504

506506507508510511512515526527

528528529531532534537538539540541541542544546548549

550550551553557558559561561562565568569571573575577

apm sso saml-sp-connectorapm sso samlapm swg-content-typeapm swg-schemeapm url-filter

asmasm device-syncasm http-methodasm httpclass-asmasm policyasm predefined-policyasm response-codeasm webapp-language

authauth apm-authauth cert-ldapauth ldapauth login-failuresauth partitionauth password-policyauth passwordauth radius-serverauth radiusauth remote-roleauth remote-userauth sourceauth tacacsauth user

clicli admin-partitionscli alias privatecli alias sharedcli global-settingscli historycli preferencecli scriptcli transactioncli version

cmcm add-to-trustcm certcm config-synccm device-groupcm devicecm failover-statuscm keycm remove-from-trustcm sha1-fingerprintcm sniff-updatescm sync-statuscm traffic-groupcm trust-domaincm watch-devicegroup-devicecm watch-sys-devicecm watch-trafficgroup-device

gtmgtm datacentergtm distributed-appgtm global-settings generalgtm global-settings load-balancinggtm global-settings metrics-exclusionsgtm global-settings metricsgtm iquerygtm ldnsgtm linkgtm listenergtm monitor bigip-linkgtm monitor bigipgtm monitor externalgtm monitor firepassgtm monitor ftpgtm monitor gateway-icmp

579581583585587589592594596597599601603605607609611613615617619621623625627629631632633639646652657663669671673674679681682685688690693696

699699700700709

714714716717719721724726727729731733734736737738739739740741742

gtm monitor gtpgtm monitor httpgtm monitor httpsgtm monitor imapgtm monitor ldapgtm monitor mssqlgtm monitor mysqlgtm monitor nntpgtm monitor nonegtm monitor oraclegtm monitor pop3gtm monitor postgresqlgtm monitor radius-accountinggtm monitor radiusgtm monitor real-servergtm monitor scriptedgtm monitor sipgtm monitor smtpgtm monitor snmp-linkgtm monitor snmpgtm monitor soapgtm monitor tcp-half-opengtm monitor tcpgtm monitor udpgtm monitor wapgtm monitor wmigtm pathgtm persistgtm pool agtm pool aaaagtm pool cnamegtm pool mxgtm pool naptrgtm pool srvgtm prober-poolgtm regiongtm rulegtm servergtm topologygtm trafficgtm wideip agtm wideip aaaagtm wideip cnamegtm wideip mxgtm wideip naptrgtm wideip srv

ilxilx global-settingsilx node-versionilx pluginilx workspace

ltmltm alg-log-profileltm auth crldp-serverltm auth kerberos-delegationltm auth ldapltm auth ocsp-responderltm auth profileltm auth radius-serverltm auth radiusltm auth ssl-cc-ldapltm auth ssl-crldpltm auth ssl-ocspltm auth tacacsltm cipher groupltm cipher ruleltm classification applicationltm classification auto-update settingsltm classification auto-update statusltm classification categoryltm classification celtm classification signature-definition

743744745746747748749749750751752754755755756758759760761762762763764765766770772775776778780782783784788789790791793794795799801803808809810812814815817818819821822824825827830833834836838842844847849852855859862865

ltm classification signature-update-scheduleltm classification signature-versionltm classification signaturesltm classification stats applicationltm classification stats url-categoryltm classification stats urlcat-cloudltm classification update-signaturesltm classification updatesltm classification url-cat-policyltm classification url-categoryltm classification urldb-feed-listltm classification urldb-fileltm clientssl-proxy cached-certsltm clientssl ocsp-stapling-responsesltm data-group externalltm data-group internalltm default-node-monitorltm dns analytics global-settingsltm dns cache global-settingsltm dns cache records allltm dns cache records keyltm dns cache records msgltm dns cache records nameserverltm dns cache records rrsetltm dns cache resolverltm dns cache transparentltm dns cache validating-resolverltm dns dns-express-dbltm dns dnssec keyltm dns dnssec zoneltm dns nameserverltm dns tsig-keyltm dns zoneltm eviction-policyltm global-settings connectionltm global-settings generalltm global-settings ruleltm global-settings traffic-controlltm ifileltm lsn-log-profileltm lsn-poolltm message-routing diameter peerltm message-routing diameter profile routerltm message-routing diameter profile sessionltm message-routing diameter routeltm message-routing diameter transport-configltm message-routing generic peerltm message-routing generic protocolltm message-routing generic routeltm message-routing generic routerltm message-routing generic transport-configltm message-routing mqtt peerltm message-routing mqtt profile routerltm message-routing mqtt profile sessionltm message-routing mqtt routeltm message-routing mqtt transport-configltm message-routing sip peerltm message-routing sip profile routerltm message-routing sip profile sessionltm message-routing sip routeltm message-routing sip transport-configltm monitor diameterltm monitor dnsltm monitor externalltm monitor firepassltm monitor ftpltm monitor gateway-icmpltm monitor httpltm monitor http2ltm monitor httpsltm monitor icmpltm monitor imap

868869872874876879882885886888891894896899900903904907910913915917919922925927930933935938940941943945948950951953955956958960962964965968988995

100110031004100510121016101910221024102610291034103610381039104110421045105110531054105510561058

ltm monitor inbandltm monitor ldapltm monitor module-scoreltm monitor mqttltm monitor mssqlltm monitor mysqlltm monitor nntpltm monitor noneltm monitor oracleltm monitor pop3ltm monitor postgresqlltm monitor radius-accountingltm monitor radiusltm monitor real-serverltm monitor rpcltm monitor saspltm monitor scriptedltm monitor sipltm monitor smbltm monitor smtpltm monitor snmp-dca-baseltm monitor snmp-dcaltm monitor soapltm monitor tcp-echoltm monitor tcp-half-openltm monitor tcpltm monitor udpltm monitor virtual-locationltm monitor wapltm monitor wmiltm nat-statsltm natltm nodeltm persistence cookieltm persistence dest-addrltm persistence global-settingsltm persistence hashltm persistence hostltm persistence msrdpltm persistence persist-recordsltm persistence sipltm persistence source-addrltm persistence sslltm persistence universalltm policy-strategyltm policyltm poolltm profile analyticsltm profile certificate-authorityltm profile classificationltm profile client-ldapltm profile client-sslltm profile dhcpv4ltm profile dhcpv6ltm profile diameterltm profile dns-loggingltm profile dnsltm profile fasthttpltm profile fastl4ltm profile fixltm profile ftpltm profile georedundancyltm profile gtpltm profile htmlltm profile http-compressionltm profile httpltm profile http2ltm profile http3ltm profile httprouterltm profile icapltm profile iiopltm profile ilx

105910611062106310651067106810691071107210731074107610781079108010811083108410851087108910911094109610991100110611091110111111121114111511171119112011271128113011321132113411351137113811401142114411461147114811491150115111521154115511551158

1164116511661167

11681168117011711177117811801180

ltm profile imapltm profile ipotherltm profile ipsecalgltm profile maptltm profile mblbltm profile mqttltm profile mssqlltm profile netflowltm profile ntlmltm profile ocsp-stapling-paramsltm profile ocspltm profile one-connectltm profile pcpltm profile pop3ltm profile pptpltm profile qoeltm profile quicltm profile radiusltm profile ramcacheltm profile request-adaptltm profile request-logltm profile response-adaptltm profile rewriteltm profile rtspltm profile sctpltm profile server-ldapltm profile server-sslltm profile sipltm profile smtpltm profile smtpsltm profile socksltm profile splitsessionclientltm profile splitsessionserverltm profile statisticsltm profile streamltm profile tcp-analyticsltm profile tcpltm profile tftpltm profile traffic-accelerationltm profile udpltm profile wa-cacheltm profile web-accelerationltm profile web-securityltm profile websocketltm profile xmlltm rule-profilerltm ruleltm snat-translationltm snatltm snatpoolltm tacdb customdb-fileltm tacdb customdbltm tacdb licenseddbltm tacdb queryltm traffic-classltm traffic-matching-criterialtm urlcat-cloud-cacheltm urlcat-queryltm virtual-addressltm virtual

mgmtmgmt shared settings api-status availabilitymgmt shared settings api-status log resource-propertymgmt shared settings api-status log resource

netnet address-listnet arpnet bwc policynet bwc priority-groupnet bwc traffic-groupnet clone-statsnet cmetrics

118111821183118411851186118811891190119211921193119311941198119811991202120312051205120712081209120912101211121212131214121712191220122112231225122612281230123212341236123712381247124812481249124912511254125412551258125912601261126212631265126612691272127312741275127612781279128012811283

net cos global-settingsnet cos map-8021pnet cos map-dscpnet cos traffic-prioritynet dag-globalsnet dns-resolvernet f5opticsnet fdb tunnelnet fdb vlannet ike-evt-statnet ike-msg-statnet interface-cosnet interface-ddmnet interfacenet ipsec-statnet ipsec ike-daemonnet ipsec ike-peernet ipsec ike-sanet ipsec ipsec-policynet ipsec ipsec-sanet ipsec manual-security-associationnet ipsec traffic-selectornet ipv6-subscriber-prefix-lengthnet lldp-globalsnet lldp-neighborsnet mroutenet multicast-globalsnet ndpnet packet-filter-trustednet packet-filternet packet-tester securitynet port-listnet port-mirrornet rate-shaping classnet rate-shaping color-policernet rate-shaping drop-policynet rate-shaping queuenet rate-shaping shaping-policynet route-domainnet routenet router-advertisementnet routing access-listnet routing bfdnet routing bgpnet routing community-listnet routing debugnet routing extcommunity-listnet routing prefix-listnet routing profile bgpnet routing route-mapnet rst-causenet self-allownet selfnet service-policynet sfc-statsnet sfc chainnet sfc hopnet sfc sfnet stp-globalsnet stpnet timer-policynet trunknet tunnels endpointnet tunnels etheripnet tunnels fec-statnet tunnels fecnet tunnels genevenet tunnels grenet tunnels ipipnet tunnels ipsecnet tunnels lw4o6net tunnels map

1284128512861288129012911292129312951298

130013001303130413051305130613071308130913101312131313141316132713291330133213331335133813401342134413471349135313541355135713581359135913601361136213631366136713691370

13711371137313741399140114011402140314041405140614071407140814081417141814191420

net tunnels pppnet tunnels tcp-forwardnet tunnels tunnelnet tunnels v6rdnet tunnels vxlannet tunnels wccpnet vlan-allowednet vlan-groupnet vlannet wccp

pempem forwarding-endpointpem global-settings analyticspem global-settings gxpem global-settings hsl-flowpem global-settings hsl-reportpem global-settings insert-contentpem global-settings policypem global-settings quota-mgmtpem global-settings session-mgmt-attributespem global-settings subscriber-activity-logpem interception-endpointpem irulepem listenerpem policypem profile diameter-endpointpem profile radius-aaapem profile spmpem profile subscriber-mgmtpem protocol diameter-avppem protocol profile gxpem protocol profile radiuspem protocol radius-avppem quota-mgmt rating-grouppem reporting format-scriptpem service-chain-endpointpem sessiondbpem stats actionpem stats dtospem stats gxpem stats gypem stats hslpem stats hudnode-optpem stats multiple-ippem stats persistencepem stats radiuspem stats sdpem stats subscriberpem stats tetheringpem subscriber-attributepem subscriberpem subscribers

securitysecurity analytics settingssecurity anti-fraud engine-updatesecurity anti-fraud profilesecurity anti-fraud signatures-updatesecurity blacklist-publisher all-blacklist-publishersecurity blacklist-publisher blacklist-publisher-statssecurity blacklist-publisher by-addrsecurity blacklist-publisher by-categorysecurity blacklist-publisher categorysecurity blacklist-publisher profilesecurity bot-defense anomaly-categorysecurity bot-defense anomalysecurity bot-defense classsecurity bot-defense micro-servicesecurity bot-defense profilesecurity bot-defense signature-categorysecurity bot-defense signaturesecurity bot-defense templatesecurity cloud-services cmd

142114221423142414251427142714281430143114311432143314331434143414351435143614371438143914481449145214531454145514591473147514761478147914811481148214821483148414841485148714871492149214931493149714991501150715081509151015111512151215161517151815221523152515261527152915301530154315431544

security cloud-services connectorsecurity datasync background-taskssecurity datasync device-statssecurity datasync global-profilesecurity datasync local-profilesecurity debug drop-redirect-statssecurity debug matchersecurity debug registersecurity device-id attributesecurity device device-contextsecurity dos auto-thresholds heavy-urlssecurity dos auto-thresholds stress-basedsecurity dos auto-thresholds top-device-idssecurity dos auto-thresholds top-geolocationssecurity dos auto-thresholds top-source-ipssecurity dos auto-thresholds top-urlssecurity dos auto-thresholds tps-basedsecurity dos autodos-file-objectsecurity dos behavioral-signaturesecurity dos bot-signature-categorysecurity dos bot-signaturesecurity dos device-configsecurity dos dns-nxdomain-statsecurity dos dos-signaturesecurity dos dynamic-signaturessecurity dos ip-uncommon-protolistsecurity dos l4bdos-file-objectsecurity dos network-whitelistsecurity dos profilesecurity dos spva-statssecurity dos stress-statssecurity dos udp-portlistsecurity dos virtualsecurity firewall address-listsecurity firewall config-change-logsecurity firewall container-statsecurity firewall context-statsecurity firewall current-statesecurity firewall fqdn-entitysecurity firewall fqdn-infosecurity firewall global-fqdn-policysecurity firewall global-rulessecurity firewall ipi-category-infosecurity firewall management-ip-rulessecurity firewall matching-rulesecurity firewall on-demand-compilationsecurity firewall on-demand-rule-deploysecurity firewall policysecurity firewall port-listsecurity firewall port-misuse-policysecurity firewall rule-listsecurity firewall rule-statsecurity firewall schedulesecurity firewall user-domainsecurity firewall user-listsecurity firewall uuid-default-autogeneratesecurity flowspec-route-injector flowspec-advertised-route-infosecurity flowspec-route-injector profilesecurity http file-typesecurity http mandatory-headersecurity http profilesecurity ip-intelligence blacklist-categorysecurity ip-intelligence feed-listsecurity ip-intelligence global-policysecurity ip-intelligence infosecurity ip-intelligence policysecurity log antifraud-storage-fieldsecurity log network-storage-fieldsecurity log profilesecurity log protocol-dns-storage-fieldsecurity log protocol-sip-storage-fieldsecurity log remote-format

15451546154615471548155115561556155815581559155915601560156115611562156315631565156515661566156815691570157115721572157315731574157815791582

1583158315841584158515861587158815901598159815991600160116021606160716081609161016101611161216141614161516171619162016211622162416241625162516261630

security log storage-fieldsecurity malicious-sources device-idssecurity malicious-sources ip-addressessecurity nat destination-translationsecurity nat policysecurity nat source-translationsecurity packet-filter default-rulessecurity packet-filter policysecurity packet-filter rule-statsecurity presentation tmui netflow-detailssecurity presentation tmui netflow-listsecurity presentation tmui signature-detailssecurity presentation tmui signature-listsecurity protected-servers netflow-tmc-statsecurity protocol-inspection auto-update settingssecurity protocol-inspection auto-update statussecurity protocol-inspection common-configsecurity protocol-inspection compliance-enumssecurity protocol-inspection compliancesecurity protocol-inspection learning-statssecurity protocol-inspection learning-suggestionssecurity protocol-inspection profile-statussecurity protocol-inspection profilesecurity protocol-inspection servicesecurity protocol-inspection signaturesecurity protocol-inspection stagingsecurity protocol-inspection systemsecurity protocol-inspection updatessecurity protocol-inspection virtual-serverssecurity scrubber dwbl-scrubber-category-statssecurity scrubber dwbl-scrubber-statsecurity scrubber profilesecurity scrubber unredirectsecurity ssh profilesecurity zone

syssys air-filter-resetsys alert lcdsys aomsys appiq configsys application apl-scriptsys application custom-statsys application servicesys application templatesys autoscale-groupsys availabilitysys clocksys clustersys config-diffsys configsys connectionsys consolesys coresys cpusys crypto acceleration-strategysys crypto allow-key-exportsys crypto ca-bundle-managersys crypto cert-order-managersys crypto cert-validation-response ocspsys crypto cert-validator crlsys crypto cert-validator ocspsys crypto certsys crypto check-certsys crypto clientsys crypto crlsys crypto csrsys crypto encrypted-attributessys crypto fips by-handlesys crypto fips external-hsmsys crypto fips keysys crypto keysys crypto master-key

163016321633163416351635163616371638163816401641164216431644164516461646164716481649165016511652165316531654165416561657165816591661166216631664166516661668166916711671167216731674167516751676167916801681168216821685168616871688168916911692169216941695169616961697169816981699170017011702

sys crypto pkcs12sys crypto serversys daemon-hasys daemon-log-settings clusterdsys daemon-log-settings csyncdsys daemon-log-settings icr-eventdsys daemon-log-settings icrdsys daemon-log-settings lindsys daemon-log-settings mcpdsys daemon-log-settings tmmsys datastorsys dbsys default-configsys diags ihealth-requestsys diags ihealth-resultsys diags ihealthsys disk application-volumesys disk directorysys disk logical-disksys dnssys dynad instrumentationsys dynad keysys dynad rpmsys dynad settingssys dynad statussys ecm configsys ecm registersys failoversys feature-modulesys file apache-ssl-certsys file browser-capabilities-dbsys file data-groupsys file device-capabilities-dbsys file external-monitorsys file ifilesys file lwtunneltblsys file rewrite-rulesys file ssl-certsys file ssl-crlsys file ssl-keysys fipsusersys fix-connectionsys foldersys fpga firmware-configsys fpga infosys fpga turboflex-profilesys geoipsys global-settingssys ha-groupsys ha-statussys hardwaresys host-infosys httpdsys hypervisor-infosys icall eventsys icall handler periodicsys icall handler perpetualsys icall handler triggeredsys icall istats-triggersys icall publishersys icall scriptsys icmp-statsys icontrol-soapsys integrity status-checksys internal-proxysys ip-addresssys ip-statsys ipfix destinationsys ipfix elementsys ipfix irulessys iprep-statussys license

170317041705170617071708170917111712171317151716171817191720172117221723172417261726172717281728172917311732173217331734173417351735173617371738173817391741174117421743174417441745174617471747174817481749175017511751175317541759176117621764176617671767176917701771177317741775177717781778

sys log-config destination alertdsys log-config destination arcsightsys log-config destination ipfixsys log-config destination local-databasesys log-config destination local-syslogsys log-config destination management-portsys log-config destination remote-high-speed-logsys log-config destination remote-syslogsys log-config destination splunksys log-config filtersys log-config publishersys log-rotatesys logsys mac-addresssys management-dhcpsys management-ipsys management-ovsdbsys management-proxy-configsys management-routesys mcp-statesys memorysys nethsm async-queue-statsys nethsm pkcs11d-statsys nethsm sync-queue-statsys ntpsys outbound-smtpsys performance all-statssys performance connectionssys performance dnsexpresssys performance dnssecsys performance gtmsys performance ramcachesys performance systemsys performance throughputsys pfman consumersys pfman devicesys proc-infosys provisionsys pva-trafficsys raid arraysys raid baysys raid disksys readysys scriptdsys servicesys sflow data-source httpsys sflow data-source interfacesys sflow data-source systemsys sflow data-source vlansys sflow global-settings httpsys sflow global-settings interfacesys sflow global-settings systemsys sflow global-settings vlansys sflow receiversys smtp-serversys snmpsys software block-device-hotfixsys software block-device-imagesys software hotfixsys software imagesys software signaturesys software statussys software update-statussys software updatesys software volumesys sshdsys state-mirroringsys sync-sys-filessys syslogsys tmm-infosys tmm-trafficsys traffic

1779178017801781178217821784178417851787

17871787178817891789179017911791179217921793179417961797179717981798179917991799

1800180018011804180418051806180618071808

1808180818091812181318151830183118321832

1833183318341835183618371839184118431844184618471849

sys turboflex featuressys turboflex profile-configsys turboflex profile allsys turboflex profile featuresys turboflex warningsys ucssys url-db download-resultsys url-db download-schedulesys url-db url-categorysys version

utilutil ccmodeutil clientssl-ciphersutil diadbutil dnatutilutil establish adfs trustutil finalize custom amiutil geodbutil geoutilutil ihealthutil ipsecalgdbutil lsndbutil platform checkutil platform diagutil qkcloudutil serverssl-ciphersutil sipdbutil ssh keyswaputil test-monitorutil verify encryption

vcmpvcmp globalvcmp guestvcmp health ha-statusvcmp health module-provisionvcmp health promptvcmp health softwarevcmp traffic-profilevcmp virtual-disk-templatevcmp virtual-disk

wamwam ad-policywam applicationwam domain listwam object-typewam policywam resource concat-setwam resource domain-listwam resource urlwam roi-statistics

womwom advertised-routewom deduplicationwom diagnose-connwom endpoint-discoverywom local-endpointwom profile cifswom profile isessionwom profile mapiwom remote-endpointwom remote-routewom server-discoverywom verify-config

F5 TMSH Reference - 16.xF5 TMSH references are collections of the available BIG-IP TMSH man pages.

General

grepNAME grep - Display lines matching a pattern

SYNTAX list [component] "|" grep [ [option | pattern] ... ] show [component] "|" grep [ [option | pattern] ... ] options: -A [integer] -B [integer] -C [integer] -E -G -P -c -e [pattern] -i -m [integer] -n -o -v -w -x Note: Each option must be followed by a space.

Note: tmsh treats any argument that is not preceded by a supported option, and does not begin with a hyphen, as a search pattern preceded by -e.

DESCRIPTION You can use grep to filter the output generated by the commands list (configuration settings) and show (statistics and runtime status). You must type the character | before the grep specification. You can use multiple filters chained together.

EXAMPLES The following examples show how to use the grep utility in tmsh.

list ltm node | grep "^10\.2" list ltm virtual | grep -i seattle list ltm virtual | grep -i abc | grep -i ab | grep -i a

OPTIONS -A Display the specified number of lines of context after matching lines.

-B Display the specified number of lines of context before matching lines.

-C Display the specified number of lines of context before and after matching lines.

-E Interpret patterns as extended regular expressions.

-G Interpret patterns as basic regular expressions.

-P Interpret patterns as Perl regular expressions.

-c Display a count of the lines that match. If -v is specified the number of non-matching lines is displayed.

-e Specify a pattern. This is useful to protect against patterns beginning with a hyphen.

-i Case insensitive search.

-m Stop reading input after the specified number of matching lines. If -c is specified the count will not exceed the value specified for -m. If -v is specified grep will stop after finding the specified number of non-matching lines.

-n Prefix each line of output with the line number relative to the input.

-o Show only the part of a matching line that matches the pattern.

R

-v Invert the sense of matching, to select non-matching lines.

-w Select only those lines containing matches that form whole words. The test is that the matching substring must either be at the beginning of the line, or preceded by a non-word constituent character. Similarly, it must be either at the end of the line or followed by a non-word constituent character. Word-constituent characters are letters, digits, and the underscore.

-x Select only those matches that exactly match the whole line.

SEE ALSO list, show, tmsh

COPYRIGHT No part of this program may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or information storage and retrieval systems, for any purpose other than the purchaser's personal use, without the express written permission of F5 Networks, Inc.

F5 Networks and BIG-IP (c) Copyright 2009. All rights reserved.

BIG-IP 2017-05-24 grep(1)

timeNAME Time - Date and Time formats.

MODULE All tmsh modules.

SYNTAX Date/Time Syntax now[ [ + | - ] [ d | h | w | m ] ] yyyy-mm-dd[ : | T ]hh:mm[:ss] mm-dd[-yyyy][ : | T ]hh:mm[:ss] mm/dd[/yyyy][ : | T ]hh:mm[:ss]

Date Range Syntax now[ [ + | - ] [ d | h | w | m ] ]--now[ [ + | - ] [ d | h | w | m ] ] yyyy-mm-dd[ : | T ]hh:mm[:ss]--yyyy-mm-dd[ : | T ]hh:mm[:ss] mm-dd[-yyyy][ : | T ]hh:mm[:ss]--indefinite epoch--mm/dd[/yyyy][ : | T ]hh:mm[:ss] now[ [ + | - ] [ d | h | w | m ] ]

DESCRIPTION The date or time format is found in tmsh as an attribute or parameter for many configuration items. Below are the various formats supported for both Date/Time and Date Range. Please see the examples for further assistance in using the required formats.

DATE:TIME FORMATS nowX This date format starts with now (the current time) and is optionally followed by + or - some time span. The format will look like the following: now[ [ + | - ] integer [ d | h | w | m ] ], where the user picks either before (-) or after (+) the current time and then specifies integer number of minutes(m), hours(h), days(d) or weeks(w). This format is case-insensitive.

Examples: Input Date Description

now-3d 3 days ago. now+3h 3 hours from now. now-3m 3 minutes ago. now+3w 3 weeks from now.

yyyy-mm-dd:hh:mm:ss This format requires a year, month, day separated by - characters. A time is also required, which is specified as hour:minute:second, where the seconds are optional. The date and time must be separated by a : colon. Note: This is the default time format for output from tmsh.


2013-05-29:13:30 May 29th, 2013 at 1:30pm. 2000-01-04:12:22:30 January 4th, 2000 at 12:22pm and 30 seconds.

mm-dd-yyyy:hh:mm:ss This format requires at least a month(m) and day(d) specified and optionally a year (y). If no year is specified, tmsh will auto-fill the year with the current year. A time is also required in the format of hour:minute:second, where the seconds are optional.


3-12-2015:12:01:00 March 12th, 2015 at 12:01 pm. 4-15:22:10:30 April 15th of this year at 10:10 pm and 30 seconds.

mm/dd/yyyy:hh:mm:ss This format requires at least a month(m) and day(d) specified and optionally a year (y). If no year is specified, tmsh will auto-fill the year with the current year. A time is also required in the format of hour:minute:second, where the seconds are optional.


3/12/2015:12:01:00 March 12th, 2015 at 12:01 pm. 4/15:22:10:30 April 15th of this year at 10:10 pm and 30 seconds.

T Delimiter Any of the above time formats may optionally use a capital letter T (as in the word Time) to separate the date from the time, instead of using a colon (:).


9/16/2005T12:01:01 September 16th, 2005 at 12:01pm and 1 second. 2011-11-12T00:03:30 November 12th, 2011 at 12:03am and 30 seconds.

Special Dates There are two special dates that may be used in tmsh. They are indefinite and epoch. Below is an explanation of those dates.

indefinite The date will be marked as being infinitely in the future (end of time).

epoch The date will be marked as being infinitely in the past (beginning of time).

DATE RANGES DateX--DateZ A Date Range is 2 dates in a valid Date Format separated by a -- (double hyphen). The dates may be any of the Date Formats specified above. See examples below on how to use this notation.


now-2d--now-4d 2 to 4 days ago. now--now-3m From 3 minutes ago to now. epoch--3/12/2011:12:00:00 Everything older than March 12th, 2011 at noon. 2008-03-12--indefinite Everything after midnight on March 12th, 2008.

DateX When specifying a date range, the second date may be left out. This will cause the system to assume the second date in the range to be now. Using this format for a date range may make it confusing when using the NowX date format listed above. The following examples will help clarify how to use this format with any supported Date Format.


now-3d From 3 days ago to now. now+3w From now to 3 weeks from now. epoch Everything before the current date and time. indefinite Everything after the current date and time.

SEE ALSO tmsh, create, modify


F5 Networks and BIG-IP (c) Copyright 2008-2013, 2016. All rights reserved.

BIG-IP 2016-03-14 time(1)

tmshNAME tmsh - Traffic Management Shell - A command line interface for managing the BIG-IP(r) system.

DESCRIPTION

You can use tmsh to configure and manage the BIG-IP system in conjunction with the Configuration utility, which is the browser-based BIG-IP system and network management tool.

MODULES The structure of tmsh is hierarchical and modular. The highest level is the root module, which contains subordinate modules: auth, cli, gtm, ltm, net, sys and wom. Use the command help with no arguments to display the module hierarchy relative to the current module.

The gtm, ltm, net, sys, and wom modules also contain subordinate modules. All modules and subordinate modules contain components. To display the list of modules and components that are available in the current module type Tab or ? at the tmsh prompt.

Commands operate on components. To display the list of available commands type Tab or ? at the beginning of the command line. To display a list of components on which a command can operate type the command followed by a space followed by Tab or ?.

The following examples illustrate how to navigate the tmsh hierarchy.

To enter a module, type the name of the module at the tmsh prompt.

(tmos)# ltm

The prompt displays the current module location.

(tmos.ltm)#

You can display the components in a module using the commands list (configuration) and show (statistics and runtime status). The following command sequence displays the virtual server configuration of the BIG-IP system.

(tmos.ltm)# list virtual

In the following examples, the commands list and show display information about only ltm components.

(tmos.ltm)# list (tmos.ltm)# show

You can access any component in any module from any other module by specifying a complete path to the component. For example, from the ltm module, the following command displays all of the properties of the VLANs on the system. The forward slash / specifies that what follows is relative to the root module.

(tmos.ltm)# list /net vlan all-properties

The forward slash is optional if the root module is the current module. For example, the following command sequences display profiles.

(tmos)# list ltm profile (tmos)# list /ltm profile (tmos)# list / ltm profile

Most components also support component mode. You can navigate to a single component and run commands to manage that component. For example, from the ltm module, to navigate to the node component, use the following command.

(tmos.ltm)# node

To display the properties of all nodes, use the following command.

(tmos.ltm.node)# list

You can also navigate to a specific object (object mode). For example, from the node component, to enter object mode for a specific node, enter the command modify followed by the IP address of the node.

(tmos.ltm.node)# modify 10.1.1.10

In object mode, you can configure property settings directly. For example, to set the connection limit for 10.1.1.10 to 10000, use the following command.

(tmos.ltm.node.10.1.1.10)# connection-limit 10000

To exit a module enter the command exit at the tmsh prompt, as shown below.

(tmos.ltm)# exit (tmos)#

PRODUCT PROVISIONING You must provision a BIG-IP system module before you can use tmsh to configure that product, for example, the Global Traffic Manager. The command sequence list sys provision displays the BIG-IP system modules that can be provisioned. For more information about provisioning, see the TMOS(r) Management Guide for BIG-IP Systems and help sys provision.

LOADING/SAVING THE SYSTEM CONFIGURATION The system applies all configuration changes that you make from within tmsh to the running configuration of the system.

You can save a portion of the running configuration known as the base configuration. You can also load the base configuration from the stored configuration files.

To save the base configuration to the stored configuration files, use the command sequence: save sys base- config. To replace the running base configuration with the configuration in the stored configuration files, use the command sequence: load /sys base-config.

Additionally, you can save the entire running configuration or load all of the stored configuration files.

To save the entire running configuration to the stored configuration files, use the command sequence: save /sys config. To replace the entire running configuration with the configuration in the stored configuration files using the command sequence: load /sys config.

HELP tmsh tmsh includes man pages for each of the commands and components that are available within tmsh. You access the man pages using the following command syntax: help [ [command] | [full path to component] ].

For example, to access the man page for the vlan component from the root module, use this command sequence: help / net vlan.

You can also search the man pages for information on a specific topic. To do this you use the command syntax: help search [topic]. You can perform a help search from within any module in the tmsh hierarchy. For example, to find the man pages that contain a reference to VLANs, use this command sequence: help search vlan

To display a list of topics that are available in a module use this command sequence: help [full path to module].

For example, to display the topics that are available in the current module use this command: help. To display the topics that are available in the net module use this command sequence: help / net.

CONTEXT-SENSITIVE HELP tmsh includes a context-sensitive help feature that provides help as you type commands. At any time, you can type a question mark (?) on the command line, and tmsh returns information to assist you in completing the command. Based on when you type the question mark, you get the following results.

When you type a question mark immediately following any portion of a command, tmsh returns possible completions for the command, but does not complete the command as the command completion feature does. When you type a space before the question mark, tmsh returns descriptive text that explains the commands, components, or properties that you can configure. When you type a question mark in the middle of a command, tmsh returns help on the command to the left of the cursor.

Note: To use a question mark in a Glob or regular expression, you must escape the question mark using quotation marks, apostrophes, or a backslash.

Additionally, you can request context-sensitive help for the last command in a series of commands. For more information, see ENTERING MULTIPLE COMMANDS, following.

COMMAND COMPLETION At any point while typing or editing a command in tmsh, you can press the Tab key. tmsh either completes the current or next word, or displays possible completions for the current or next word. If tmsh displays nothing after you press the Tab key, no options exist to complete the word. If you move the cursor anywhere on the command line and press the Tab key, tmsh completes what is to the left of the cursor.

Command completion also reduces the amount of typing that is required to run commands. When you press the Tab key, the system automatically completes the current command-line element to as many unique characters as possible. If there is more than one possible completion the list of possible completions displays. Command completion also completes configuration object identifiers.

ENTERING MULTIPLE COMMANDS You can enter multiple commands on the command line by separating the commands with semi-colons (;). For example, to display the properties of the self IP addresses and VLANs of the system, use this command sequence:

list / net self ; list / net vlan

When you enter multiple commands in this way, all of the commands are added to the command history in a single line item, regardless of whether any of the commands were successful. However, if one of the commands that you enter fails to parse, tmsh does not run the remaining commands you entered. tmsh audits commands as the commands run; therefore, if a command fails to parse, tmsh does not audit the remaining commands. For more information about the command history, see COMMAND HISTORY, following.

You can also specify multiple commands in a command alias by separating the commands with semi-colons. For example, to create an alias that displays the properties of the VLANs and VLAN groups on the system, use this command sequence:

create / cli alias vlans command "list / net vlan ; list / net vlan-group"

You can request context-sensitive help and utilize the command completion feature on the last command in a series of commands. For example, the following command sequence displays help for the vlan-group component.

list / net vlan ; list / net vlan-group ?

COMMAND HISTORY tmsh saves in the command history file each command that you enter. The command history persists when you log off of the system. The next time you log on to the system, you can search for, display, and then edit, the tmsh commands that you entered in previous sessions. The command history persists even through a restart of

the BIG-IP system. For more information about the command history feature, see help history.

The following examples show how to use the command history feature.

To display the commands in the history list, enter either the command sequence show history or an exclamation point (!). tmsh displays a list of commands each preceded by a numeric ID.

To run a command from the history list, enter an exclamation point followed by the numeric ID of the command.

To run the previous command, enter !!.

FILTERING OUTPUT You can filter the output generated by the commands list (configuration settings) and show (statistics and runtime status) using the UNIX grep utility. You must type the character | before the grep specification. You can use multiple filters chained together. For a list of supported grep options, see the Traffic Management Shell (tmsh) Reference Guide.

The following examples show how to use the grep utility in tmsh.

list ltm node | grep "^10\.2" list ltm virtual | grep -i seattle list ltm virtual | grep -i abc | grep -i ab | grep -i a

KEYBOARD BINDINGS tmsh supports vi, emacs and default keyboard bindings. You can set the binding using the keymap preference. For more information, see help cli preference. For a detailed description of the default mapping, see the Traffic Management Shell (tmsh) Reference Guide.

Note that all mappings provide command-line editing and the capability to search the command history.

WILDCARD OBJECT IDENTIFIERS You can specify configuration object identifiers using glob and regular expression syntax.

For glob and regular expression syntax rules, see help glob and help regex. Note that you can escape the glob and regular expression special characters using a back slash.

The following examples show how to use glob and regular expressions in tmsh.

Uses a glob expression to display the configuration of all nodes that begin with 10.1..

list ltm node 10.1.*

Uses a regular expression to display the configuration of all nodes that begin with 10. and contain .44.. Note that a regular expression must begin with an @ symbol. This identifies to tmsh that the identifier should be treated as a regular expression and not a glob or standard object identifier. The leading @ is not part of the regular expression.

list ltm node @^10\..*\.44\.

PREFERENCES You can customize the behavior of tmsh. For more information, see help cli preference.

FILES tmsh manages several files in a user's home directory.

$HOME/.tmsh-history- contains command history.

STATISTICS You can use tmsh to display statistics, including historical performance statistics. You can select the format in which the statistics display, as well as reset the statistics for some of the tmsh components. To determine if statistics are available for a component, see the man page for the specific component.

The following examples show how to display and reset statistics for the net interface component from the root module.

show net interface reset-stats net interface

The following examples show how to display and reset statistics for the net interface component from the net module.

show interface reset-stats interface

AUTOMATING TMSH You can use tmsh to build TCL scripts to automate management of the BIG-IP. See the cli script help page.

COMMAND LINE OPTIONS The following options can be specified when tmsh is started from the system shell.

-a tmsh does not write commands to the command history file.

Note that if auditing is enabled, tmsh continues to write commands to the audit log. This option is useful when writing scripts from the system shell, because it stops the scripts from filling up the command history file. This option applies to the non-interactive mode only.

-c Run the specified command. A command that contains multiple arguments must be in quotes. No other options

may be specified after -c

-d [ip address | host name] Connects to the specified blade in a clustered system.

-e Disables video highlighting in tmsh.

-h Displays options you can use when accessing tmsh from the system shell.

-m Generates a tmsh debug log named tmsh.out in the current directory.

Note that when you run a tmsh script, the shell generates a debug log file for the script named tmsh.out.[script name].

Using this option causes tmsh to run significantly slower.

-q Prevents tmsh from responding to user actions with questions. This option is useful when writing non- interactive shell scripts from the system shell.

-r This option allows the user to run TMSH the specified version. This is used to provide backwards compatibility for older TMSH syntax only. The version must be specified in the format maj.min.pt, for example 11.5.0

SEE ALSO Detailed information on the following topics is available through the help command: cli preference, cli script, glob, help, regex, and sys provision.

For complete information about tmsh, see the Traffic Management Shell (tmsh) Reference Guide. This guide is available on the AskF5(sm) Knowledge Base ().



BIG-IP 2014-02-18 tmsh(1)

Commands

cdNAME cd command - Change the current working folder.


SYNTAX Use the command cd to change the current working folder.

cd [folder name] cd /[folder name]

DESCRIPTION The command cd [folder name] changes the current working folder to allow the user navigation around the folder system (see sys folder). The command pwd displays the current working directory.

The current working folder may be listed in the tmos command prompt while in tmsh interactive mode (see cli preference).

Folder names are separated by a forward slash /.

There are two built-in folders:

/ is the root folder

/Common is the default folder for creating new configurations objects.

Additionally, the following directory entries:

. is the current folder

.. is the parent folder

EXAMPLES cd /Common

Change the current working folder to /Common.

cd resources

Change the current working folder to resources. In this example the resources folder is relative to the current working folder. As an example, if the current working folder was /Common, the new working folder will be /Common/resources.

cd resources/profiles/udp

Multiple folders may be specified. Tab complete assists filling the command line with folder names.

cd /

Make the current working folder the root folder.

cd ../Alpha

Change the working directory by first going to the parent, and then switch to the sub-folder Alpha.

SEE ALSO help, pwd, sys folder, tmsh


F5 Networks and BIG-IP (c) Copyright 2008-2010. All rights reserved.

BIG-IP 2011-08-31 cd(1)

cpNAME cp command - Creates a copy of a TMOS(tm) configuration object.


SYNTAX Use the command cp within a tmsh module to create a copy of the component that resides in that module. To create a copy component that resides in another module, use the full path to the component.

cp [component] [source] [destination] cp / [module...module] [component] [source] [destination]

DESCRIPTION You must provide a unique name for each component destination of the copy operation.

EXAMPLES cp template mytemplate newtemplate

From within the sys application module, creates a new Application Template named newtemplate with the same properties as mytemplate .

cp / cli script my_script1 my_script2

From within the sys application module, copies the my_script1 script to my_script2 within the cli module.

OPTIONS component Specifies the type of the component that you want to copy.

module Specifies the module within which the component that you want to copy resides.

source Specifies the component to be copied.

destination Specifies a unique name for the component that will be created as part of the copy.

SEE ALSO tmsh

COPYRIGHT

No part of this program may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or information storage and retrieval systems, for any purpose other than the purchaser's personal use, without the express written permission of F5 Networks, Inc.


BIG-IP 2010-12-06 cp(1)

createNAME create command - Creates a TMOS(tm) configuration component.


SYNTAX Use the command create within a tmsh module to create a component that resides in that module. To create a component that resides in another module, use the full path to the component.

create [component] [name] [property [value]...] create / [module...module] [component] [name] [property [value]...]

DESCRIPTION You must provide a unique name for each component that you create.

EXAMPLES create pool pool1

From within the gtm module, creates a Global Traffic Manager pool named pool1.

create / ltm pool my_pool

From within the gtm module, creates a Local Traffic Manager pool named my_pool.

OPTIONS component Specifies the type of the component that you want to create.

module Specifies the module within which the component that you want to create resides.

name Specifies a unique name for the component.

property [value]... Specifies properties for the component and their values.

SEE ALSO tmsh


F5 Networks and BIG-IP (c) Copyright 2008-2010, 2013, 2016. All rights reserved.

BIG-IP 2016-03-14 create(1)

deleteNAME delete command - Deletes a tmsh component.


SYNTAX Use the command delete within a tmsh module to delete a component that resides in that module. To delete a component that resides in another module, use the full path to the component.

delete [component] [name]

delete / [module...module] [component] [name]

DESCRIPTION You must provide the name of the component that you want to delete.

EXAMPLES delete pool pool1

From within the gtm module, deletes the Global Traffic Manager pool named pool1.

delete / ltm pool my_pool

From within the gtm module, deletes the Local Traffic Manager pool named my_pool.

OPTIONS component Specifies the type of the component that you want to delete.

module Specifies the module within which the component that you want to delete resides.

name Specifies the name of the component that you want to delete. All may be used as an identifier for most component types.

recursive Deletes all items in the current folder and all sub-folders that match the module, component and the name specified. all may be used as the name identifier with this command.

Note: When using recursive and all together, you will be prompted to verify this action. If you wish to disable this prompt, you may run tmsh using the -q command-line option. This is very useful when writing scripts that use this command.

SEE ALSO tmsh



BIG-IP 2016-03-14 delete(1)

editNAME edit command - Opens the specified components in an editor.

MODULES All tmsh modules.

SYNTAX Use the command edit to create components or modify the configuration of components using a text editor. To edit a component that resides in another module, use the full path to the component.

edit [component] [name ... name | all] edit / [module...module] [component] [name ... name | all]

DESCRIPTION You can use the command edit to create or modify components in the auth, cli, gtm, ltm, net, sys and wom modules, and iRules(r).

If you are assigned the role of Administrator, when you use the command edit, the system starts the vi editor. If you are assigned any other role, the system starts the pico/nano editor.

The system saves, in a temporary directory, the text file, named data, that you are editing. When you save the file and close the editor, the system checks for errors, and then prompts you with an opportunity to continue editing and resolve any errors.

When you edit an existing component that can have associations, such as a Global Traffic Manager wide IP that can have pool member associations. but the component does not currently have associations, to create the new associations, you must use the full command syntax in the text file. For the full command syntax for each component, see the associated man page.

When you edit a component that has associations with components that are children of the component you are editing, the text file contains a line for the configuration of the child components that begins with the command modify, for example: pools modify { [existing pool members configurations] }. In this case, if you want to add or delete pool members, you must add additional lines to the text file, for example: pools delete { [pool members to delete] }.

If you want the text file that opens to contain all of the editable properties of the component that you want to edit, you must use the all-properties option at the end of the edit command sequence; otherwise, only the non-default properties display in the text file.

EXAMPLES edit / gtm pool a*

From the root module, opens a file in an editor in which you can modify the configuration of all Global Traffic Manager pools with names that start with the letter a using the template that displays in the editor.

edit datacenter new_dc

From the gtm module, opens a file in an editor in which you can create the Data Center named new_dc using the template that displays in the editor.

edit datacenter a*

From the gtm module, opens a file in an editor in which you can edit all existing datacenters with names that begin with the letter a.

edit datacenter new_datacenter existing_datacenter

From the gtm module, opens a file in an editor in which you can create a new datacenter and edit an existing datacenter. Note that when the file opens, a template displays that you can use to create a new datacenter followed by the configuration of the existing datacenter.

edit rule rule_1

From the gtm module, opens a file in an editor in which you can create an iRule named rule_1 using the template that displays in the editor.

When the editor opens, and you are creating or editing an iRule, you must enclose the iRule syntax in brackets, for example, [ ...iRule... ]. Note that the template includes the brackets.

OPTIONS all Specifies that you want to modify all of the existing components of the specified type.

component Specifies the type of component that you want to create or modify.

module Specifies the module within which the component resides.

name Specifies a unique name of each component that you want to create or modify.

SEE ALSO tmsh


F5 Networks and BIG-IP (c) Copyright 2008-2010, 2012-2013. All rights reserved.

BIG-IP 2013-03-22 edit(1)

exitNAME exit command - Exits a tmsh module or component.


SYNTAX Use the command exit within a tmsh module or component to leave that module or component and return to the higher level of the shell structure.

exit

Note that to exit tmsh and return to the BIG-IP(r) system prompt, use the command quit.

DESCRIPTION For more information about the structure of tmsh, see the Traffic Management Shell (tmsh) Reference Guide.

SEE ALSO tmsh



BIG-IP 2012-04-05 exit(1)

generateNAME generate - Generate signed scripts using different algorithms for components (for example, iRules).


DESCRIPTION Use the generate command to generate signed scripts for components. Currently two algorithms are supported: checksum and signature.

generate checksum generate signature signing-key

SEE ALSO ltm rule, sys application template



BIG-IP 2014-04-08 generate(1)

helpNAME help command - Displays context-sensitive help text.


SYNTAX Use the command help within a tmsh module to display information about the components that reside within that module, or at the component level to display help about the component. To display help for a component that resides in one module from within another module, use the full path to the component.

Type the question mark (?) character anywhere in tmsh to display a list of modules, components, and commands that are available within the module in which you are currently working.

? help help [module...module] help [component] help / [module...module] [component] help search [text]

DESCRIPTION You can display tmsh man pages using the command help.

EXAMPLES ?

From within the gtm module, displays a list of modules, components, and commands that are available.

help pool

From within the gtm module, displays help about Global Traffic Manager pools.

help / ltm pool

From within the gtm module, displays help about Local Traffic Manager pools.

OPTIONS component Specifies the type of the component for which you want to display help.

search Use the search option to find help topics that contain the specified text. The search is case insensitive. Text that contains a space or special tmsh characters must be quoted. Note that the search will not always find text that spans multiple lines.

module Specifies the module within which the component for which you want to display help resides.

SEE ALSO tmsh



BIG-IP 2012-10-19 help(1)

installNAME install - Install and update components.


DESCRIPTION Use the command install to install or update the following components. For the description and syntax see the help page for each component.

sys license sys software block-device-hotfix sys software block-device-image sys software hotfix sys software image

SEE ALSO sys license, sys software block-device-hotfix, sys software block-device-image, sys software hotfix, sys software image, tmsh



BIG-IP 2014-04-20 install(1)

listNAME list command - Displays components that you have permission to view.


SYNTAX Use the list command within a tmsh module to display the properties of the components in that module. To display the properties of the components in one module from within another module, use the full path to the component.

list [component]

list [component] [name] list [component] [name] [property] list / [module...module] [component] [name] [property] options: all-properties current-module non-default-properties one-line partition recursive

DESCRIPTION When the default Read partition is All, use the list command to display all of the components that you have permission to view within a tmsh module. When you specify a Read partition, the list command displays:

Â· Only the components that you have permission to view in the current partition

Â· All of the components that are not in partitions

Â· All of the components in partition Common

EXAMPLES list / ltm

From within the gtm module, displays the properties of all of the components in the ltm module, including the components in the ltm monitor, ltm persistence, and ltm profile modules.

list / ltm current-module

From within the gtm module, displays the properties of all of the components in the ltm module, not including the components in the ltm monitor, ltm persistence, and ltm profile modules.

list pool

From within the gtm module, displays the properties of all of the Global Traffic Manager pools.

list pool all-properties

From within the gtm module, displays all of the properties of all of the Global Traffic Manager pools.

list pool monitor

From within the gtm module, displays the monitor associated with each Global Traffic Manager pool.

list / ltm pool

From within the gtm module, displays the properties of all of the Local Traffic Manager pools.

OPTIONS all-properties Displays the values of all of the properties of the specified component.

component Specifies the component that you want to display.

current-module Specifies to display only the components that reside in the specified module, not the components that reside in the sub-modules of that module.

For example, from within the ltm module to display only the components in the gtm module, and not the components in the gtm monitor and gtm settings sub-modules, use the following command sequence: list / gtm current-module.

module Specifies the module within which the component that you want to display resides.

Note: When you use the command list at the module level, by default, the system does not display all of the components that reside in the specified module. To display the properties of some components you must explicitly specify the component. For example, from the ltm module, to display the virtual addresses for the Local Traffic Manager, use this command sequence:

list virtual-address

For more information about displaying the properties of a component, see the man page for the component.

name Specifies the unique name of the component.

non-default-properties Displays the values of all of the properties for which a user changed the value from the default value for the specified component.

one-line Displays the configuration for each object on one line. Configuration that consists of scripts will not be formatted on to a single line. This include ltm and gtm iRules and tmsh scripts.

partition Displays the administrative partition within which the specified component exists.

property Specifies the property of the component that you want to display.

recursive Specifies to display the components not only from the current folder but also from all sub-folders recursively.

SEE ALSO tmsh



BIG-IP 2016-03-14 list(1)

loadNAME load command - Replaces the running configuration of the BIG-IP(r) system with the configuration in the specified files. You can also use this command to import an ASM policy from a file / standard input, and to install the Anti-fraud engine / signatures update.


SEE ALSO save, tmsh, asm policy, ltm dns dns-express db, sys config, sys geoip, sys ucs



BIG-IP 2014-12-30 load(1)

modifyNAME modify command - Modifies a tmsh component.


SYNTAX Use the command modify within a tmsh module to modify a component that resides in that module. To modify a component in one module from within another module, use the full path to the component.

modify [component] [name] [property [value] ]... modify / [module...module] [component] [name] [property [value] ]...

DESCRIPTION You must provide the name of the component that you want to modify.

You can apply one or more property settings to multiple components using a single command sequence. For example, to associate the Local Traffic Manager pool named pool-1 with the virtual servers named virtual-1 and virtual-2, use this command sequence: modify ltm virtual virtual-1 virtual-2 pool pool-1

EXAMPLES modify pool pool1 disabled

From within the gtm module, disables the Global Traffic Manager pool named pool1.

modify / ltm pool my_pool disabled

From within the gtm module, disables the Local Traffic Manager pool named my_pool.

OPTIONS component Specifies the type of the component that you want to modify.

module Specifies the module within which the component that you want to modify resides.

name Specifies the unique name of the component that you want to modify.

property [value]... Specifies the properties of the component that you want to modify and their new values.

SEE ALSO tmsh



BIG-IP 2016-03-14 modify(1)

mvNAME mv command - Renames or moves a TMOS(tm) configuration object.


SYNTAX Use the mv command within a tmsh module to move or rename the component that resides in that module. To move a component that resides in another module, use the full path to the component.

mv [component] [source] [destination] mv / [module...module] [component] [source] [destination]

DESCRIPTION You must provide a unique name for the source and destination of the move operation.

WARNING Currently MV is an experimental feature. By using this feature, you may be subject to loss of statistics and disruption in GTM service. If you plan to move or rename a Virtual Server, please contact your GTM administrator before doing so. You may enable this feature by setting the appropriate db variable. This can be done by issuing the command:

modify /sys db mcpd.mvenabled value true

This will turn on the feature and allow moving and rename of select objects through TMSH only. Once you have finished using the feature, we recommend disabling it once again. You may do this by issuing the following command:

modify /sys db mcpd.mvenabled value false

Please use responsibly.

EXAMPLES mv cm device bigip seattle32

Renames the device named bigip to seattle32.

mv ltm pool mypool myotherpool

Renames the LTM Pool named mypool to myotherpool.

mv ltm pool /Common/by/mypool /Common/myotherpool /Common/sub/mythirdpool to-folder /Partition2/sub1

Moves the 3 pools in 3 different locations named mypool, myotherpool and mythirdpool into a single folder in another partition.

OPTIONS to-folder Specifies the folder to move the item or items into.

component Specifies the type of the component that you want to move.

destination

Specifies a unique name for the component.

module Specifies the module within which the component that you want to move resides.

source Specifies the component to be moved.

SEE ALSO tmsh


F5 Networks and BIG-IP (c) Copyright 2012. All rights reserved.

BIG-IP 2014-03-25 mv(1)

publishNAME publish - Finalizes changes in the policy by creating a read-only copy of it.


DESCRIPTION Use the command publish to make wam policies available for usage in wam applications. You can also use this command to apply asm policies. For the description and syntax see the help page for wam policy or asm policy.

SEE ALSO asm policy, wam policy, tmsh



BIG-IP 2012-09-05 publish(1)

pwdNAME pwd command - Display the current working folder.


SYNTAX Use the command pwd to display the current working folder.

pwd

DESCRIPTION Display the current working folder

EXAMPLES pwd

SEE ALSO cd, help, sys folder, tmsh



BIG-IP 2012-04-05 pwd(1)

quitNAME quit command - Exits tmsh.


SYNTAX Use the following command at the tmsh prompt to close tmsh and return to the BIG-IP(r) system prompt.

quit

Note that to exit a tmsh module or component, you use the command exit.

SEE ALSO tmsh



BIG-IP 2010-12-06 quit(1)

rebootNAME reboot command - Reboots the system or boots the system into a different volume.


SYNTAX reboot options: slot [ [slot number] | all ] volume [name]

DESCRIPTION You can use the command reboot to reboot the system or cluster. If you do not specify an option, the local system reboots.

You can use the volume option to reboot a system into a specific volume. For a cluster, you can use the volume option to reboot all slots into the specified volume.

Additionally, for a cluster, you can use the slot option to reboot either a specific slot or all slots. Note that the slot option does not modify the active volume.

EXAMPLES reboot

Immediately reboots the running image.

reboot volume HD1.2

If the volume HD1.2 has a complete image on it, the system (or cluster) reboots into that image immediately. However, if a software installation is in progress on the volume the system reboots as soon as the installation is complete.

If the volume contains software that is not a version permitted by the license a warning will be displayed requiring the user to input Y/N with the Y standing for 'Yes', proceed with the reboot, or N for 'No', stop the reboot and return to the tmsh command line.

OPTIONS slot [ [slot number] | all ] Reboots either a specific slot or all slots in a cluster, without changing the active volume of the

slot(s).

This option is only available in a clustered environment.

Note: The slot and volume options are mutually exclusive.

volume Specifies the volume that you want to boot. The volume you specify becomes the default boot volume. You cannot specify the active volume. In a clustered environment all slots reboot into the same volume.

Note: The slot and volume options are mutually exclusive.

SEE ALSO install, sys software hotfix, sys software image, sys software status, sys software volume, tmsh



BIG-IP 2019-05-02 reboot(1)

reset-statsNAME reset-stats - Resets statistics for the specified components.


SYNTAX Use the command reset-stats within a tmsh module to reset the statistics for the specified component to zero. To reset the statistics for the specified component in one module from within another module, use the full path to the component.

reset-stats [component] reset-stats [component] [name] reset-stats / [module...module] [component] reset-stats / [module...module] [component] [name]

DESCRIPTION You can reset statistics for a group of components, or you can reset statistics for a specific component.

After you reset statistics, when you run the command show, you may see a value of nan. This stands for not a number, which indicates that no data is currently available. Wait a few moments and run the command show again, and in most cases the nan value will be replaced by an integer value.

It is important to note the following when you reset statistics:

Â· For a dat

Documents

Table of Contents · gtm monitor mysql gtm monitor nntp gtm monitor none gtm monitor oracle gtm monitor pop3 gtm monitor postgresql gtm monitor radius-accounting gtm monitor radius