bigip_device_facts – Collect facts from F5 BIG-IP devices
New in version 2.7.
Synopsis
- Collect facts from F5 BIG-IP devices.
Parameters
Parameter | Choices/Defaults | Comments | |
---|---|---|---|
gather_subset list / required |
| When supplied, this argument will restrict the facts returned to a given subset. Can specify a list of values to include a larger subset. Values can also be used with an initial ! to specify that a specific subset should not be collected.aliases: include | |
password string / required | The password for the user account used to connect to the BIG-IP. You may omit this option by setting the environment variable F5_PASSWORD .aliases: pass, pwd | ||
provider dictionary added in 2.5 | A dict object containing connection details. | ||
password string / required | The password for the user account used to connect to the BIG-IP. You may omit this option by setting the environment variable F5_PASSWORD .aliases: pass, pwd | ||
server string / required | The BIG-IP host. You may omit this option by setting the environment variable F5_SERVER . | ||
server_port integer | Default: 443 | The BIG-IP server port. You may omit this option by setting the environment variable F5_SERVER_PORT . | |
ssh_keyfile path | Specifies the SSH keyfile to use to authenticate the connection to the remote device. This argument is only used for cli transports. You may omit this option by setting the environment variable ANSIBLE_NET_SSH_KEYFILE . | ||
timeout integer | Default: 10 | Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands. If the timeout is exceeded before the operation is completed, the module will error. | |
transport string |
| Configures the transport connection to use when connecting to the remote device. | |
user string / required | The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You may omit this option by setting the environment variable F5_USER . | ||
validate_certs boolean |
| If no , SSL certificates are not validated. Use this only on personally controlled sites using self-signed certificates.You may omit this option by setting the environment variable F5_VALIDATE_CERTS . | |
server string / required | The BIG-IP host. You may omit this option by setting the environment variable F5_SERVER . | ||
server_port integer added in 2.2 | Default: 443 | The BIG-IP server port. You may omit this option by setting the environment variable F5_SERVER_PORT . | |
user string / required | The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You may omit this option by setting the environment variable F5_USER . | ||
validate_certs boolean added in 2.0 |
| If no , SSL certificates are not validated. Use this only on personally controlled sites using self-signed certificates.You may omit this option by setting the environment variable F5_VALIDATE_CERTS . |
Notes
Note
- For more information on using Ansible to manage F5 Networks devices see https://www.ansible.com/integrations/networks/f5.
- Requires BIG-IP software version >= 12.
- The F5 modules only manipulate the running configuration of the F5 product. To ensure that BIG-IP specific configuration persists to disk, be sure to include at least one task that uses the bigip_config module to save the running configuration. Refer to the module’s documentation for the correct usage of the module to save your running configuration.
Examples
- name: Collect BIG-IP facts bigip_device_facts: gather_subset: - interfaces - vlans provider: server: lb.mydomain.com user: admin password: secret delegate_to: localhost - name: Collect all BIG-IP facts bigip_device_facts: gather_subset: - all provider: server: lb.mydomain.com user: admin password: secret delegate_to: localhost - name: Collect all BIG-IP facts except trunks bigip_device_facts: gather_subset: - all - "!trunks" provider: server: lb.mydomain.com user: admin password: secret delegate_to: localhost
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description | |||
---|---|---|---|---|---|
asm_policies complex | When asm-policies is specified in gather_subset . | Detailed facts for ASM policies present on device. Sample: hash/dictionary of values | |||
active boolean | changed | Indicates if an ASM policy is active. Sample: True | |||
allowed_response_codes list | changed | Lists the response status codes between 400 and 599 that the security profile considers legal. Sample: ['400', '404'] | |||
application_language string | changed | The language encoding for the web application. Sample: utf-8 | |||
case_insensitive boolean | changed | Indicates if the ASM policy treats file types, URLs, and parameters as case sensitive. Sample: True | |||
csrf_protection_enabled boolean | changed | Specifies if CSRF protection is active on the ASM policy. Sample: True | |||
csrf_protection_expiration_time_in_seconds integer | changed | Specifies how long, in seconds, a configured CSRF token is valid before it expires. Sample: 600 | |||
csrf_protection_ssl_only boolean | changed | Specifies that only HTTPS URLs will be checked for CSRF protection. Sample: True | |||
csrf_urls complex | changed | Specifies a list of URLs for CSRF token verification. In version 13.0.0 and above this has become a sub-collection and a list of dictionaries. In version 12.x this is a list of simple strings. | |||
csrf_url string | changed | Specifies an URL to protect. Sample: ['/foo.html'] | |||
csrf_url_enforcement_action string | changed | Indicates the action specified for the system to take when the URL entry matches. Sample: none | |||
csrf_url_id string | changed | Specified the generated ID for the configured CSRF url resource. Sample: l0Ckxe-7yHsXp8U5tTgbFQ | |||
csrf_url_method string | changed | Method for the specified URL. Sample: POST | |||
csrf_url_parameters_list list | changed | List of parameters to look for in a request when checking if the URL entry matches the request. Sample: ['fooparam'] | |||
csrf_url_required_parameters string | changed | Indicates whether to ignore or require one of the specified parameters is present in a request when checking if the URL entry matches the request. Sample: ignore | |||
csrf_url_wildcard_order string | changed | Specified the order in which the wildcard URLs are enforced. Sample: 1 | |||
custom_xff_headers string | changed | List of custom XFF headers trusted by the system. Sample: asm-proxy1 | |||
description string | changed | Description of the resource. Sample: Significant Policy Description | |||
disallowed_geolocations string | changed | Displays countries that may not access the web application. Sample: Argentina | |||
enforcement_mode string | changed | Specifies whether blocking is active or inactive for the ASM policy. Sample: blocking | |||
enforcement_readiness_period integer | changed | Period in days both security policy entities and attack signatures remain in staging mode before the system suggests to enforce them. Sample: 8 | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/foo_policy | |||
has_parent boolean | changed | Indicates if the ASM policy is a child of another ASM policy. | |||
inspect_http_uploads boolean | changed | Specify if the system should inspect all http uploads. Sample: True | |||
learning_mode string | changed | Determine how the policy is built. Sample: manual | |||
mask_credit_card_numbers_in_request boolean | changed | Indicates if the system masks credit card numbers. | |||
maximum_cookie_header_length integer | changed | Maximum length of a cookie header name and value that the system processes. Sample: 8192 | |||
maximum_http_header_length integer | changed | Maximum length of an HTTP header name and value that the system processes. Sample: 8192 | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: foo_policy | |||
path_parameter_handling string | changed | Specifies how the system handles path parameters that are attached to path segments in URIs. Sample: ignore | |||
place_signatures_in_staging boolean | changed | Specifies if the system places new or updated signatures in staging for the number of days specified in the enforcement readiness period. | |||
policy_id string | changed | Generated ID of the ASM policy resource. Sample: l0Ckxe-7yHsXp8U5tTgbFQ | |||
protocol_independent boolean | changed | Indicates if the ASM policy differentiates between HTTP/WS and HTTPS/WSS URLs. | |||
signature_staging boolean | changed | Specifies if the staging feature is active on the ASM policy. Sample: True | |||
trigger_asm_irule_event string | changed | Indicates if iRule event is enabled. Sample: disabled | |||
trust_xff boolean | changed | Indicates the system has confidence in an XFF (X-Forwarded-For) header in the request. Sample: True | |||
type string | changed | The type of policy, can be Security or Parent .Sample: security | |||
use_dynamic_session_id_in_url boolean | changed | Specifies how the security policy processes URLs that use dynamic sessions. | |||
virtual_servers list | changed | Virtual server or servers which have this policy assigned to them. Sample: ['/Common/foo_VS/'] | |||
asm_policy_stats complex | When asm-policy-stats is specified in gather_subset . | Miscellaneous ASM policy related facts. Sample: hash/dictionary of values | |||
policies integer | changed | The total number of ASM policies on the device. Sample: 3 | |||
policies_active integer | changed | The number of ASM policies that are marked as active. Sample: 3 | |||
policies_attached integer | changed | The number of ASM policies that are attached to virtual servers. Sample: 1 | |||
policies_inactive integer | changed | The number of ASM policies that are marked as inactive. | |||
policies_unattached integer | changed | The number of ASM policies that are not attached to a virtual server. Sample: 3 | |||
asm_server_technologies complex | When asm-server-technologies is specified in gather_subset . | Detailed facts for ASM server technologies present on device. Sample: hash/dictionary of values | |||
id string | changed | Displays the generated ID for the server technology resource. Sample: l0Ckxe-7yHsXp8U5tTgbFQ | |||
server_technology_name string | changed | Human friendly name of the server technology resource. Sample: Wordpress | |||
server_technology_references complex | changed | List of dictionaries containing API self links of the associated technology resources. Sample: https://localhost/mgmt/tm/asm/server-technologies/NQG7CT02OBC2cQWbnP7T-A?ver=13.1.0 | |||
link - | A self link to an associated server technology. | ||||
asm_signature_sets complex | When asm-signature-sets is specified in gather_subset . | Detailed facts for ASM signature sets present on device. Sample: hash/dictionary of values | |||
assign_to_policy_by_default boolean | changed | Indicates whether the system assigns this signature set to a new created security policy by default. Sample: True | |||
category string | changed | Displays the category of the signature set. Sample: filter-based | |||
default_alarm boolean | changed | Displays whether the security policy logs the request data in the Statistics screen if a request matches a signature that is included in the signature set Sample: True | |||
default_block boolean | changed | Displays, when the security policy's enforcement mode is Blocking, how the system treats requests that match a signature included in the signature set. Sample: True | |||
default_learn boolean | changed | Displays whether the security policy learns all requests that match a signature that is included in the signature set. Sample: True | |||
id string | changed | Displays the generated ID for the signature set resource. Sample: l0Ckxe-7yHsXp8U5tTgbFQ | |||
is_user_defined boolean | changed | Specifies that this signature set was added by a user. | |||
name string | changed | Name of the signature set Sample: WebSphere signatures | |||
type string | changed | The method used to select signatures to be a part of the signature set. Sample: filter-based | |||
client_ssl_profiles complex | When client-ssl-profiles is specified in gather_subset . | Client SSL Profile related facts. Sample: hash/dictionary of values | |||
alert_timeout integer | changed | Maximum time period in seconds to keep the SSL session active after alert message is sent, or indefinite. | |||
allow_non_ssl boolean | changed | Enables or disables non-SSL connections. Sample: True | |||
authenticate_depth integer | changed | Specifies the authenticate depth. This is the client certificate chain maximum traversal depth. Sample: 9 | |||
authenticate_frequency string | changed | Specifies how often the system authenticates a user. Sample: once | |||
ca_file string | changed | Specifies the certificate authority (CA) file name. Sample: /Common/default-ca.crt | |||
cache_size integer | changed | Specifies the SSL session cache size. Sample: 262144 | |||
cache_timeout integer | changed | Specifies the SSL session cache timeout value. Sample: 3600 | |||
certificate_file string | changed | Specifies the name of the certificate installed on the traffic management system for the purpose of terminating or initiating an SSL connection. Sample: /Common/default.crt | |||
chain_file string | changed | Specifies or builds a certificate chain file that a client can use to authenticate the profile. Sample: /Common/ca-chain.crt | |||
ciphers string | changed | Specifies a list of cipher names. Sample: ['DEFAULT'] | |||
crl_file string | changed | Specifies the certificate revocation list file name. Sample: /Common/default.crl | |||
description string | changed | Description of the profile. Sample: My profile | |||
forward_proxy_ca_certificate_file string | changed | Specifies the name of the certificate file that is used as the certification authority certificate when SSL forward proxy feature is enabled. | |||
forward_proxy_ca_key_file string | changed | Specifies the name of the key file that is used as the certification authority key when SSL forward proxy feature is enabled. | |||
forward_proxy_ca_passphrase string | changed | Specifies the passphrase of the key file that is used as the certification authority key when SSL forward proxy feature is enabled. | |||
forward_proxy_certificate_extension_include list | changed | Specifies the extensions of the web server certificates to be included in the generated certificates using SSL Forward Proxy. Sample: ['basic-constraints', 'subject-alternative-name'] | |||
forward_proxy_certificate_lifespan integer | changed | Specifies the lifespan of the certificate generated using the SSL forward proxy feature. Sample: 30 | |||
forward_proxy_enabled boolean | changed | Enables or disables SSL forward proxy feature. Sample: True | |||
forward_proxy_lookup_by_ipaddr_port boolean | changed | Specifies whether to perform certificate look up by IP address and port number. | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/bigip02.internal | |||
handshake_timeout integer | changed | Specifies the handshake timeout in seconds. Sample: 10 | |||
modssl_methods boolean | changed | Enables or disables ModSSL method emulation. | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: bigip02.internal | |||
parent string | changed | Parent of the profile Sample: /Common/clientssl | |||
peer_certification_mode string | changed | Specifies the peer certificate mode. Sample: ignore | |||
profile_mode_enabled boolean | changed | Specifies the profile mode, which enables or disables SSL processing. Sample: True | |||
renegotiation boolean | changed | Specifies whether renegotiations are enabled. Sample: True | |||
renegotiation_maximum_record_delay integer | changed | Maximum number of SSL records that the traffic management system can receive before it renegotiates an SSL session. | |||
renegotiation_period integer | changed | Number of seconds required to renegotiate an SSL session. | |||
retain_certificate boolean | changed | APM module requires storing certificate in SSL session. When no , certificate will not be stored in SSL session.Sample: True | |||
secure_renegotiation_mode string | changed | Specifies the secure renegotiation mode. Sample: require | |||
server_name string | changed | Specifies the server names to be matched with SNI (server name indication) extension information in ClientHello from a client connection. Sample: bigip01 | |||
session_ticket boolean | changed | Enables or disables session-ticket. | |||
sni_default boolean | changed | When yes , this profile is the default SSL profile when the server name in a client connection does not match any configured server names, or a client connection does not specify any server name at all.Sample: True | |||
sni_require boolean | changed | When this option is yes , a client connection that does not specify a known server name or does not support SNI extension will be rejected. | |||
strict_resume boolean | changed | Enables or disables strict-resume. Sample: True | |||
unclean_shutdown boolean | changed | Whether to force the SSL profile to perform a clean shutdown of all SSL connections or not | |||
device_groups complex | When device-groups is specified in gather_subset . | Device group related facts. Sample: hash/dictionary of values | |||
asm_sync_enabled boolean | changed | Specifies whether to synchronize ASM configurations of device group members. Sample: True | |||
autosync_enabled boolean | changed | Whether the device group automatically synchronizes configuration data to its members. | |||
description string | changed | Description of the device group. Sample: My device group | |||
devices list | changed | List of devices that are in the group. Devices are listed by their full_path .Sample: ['/Common/bigip02.internal'] | |||
full_load_on_sync boolean | changed | Specifies that the entire configuration for a device group is sent when configuration synchronization is performed. Sample: True | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/fasthttp | |||
incremental_config_sync_size_maximum integer | changed | Specifies the maximum size (in KB) to devote to incremental config sync cached transactions. Sample: 1024 | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: fasthttp | |||
network_failover_enabled boolean | changed | Specifies whether network failover is used. Sample: True | |||
type string | changed | Specifies the type of device group. Sample: sync-only | |||
devices complex | When devices is specified in gather_subset . | Device related facts. Sample: hash/dictionary of values | |||
active_modules list | changed | The currently licensed and provisioned modules on the device. Sample: ['DNS Services (LAB)', 'PSM, VE'] | |||
base_mac_address string | changed | Media Access Control address (MAC address) of the device. Sample: fa:16:3e:c3:42:6f | |||
build string | changed | The minor version information of the total product version. Sample: 0.0.1 | |||
chassis_id string | changed | Serial number of the device. Sample: 11111111-2222-3333-444444444444 | |||
chassis_type string | changed | Displays the chassis type. The possible values are individual and viprion .Sample: individual | |||
comment string | changed | User comments about the device. Sample: My device | |||
configsync_address string | changed | IP address used for configuration synchronization. Sample: 10.10.10.10 | |||
contact string | changed | Administrator contact information. Sample: The User | |||
description string | changed | Description of the device. Sample: My device | |||
edition string | changed | Displays the software edition. Sample: Point Release 7 | |||
failover_state string | changed | Device failover state. Sample: active | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/bigip02.internal | |||
hostname string | changed | Device hostname Sample: bigip02.internal | |||
location string | changed | Specifies the physical location of the device. Sample: London | |||
management_address string | changed | IP address of the management interface. Sample: 3.3.3.3 | |||
marketing_name string | changed | Marketing name of the device platform. Sample: BIG-IP Virtual Edition | |||
multicast_address string | changed | Specifies the multicast IP address used for failover. Sample: 4.4.4.4 | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: bigip02.internal | |||
optional_modules list | changed | Modules that are available for the current platform, but are not currently licensed. Sample: ['App Mode (TMSH Only, No Root/Bash)', 'BIG-IP VE, Multicast Routing'] | |||
platform_id string | changed | Displays the device platform identifier. Sample: Z100 | |||
primary_mirror_address string | changed | Specifies the IP address used for state mirroring. Sample: 5.5.5.5 | |||
product string | changed | Displays the software product name. Sample: BIG-IP | |||
secondary_mirror_address string | changed | Secondary IP address used for state mirroring. Sample: 2.2.2.2 | |||
self boolean | changed | Whether this device is the one that was queried for facts, or not. Sample: True | |||
software_version string | changed | Displays the software version number. Sample: 13.1.0.7 | |||
timelimited_modules list | changed | Displays the licensed modules that are time-limited. Sample: ['IP Intelligence, 3Yr, ...', 'PEM URL Filtering, 3Yr, ...'] | |||
timezone string | changed | Displays the time zone configured on the device. Sample: UTC | |||
unicast_addresses complex | changed | Specifies the entire set of unicast addresses used for failover. | |||
effective_ip string | changed | The IP address that peers can use to reach this unicast address IP. Sample: 5.4.3.5 | |||
effective_port integer | changed | The port that peers can use to reach this unicast address. Sample: 1026 | |||
ip string | changed | The IP address that the failover daemon will listen on for packets from its peers. Sample: 5.4.3.5 | |||
port integer | changed | The IP port that the failover daemon uses to accept packets from its peers. Sample: 1026 | |||
external_monitors complex | When external-monitors is specified in gather_subset . | External monitor related facts. Sample: hash/dictionary of values | |||
args string | Specifies any command-line arguments that the script requires. Sample: arg1 arg2 arg3 | ||||
description string | changed | Description of the resource. Sample: My monitor | |||
destination string | Specifies the IP address and service port of the resource that is the destination of this monitor. Sample: *:* | ||||
external_program string | Specifies the name of the file for the monitor to use. Sample: /Common/arg_example | ||||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/external | |||
interval integer | Specifies, in seconds, the frequency at which the system issues the monitor check when either the resource is down or the status of the resource is unknown. Sample: 5 | ||||
manual_resume boolean | Specifies whether the system automatically changes the status of a resource to up at the next successful monitor check. Sample: True | ||||
name string | changed | Relative name of the resource in BIG-IP. Sample: external | |||
parent string | changed | Profile from which this profile inherits settings. Sample: external | |||
time_until_up integer | Specifies the amount of time, in seconds, after the first successful response before a node is marked up. | ||||
timeout integer | Specifies the number of seconds the target has in which to respond to the monitor request. Sample: 16 | ||||
up_interval integer | Specifies, in seconds, the frequency at which the system issues the monitor check when the resource is up. | ||||
variables complex | Specifies any variables that the script requires. Sample: {'key1': 'val', 'key_2': 'val 2'} | ||||
fasthttp_profiles complex | When fasthttp-profiles is specified in gather_subset . | FastHTTP profile related facts. Sample: hash/dictionary of values | |||
client_close_timeout integer | changed | Number of seconds after which the system closes a client connection, when the system either receives a client FIN packet or sends a FIN packet to the client. Sample: 5 | |||
description string | changed | Description of the resource. Sample: My profile | |||
force_http_1_0_response boolean | changed | Specifies, when yes , that the server sends responses to clients in the HTTP/1.0 format. | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/fasthttp | |||
http_1_1_close_workarounds boolean | changed | Specifies, when yes , that the server uses workarounds for HTTP 1.1 close issues. | |||
idle_timeout integer | changed | Length of time that a connection is idle (has no traffic) before the connection is eligible for deletion. Sample: 300 | |||
insert_x_forwarded_for boolean | changed | Whether the system inserts the X-Forwarded-For header in an HTTP request with the client IP address, to use with connection pooling. | |||
maximum_header_size integer | changed | Maximum amount of HTTP header data that the system buffers before making a load balancing decision. Sample: 32768 | |||
maximum_requests integer | changed | Maximum number of requests that the system can receive on a client-side connection, before the system closes the connection. | |||
maximum_segment_size_override integer | changed | Maximum segment size (MSS) override for server-side connections. | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: fasthttp | |||
oneconnect_idle_timeout_override integer | changed | Number of seconds after which a server-side connection in a OneConnect pool is eligible for deletion, when the connection has no traffic. | |||
oneconnect_maximum_pool_size integer | changed | Maximum number of connections to a load balancing pool. Sample: 2048 | |||
oneconnect_maximum_reuse integer | changed | Maximum number of times that the system can re-use a current connection. | |||
oneconnect_minimum_pool_size integer | changed | Minimum number of connections to a load balancing pool. | |||
oneconnect_ramp_up_increment integer | changed | The increment in which the system makes additional connections available, when all available connections are in use. Sample: 4 | |||
oneconnect_replenish' boolean | changed | Specifies, when yes , that the system will not keep a steady-state maximum of connections to the back-end unless the number of connections to the pool have dropped beneath the minimum_pool_size specified in the profile.Sample: True | |||
parent string | changed | Profile from which this profile inherits settings. Sample: fasthttp | |||
receive_window_size integer | changed | Amount of data the BIG-IP system can accept without acknowledging the server. | |||
request_header_insert string | changed | A string that the system inserts as a header in an HTTP request. If the header exists already, the system does not replace it. Sample: X-F5-Authentication: foo | |||
reset_on_timeout boolean | changed | Specifies, when yes , that the system sends a reset packet (RST) in addition to deleting the connection, when a connection exceeds the idle timeout value.Sample: True | |||
server_close_timeout integer | changed | Number of seconds after which the system closes a client connection, when the system either receives a server FIN packet or sends a FIN packet to the server. Sample: 5 | |||
server_sack boolean | changed | Whether the BIG-IP system processes Selective ACK (Sack) packets in cookie responses from the server. | |||
server_timestamp boolean | changed | Whether the BIG-IP system processes timestamp request packets in cookie responses from the server. | |||
unclean_shutdown string | changed | How the system handles closing connections. Values provided may be enabled , disabled , or fast .Sample: enabled | |||
fastl4_profiles complex | When fastl4-profiles is specified in gather_subset . | FastL4 profile related facts. Sample: hash/dictionary of values | |||
client_timeout integer | changed | Specifies late binding client timeout in seconds. This is the number of seconds allowed for a client to transmit enough data to select a server pool. If this timeout expires, the timeout-recovery option dictates whether to drop the connection or fallback to the normal FastL4 load-balancing method to pick a server pool. Sample: 30 | |||
description string | changed | Description of the resource. Sample: My profile | |||
dont_fragment_flag string | changed | Describes the Don't Fragment (DF) bit setting in the IP Header of the outgoing TCP packet. When pmtu , sets the outgoing IP Header DF bit based on IP pmtu setting(tm.pathmtudiscovery).When preserve , sets the outgoing Packet's IP Header DF bit to be same as incoming IP Header DF bit.When set , sets the outgoing packet's IP Header DF bit.When clear , clears the outgoing packet's IP Header DF bit.Sample: pmtu | |||
explicit_flow_migration boolean | changed | Specifies whether to have the iRule code determine exactly when the FIX stream drops down to the ePVA hardware. Sample: True | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/fastl4 | |||
generate_init_seq_number boolean | changed | Specifies whether you want to generate TCP sequence numbers on all SYNs that conform with RFC1948, and allow timestamp recycling. Sample: True | |||
hardware_syn_cookie boolean | changed | Enables or disables hardware SYN cookie support when PVA10 is present on the system. This option is deprecated in version 13.0.0 and is replaced by syn-cookie-enable . | |||
idle_timeout integer | changed | Specifies the number of seconds that a connection is idle before the connection is eligible for deletion. Values will be in the range of 0 to 4294967295 (inclusive). 0 is equivalent to the TMUI value "immediate".4294967295 is equivalent to the TMUI value "indefinite".Sample: 300 | |||
ip_tos_to_client str or int | changed | Specifies an IP Type of Service (ToS) number for the client-side. This option specifies the ToS level that the traffic management system assigns to IP packets when sending them to clients. Sample: 200 | |||
ip_tos_to_server str or int | changed | Specifies an IP ToS number for the server side. This option specifies the ToS level that the traffic management system assigns to IP packets when sending them to servers. Sample: pass-through | |||
keep_alive_interval integer | changed | Specifies the keep-alive probe interval, in seconds. A value of 0 indicates keep-alive is disabled. Sample: 10 | |||
late_binding boolean | changed | Specifies whether to enable or disable intelligent selection of a back-end server pool. Sample: True | |||
link_qos_to_client int or string | changed | Specifies a Link Quality of Service (QoS) (VLAN priority) number for the client side. This option specifies the QoS level that the system assigns to packets when sending them to clients. Sample: 7 | |||
link_qos_to_server int or string | changed | Specifies a Link QoS (VLAN priority) number for the server side. This option specifies the QoS level that the system assigns to packets when sending them to servers. Sample: 5 | |||
loose_close boolean | changed | Specifies that the system closes a loosely-initiated connection when the system receives the first FIN packet from either the client or the server. | |||
loose_init boolean | changed | Specifies that the system initializes a connection when it receives any Transmission Control Protocol (TCP) packet, rather than requiring a SYN packet for connection initiation. Sample: True | |||
mss_override integer | changed | Specifies a maximum segment size (MSS) override for server connections. Note that this is also the MSS advertised to a client when a client first connects. 0 (zero), means the option is disabled. Otherwise, the value will be between 256 and 9162.Sample: 500 | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: fastl4 | |||
parent string | changed | Profile from which this profile inherits settings. Sample: fastl4 | |||
priority_to_client int or string | changed | Specifies internal packet priority for the client side. This option specifies the internal packet priority that the system assigns to packets when sending them to clients. Sample: 300 | |||
priority_to_server int or string | changed | Specifies internal packet priority for the server side. This option specifies the internal packet priority that the system assigns to packets when sending them to servers. Sample: 200 | |||
pva_acceleration string | changed | Specifies the Packet Velocity(r) ASIC acceleration policy. Sample: full | |||
pva_dynamic_client_packets integer | changed | Specifies the number of client packets before dynamic ePVA hardware re-offloading occurs. Values will be between 0 and 10. Sample: 8 | |||
pva_dynamic_server_packets integer | changed | Specifies the number of server packets before dynamic ePVA hardware re-offloading occurs. Values will be between 0 and 10. Sample: 5 | |||
pva_flow_aging boolean | changed | Specifies if automatic aging from ePVA flow cache is enabled or not. Sample: True | |||
pva_flow_evict boolean | changed | Specifies if this flow can be evicted upon hash collision with a new flow learn snoop request. | |||
pva_offload_dynamic boolean | changed | Specifies whether PVA flow dynamic offloading is enabled or not. Sample: True | |||
pva_offload_state string | changed | Specifies at what stage the ePVA performs hardware offload. When embryonic , implies at TCP CSYN or the first client UDP packet.When establish , implies TCP 3WAY handshaking or UDP CS round trip are confirmed.Sample: embryonic | |||
reassemble_fragments boolean | changed | Specifies whether to reassemble fragments. Sample: True | |||
receive_window integer | changed | Specifies the window size to use, in bytes. The maximum is 2^31 for window scale enabling. Sample: 1000 | |||
reset_on_timeout boolean | changed | Specifies whether you want to reset connections on timeout. Sample: True | |||
rtt_from_client boolean | changed | Enables or disables the TCP timestamp options to measure the round trip time to the client. | |||
rtt_from_server boolean | changed | Enables or disables the TCP timestamp options to measure the round trip time to the server. Sample: True | |||
server_sack boolean | changed | Specifies whether to support server sack option in cookie response by default. | |||
server_timestamp boolean | changed | Specifies whether to support server timestamp option in cookie response by default. Sample: True | |||
software_syn_cookie boolean | changed | Enables or disables software SYN cookie support when PVA10 is not present on the system. This option is deprecated in version 13.0.0 and is replaced by syn_cookie_enabled .Sample: True | |||
strip_sack boolean | changed | Specifies whether you want to block the TCP SackOK option from passing to the server on an initiating SYN. Sample: True | |||
syn_cookie_enabled boolean | changed | Enables syn-cookies capability on this virtual server. | |||
syn_cookie_mss integer | changed | Specifies a maximum segment size (MSS) for server connections when SYN Cookie is enabled. Sample: 2000 | |||
syn_cookie_whitelist boolean | changed | Specifies whether or not to use a SYN Cookie WhiteList when doing software SYN Cookies. | |||
tcp_close_timeout integer | changed | Specifies a TCP close timeout in seconds. Sample: 100 | |||
tcp_handshake_timeout integer | changed | Specifies a TCP handshake timeout in seconds. Sample: 5 | |||
tcp_time_wait_timeout integer | changed | Specifies a TCP time_wait timeout in milliseconds. Sample: 60 | |||
tcp_timestamp_mode string | changed | Specifies how you want to handle the TCP timestamp. Sample: preserve | |||
tcp_window_scale_mode string | changed | Specifies how you want to handle the TCP window scale. Sample: preserve | |||
timeout_recovery string | changed | Specifies late binding timeout recovery mode. This is the action to take when late binding timeout occurs on a connection. When disconnect , only the L7 iRule actions are acceptable to pick a server.When fallback , the normal FastL4 load-balancing methods are acceptable to pick a server.Sample: fallback | |||
ttl_mode string | changed | Describe the outgoing TCP packet's IP Header TTL mode. When proxy , sets the outgoing IP Header TTL value to 255/64 for ipv4/ipv6 respectively.When preserve , sets the outgoing IP Header TTL value to be same as the incoming IP Header TTL value.When decrement , sets the outgoing IP Header TTL value to be one less than the incoming TTL value.When set , sets the outgoing IP Header TTL value to a specific value(as specified by ttl_v4 or ttl_v6 .Sample: preserve | |||
ttl_v4 integer | changed | Specify the outgoing packet's IP Header TTL value for IPv4 traffic. Maximum value that can be specified is 255. Sample: 200 | |||
ttl_v6 integer | changed | Specify the outgoing packet's IP Header TTL value for IPv6 traffic. Maximum value that can be specified is 255. Sample: 300 | |||
gateway_icmp_monitors complex | When gateway-icmp-monitors is specified in gather_subset . | Gateway ICMP monitor related facts. Sample: hash/dictionary of values | |||
adaptive boolean | Whether adaptive response time monitoring is enabled for this monitor. | ||||
adaptive_divergence_type string | Specifies whether the adaptive-divergence-value is relative or absolute .Sample: relative | ||||
adaptive_divergence_value integer | Specifies how far from mean latency each monitor probe is allowed to be. Sample: 25 | ||||
adaptive_limit integer | Specifies the hard limit, in milliseconds, which the probe is not allowed to exceed, regardless of the divergence value. Sample: 200 | ||||
adaptive_sampling_timespan integer | Specifies the size of the sliding window, in seconds, which records probe history. Sample: 300 | ||||
description string | changed | Description of the resource. Sample: My monitor | |||
destination string | Specifies the IP address and service port of the resource that is the destination of this monitor. Sample: *:* | ||||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/gateway_icmp | |||
interval integer | Specifies, in seconds, the frequency at which the system issues the monitor check when either the resource is down or the status of the resource is unknown. Sample: 5 | ||||
manual_resume boolean | Specifies whether the system automatically changes the status of a resource to up at the next successful monitor check. Sample: True | ||||
name string | changed | Relative name of the resource in BIG-IP. Sample: gateway_icmp | |||
parent string | changed | Profile from which this profile inherits settings. Sample: gateway_icmp | |||
time_until_up integer | Specifies the amount of time, in seconds, after the first successful response before a node is marked up. | ||||
timeout integer | Specifies the number of seconds the target has in which to respond to the monitor request. Sample: 16 | ||||
transparent boolean | Specifies whether the monitor operates in transparent mode. | ||||
up_interval integer | Specifies, in seconds, the frequency at which the system issues the monitor check when the resource is up. | ||||
gtm_pools complex | When any of gtm-pools or gtm-*-pools is specified in gather_subset . | GTM pool related facts. Every "type" of pool has the exact same list of possible facts. Therefore, the list of facts here is presented once instead of 6 times. Sample: hash/dictionary of values | |||
alternate_mode string | The load balancing mode that the system uses to load balance name resolution requests among the members of the pool. Sample: drop-packet | ||||
disabled boolean | Is the pool disabled | ||||
dynamic_ratio boolean | Whether or not the dynamic ratio load balancing algorithm is enabled for this pool. Sample: True | ||||
enabled boolean | Is the pool enabled. | ||||
fallback_mode string | Specifies the load balancing mode that the system uses to load balance name resolution amongst the pool members if the preferred and alternate modes are unsuccessful in picking a pool. | ||||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/pool1 | |||
load_balancing_mode string | Specifies the preferred load balancing mode that the system uses to load balance requests across pool members. | ||||
manual_resume boolean | Whether manual resume is enabled for this pool | ||||
max_answers_returned integer | Maximum number of available virtual servers that the system lists in a response. | ||||
members complex | Lists of members (and their configurations) in the pool. | ||||
name string | changed | Relative name of the resource in BIG-IP. Sample: pool1 | |||
partition - | Partition the pool exists on. | ||||
qos_hit_ratio integer | Weight of the Hit Ratio performance factor for the QoS dynamic load balancing method | ||||
qos_hops integer | Weight of the Hops performance factor when load balancing mode or fallback mode is QoS. | ||||
qos_kilobytes_second integer | Weight assigned to Kilobytes per Second performance factor when load balancing option is QoS. | ||||
qos_lcs integer | Weight assign to the Link Capacity performance factor when load balacing option is QoS. | ||||
qos_packet_rate integer | Weight assign to the Packet Rate performance factor when load balacing option is QoS. | ||||
qos_rtt integer | Weight assign to the Round Trip Time performance factor when load balacing option is QoS. | ||||
qos_topology integer | Weight assign to the Topology performance factor when load balacing option is QoS. | ||||
qos_vs_capacity integer | Weight assign to the Virtual Server performance factor when load balacing option is QoS. | ||||
qos_vs_score integer | Weight assign to the Virtual Server Score performance factor when load balacing option is QoS. | ||||
ttl integer | Number of seconds that the IP address, once found, is valid. | ||||
verify_member_availability boolean | Whether or not the system verifies the availability of the members before sending a connection to them. | ||||
gtm_servers complex | When gtm-servers is specified in gather_subset . | GTM server related facts. Sample: hash/dictionary of values | |||
addresses complex | Specifies the server IP addresses for the server. | ||||
datacenter string | Full name of the datacenter this server belongs to. | ||||
devices complex. | Specifies the names of the devies that represent this server. | ||||
disabled boolean | Whether the server is disabled. | ||||
enabled boolean | Whether the server is enabled. | ||||
expose_route_domains boolean | Allow the GTM server to auto-discover the LTM virtual servers from all route domains. | ||||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/server1 | |||
iq_allow_path boolean | Whether the GTM uses this BIG-IP system to conduct a path probe before delegating traffic to it. | ||||
iq_allow_service_check boolean | Whether the GTM uses this BIG-IP system to conduct a service check probe before delegating traffic to it. | ||||
iq_allow_snmp boolean | Whether the GTM uses this BIG-IP system to conduct an SNMP probe before delegating traffic to it. | ||||
limit_cpu_usage - | For a server configured as a generic host, specifies the percent of CPU usage, otherwise has no effect. | ||||
limit_cpu_usage_status boolean | Whether limit_cpu_usage is enabled for this server. | ||||
limit_max_bps - | Maximum allowable data throughput rate in bits per second for this server. | ||||
limit_max_bps_status boolean | Whether limit_max_bps is enabled for this server. | ||||
limit_max_connections - | Maximum number of concurrent connections, combind, for this server. | ||||
limit_max_connections_status boolean | Whether limit_max_connections is enabled for this server. | ||||
limit_max_pps - | Maximum allowable data transfer rate, in packets per second, for this server. | ||||
limit_max_pps_status boolean | Whether limit_max_pps is enabled for this server. | ||||
limit_mem_available - | For a server configured as a generic host, specifies the available memory required by the virtual servers on the server. If available memory falls below this limit, the system marks the server as unavailable. | ||||
limit_mem_available_status boolean | Whether limit_mem_available is enabled for this server. | ||||
link_discovery string | Specifies whether the system auto-discovers the links for this server. | ||||
monitor_type string | changed | Whether one or monitors need to pass, or all monitors need to pass. Sample: and_list | |||
monitors list | changed | Specifies health monitors that the system uses to determine whether this server is available for load balancing. Sample: ['/Common/https_443', '/Common/icmp'] | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: server1 | |||
prober_fallback - | The type of prober to use to monitor this servers resources when the preferred type is not available. | ||||
prober_preference - | Specifies the type of prober to use to monitor this servers resources. | ||||
product - | Specifies the server type. | ||||
virtual_server_discovery string | Whether the system auto-discovers the virtual servers for this server. | ||||
virtual_servers complex | Virtual servers that are resources for this server. | ||||
gtm_wide_ips complex | When any of gtm-wide-ips or gtm-*-wide-ips is specified in gather_subset . | GTM Wide IP related facts. Every "type" of wide-ip has the exact same list of possible facts. Therefore, the list of facts here is presented once instead of 6 times. Sample: hash/dictionary of values | |||
description - | Description of the wide ip. | ||||
disabled boolean | Whether the Wide IP is disabled. | ||||
enabled boolean | Whether the Wide IP is enabled. | ||||
failure_rcode - | Specifies the DNS RCODE used when failure_rcode_response is yes . | ||||
failure_rcode_response boolean | When yes , specifies that the system returns a RCODE response to Wide IP requests after exhausting all load-balancing methods. | ||||
failure_rcode_ttl - | Specifies the negative caching TTL of the SOA for the RCODE response. | ||||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/wide1 | |||
last_resort_pool - | Specifies which pool, as listed in Pool List, for the system to use as the last resort pool for the wide IP. | ||||
minimal_response - | Specifies that the system forms the smallest allowable DNS response to a query. | ||||
name string | changed | Relative name of the resource in BIG-IP. Sample: wide1 | |||
persist_cidr_ipv4 - | Specifies the number of bits the system uses to identify IPv4 addresses when persistence is enabled. | ||||
persist_cidr_ipv6 - | Specifies the number of bits the system uses to identify IPv6 addresses when persistence is enabled. | ||||
pool_lb_mode - | Specifies the load balancing method used to select a pool in this wide IP. | ||||
pools complex | Specifies the pools that this wide IP uses for load balancing. | ||||
ttl_persistence - | Specifies, in seconds, the length of time for which the persistence entry is valid. | ||||
http_monitors complex | When http-monitors is specified in gather_subset . | HTTP monitor related facts. Sample: hash/dictionary of values | |||
adaptive boolean | Whether adaptive response time monitoring is enabled for this monitor. | ||||
adaptive_divergence_type string | Specifies whether the adaptive-divergence-value is relative or absolute .Sample: relative | ||||
adaptive_divergence_value integer | Specifies how far from mean latency each monitor probe is allowed to be. Sample: 25 | ||||
adaptive_limit integer | Specifies the hard limit, in milliseconds, which the probe is not allowed to exceed, regardless of the divergence value. Sample: 200 | ||||
adaptive_sampling_timespan integer | Specifies the size of the sliding window, in seconds, which records probe history. Sample: 300 | ||||
description string | changed | Description of the resource. Sample: My monitor | |||
destination string | Specifies the IP address and service port of the resource that is the destination of this monitor. Sample: *:* | ||||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/http | |||
interval integer | Specifies, in seconds, the frequency at which the system issues the monitor check when either the resource is down or the status of the resource is unknown. Sample: 5 | ||||
ip_dscp integer | Specifies the differentiated services code point (DSCP). | ||||
manual_resume boolean | Specifies whether the system automatically changes the status of a resource to up at the next successful monitor check. Sample: True | ||||
name string | changed | Relative name of the resource in BIG-IP. Sample: http | |||
parent string | changed | Profile from which this profile inherits settings. Sample: http | |||
receive_disable_string string | Specifies a text string that the monitor looks for in the returned resource. If the text string is matched in the returned resource, the corresponding node or pool member is marked session disabled. Sample: check disable string | ||||
receive_string string | Specifies the text string that the monitor looks for in the returned resource. Sample: check string | ||||
reverse boolean | Specifies whether the monitor operates in reverse mode. When the monitor is in reverse mode, a successful check marks the monitored object down instead of up. | ||||
send_string string | Specifies the text string that the monitor sends to the target object. Sample: GET /\r\n | ||||
time_until_up integer | Specifies the amount of time, in seconds, after the first successful response before a node is marked up. | ||||
timeout integer | Specifies the number of seconds the target has in which to respond to the monitor request. Sample: 16 | ||||
transparent boolean | Specifies whether the monitor operates in transparent mode. | ||||
up_interval integer | Specifies, in seconds, the frequency at which the system issues the monitor check when the resource is up. | ||||
username string | Specifies the username, if the monitored target requires authentication. Sample: user1 | ||||
http_profiles complex | When http-profiles is specified in gather_subset . | HTTP profile related facts. Sample: hash/dictionary of values | |||
accept_xff boolean | changed | Enables or disables trusting the client IP address, and statistics from the client IP address, based on the request's X-Forwarded-For (XFF) headers, if they exist. Sample: True | |||
allow_truncated_redirects boolean | changed | Specifies the pass-through behavior when a redirect lacking the trailing carriage-return and line feed pair at the end of the headers is parsed. When no , will silently drop the invalid HTTP. | |||
default_connect_handling string | changed | Specifies the behavior of the proxy service when handling outbound requests. Sample: deny | |||
description string | changed | Description of the resource. Sample: My profile | |||
excess_client_headers string | changed | Specifies the pass-through behavior when max_header_count value is exceeded by the client.When reject , rejects the connection.Sample: reject | |||
excess_server_headers string | changed | Specifies the pass-through behavior when max_header_count value is exceeded by the server.When reject , rejects the connection.Sample: reject | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/http | |||
hsts_enabled boolean | changed | When yes , enables the HTTP Strict Transport Security settings.Sample: True | |||
hsts_include_subdomains boolean | changed | When yes , applies the HSTS policy to the HSTS host and its subdomains.Sample: True | |||
insert_x_forwarded_for boolean | changed | When yes , specifies that the system inserts an X-Forwarded-For header in an HTTP request with the client IP address, to use with connection pooling. | |||
known_methods list | changed | Optimizes the behavior of a known HTTP method in the list. The default methods include the following HTTP/1.1 methods. CONNECT, DELETE, GET, HEAD, LOCK, OPTIONS, POST, PROPFIND, PUT, TRACE, UNLOCK. If a known method is deleted from the known_methods list, the BIG-IP system applies the unknown_method setting to manage that traffic.Sample: ['CONNECT', 'DELETE', '...'] | |||
lws_max_columns integer | changed | Specifies the maximum column width for any given line, when inserting an HTTP header in an HTTP request. Sample: 80 | |||
max_header_count integer | changed | Specifies the maximum number of headers the system supports. Sample: 64 | |||
max_header_size integer | changed | Specifies the maximum size in bytes the system allows for all HTTP request headers combined, including the request line. Sample: 32768 | |||
max_requests integer | changed | Specifies the number of requests that the system accepts on a per-connection basis. | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: http | |||
onconnect_transformations boolean | changed | When yes , specifies, that the system performs HTTP header transformations for the purpose of keeping connections open.Sample: True | |||
oversize_client_headers string | changed | Specifies the pass-through behavior when the max_header_size value is exceeded by the client.Sample: reject | |||
oversize_server_headers string | changed | Specifies the pass-through behavior when the max_header_size value is exceeded by the server.Sample: reject | |||
parent string | changed | Profile from which this profile inherits settings. Sample: http | |||
pipeline_action string | changed | Enables or disables HTTP/1.1 pipelining. Sample: allow | |||
proxy_mode string | changed | Specifies the proxy mode for this profile. Either reverse, explicit, or transparent. Sample: reverse | |||
redirect_rewrite string | changed | Specifies whether the system rewrites the URIs that are part of HTTP redirect (3XX) responses Sample: none | |||
request_chunking string | changed | Specifies how the system handles HTTP content that is chunked by a client. Sample: preserve | |||
response_chunking string | changed | Specifies how the system handles HTTP content that is chunked by a server. Sample: selective | |||
server_agent_name string | changed | Specifies the string used as the server name in traffic generated by LTM. Sample: BigIP | |||
sflow_poll_interval integer | changed | The maximum interval in seconds between two pollings. | |||
sflow_sampling_rate integer | changed | Specifies the ratio of packets observed to the samples generated. | |||
unknown_method string | changed | Specifies the behavior (allow, reject, or pass through) when an unknown HTTP method is parsed. Sample: allow | |||
via_request string | changed | Specifies whether to Remove, Preserve, or Append Via headers included in a client request to an origin web server. Sample: preserve | |||
via_response string | changed | Specifies whether to Remove, Preserve, or Append Via headers included in an origin web server response to a client. Sample: preserve | |||
https_monitors complex | When https-monitors is specified in gather_subset . | HTTPS monitor related facts. Sample: hash/dictionary of values | |||
adaptive boolean | Whether adaptive response time monitoring is enabled for this monitor. | ||||
adaptive_divergence_type string | Specifies whether the adaptive-divergence-value is relative or absolute .Sample: relative | ||||
adaptive_divergence_value integer | Specifies how far from mean latency each monitor probe is allowed to be. Sample: 25 | ||||
adaptive_limit integer | Specifies the hard limit, in milliseconds, which the probe is not allowed to exceed, regardless of the divergence value. Sample: 200 | ||||
adaptive_sampling_timespan integer | Specifies the size of the sliding window, in seconds, which records probe history. Sample: 300 | ||||
description string | changed | Description of the resource. Sample: My monitor | |||
destination string | Specifies the IP address and service port of the resource that is the destination of this monitor. Sample: *:* | ||||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/http | |||
interval integer | Specifies, in seconds, the frequency at which the system issues the monitor check when either the resource is down or the status of the resource is unknown. Sample: 5 | ||||
ip_dscp integer | Specifies the differentiated services code point (DSCP). | ||||
manual_resume boolean | Specifies whether the system automatically changes the status of a resource to up at the next successful monitor check. Sample: True | ||||
name string | changed | Relative name of the resource in BIG-IP. Sample: http | |||
parent string | changed | Profile from which this profile inherits settings. Sample: http | |||
receive_disable_string string | Specifies a text string that the monitor looks for in the returned resource. If the text string is matched in the returned resource, the corresponding node or pool member is marked session disabled. Sample: check disable string | ||||
receive_string string | Specifies the text string that the monitor looks for in the returned resource. Sample: check string | ||||
reverse boolean | Specifies whether the monitor operates in reverse mode. When the monitor is in reverse mode, a successful check marks the monitored object down instead of up. | ||||
send_string string | Specifies the text string that the monitor sends to the target object. Sample: GET /\r\n | ||||
ssl_profile string | Specifies the SSL profile to use for the HTTPS monitor. Sample: /Common/serverssl | ||||
time_until_up integer | Specifies the amount of time, in seconds, after the first successful response before a node is marked up. | ||||
timeout integer | Specifies the number of seconds the target has in which to respond to the monitor request. Sample: 16 | ||||
transparent boolean | Specifies whether the monitor operates in transparent mode. | ||||
up_interval integer | Specifies, in seconds, the frequency at which the system issues the monitor check when the resource is up. | ||||
username string | Specifies the username, if the monitored target requires authentication. Sample: user1 | ||||
iapp_services complex | When iapp-services is specified in gather_subset . | iApp v1 service related facts. Sample: hash/dictionary of values | |||
description string | changed | Description of the service Sample: My service | |||
device_group string | changed | The device group the iApp service is part of. Sample: /Common/dg1 | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/service1 | |||
inherited_device_group boolean | changed | Whether the device group is inherited or not. Sample: True | |||
inherited_traffic_group boolean | changed | Whether the traffic group is inherited or not. Sample: True | |||
lists complex | changed | List of the lists data used to create the service. Sample: [{'name': 'irules__irules'}, {'value': []}, '...'] | |||
metadata complex | changed | List of the metadata data used to create the service.. Sample: [{'name': 'var1'}, {'persist': 'true'}, '...'] | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: service1 | |||
strict_updates boolean | changed | Whether strict updates are enabled or not. Sample: True | |||
tables complex | changed | List of the tabular data used to create the service. Sample: [{'name': 'basic__snatpool_members'}, '...'] | |||
template_modified boolean | changed | Whether template that the service is based on is modified from its default value, or not. Sample: True | |||
traffic_group string | changed | Traffic group the service is a part of. Sample: /Common/tg | |||
variables complex | changed | List of the variable data used to create the service. Sample: [{'name': 'afm__policy'}, {'encrypted': 'no'}, {'value': '/#no_not_use#'}, '...'] | |||
icmp_monitors complex | When icmp-monitors is specified in gather_subset . | ICMP monitor related facts. Sample: hash/dictionary of values | |||
adaptive boolean | Whether adaptive response time monitoring is enabled for this monitor. | ||||
adaptive_divergence_type string | Specifies whether the adaptive-divergence-value is relative or absolute .Sample: relative | ||||
adaptive_divergence_value integer | Specifies how far from mean latency each monitor probe is allowed to be. Sample: 25 | ||||
adaptive_limit integer | Specifies the hard limit, in milliseconds, which the probe is not allowed to exceed, regardless of the divergence value. Sample: 200 | ||||
adaptive_sampling_timespan integer | Specifies the size of the sliding window, in seconds, which records probe history. Sample: 300 | ||||
description string | changed | Description of the resource. Sample: My monitor | |||
destination string | Specifies the IP address and service port of the resource that is the destination of this monitor. Sample: *:* | ||||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/icmp | |||
interval integer | Specifies, in seconds, the frequency at which the system issues the monitor check when either the resource is down or the status of the resource is unknown. Sample: 5 | ||||
manual_resume boolean | Specifies whether the system automatically changes the status of a resource to up at the next successful monitor check. Sample: True | ||||
name string | changed | Relative name of the resource in BIG-IP. Sample: icmp | |||
parent string | changed | Profile from which this profile inherits settings. Sample: icmp | |||
time_until_up integer | Specifies the amount of time, in seconds, after the first successful response before a node is marked up. | ||||
timeout integer | Specifies the number of seconds the target has in which to respond to the monitor request. Sample: 16 | ||||
transparent boolean | Specifies whether the monitor operates in transparent mode. | ||||
up_interval integer | Specifies, in seconds, the frequency at which the system issues the monitor check when the resource is up. | ||||
interfaces complex | When interfaces is specified in gather_subset . | Interface related facts. Sample: hash/dictionary of values | |||
active_media_type string | changed | Displays the current media setting for the interface. Sample: 100TX-FD | |||
bundle string | changed | The bundle capability on the port. Sample: not-supported | |||
bundle_speed string | changed | The bundle-speed on the port when bundle capability is enabled. Sample: 100G | |||
description string | changed | Description of the interface Sample: My interface | |||
enabled boolean | changed | Whether the interface is enabled or not Sample: True | |||
flow_control string | changed | Specifies how the system controls the sending of PAUSE frames for flow control. Sample: tx-rx | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/irul1 | |||
if_index integer | changed | The index assigned to this interface. Sample: 32 | |||
lldp_admin string | changed | Sets the sending or receiving of LLDP packets on that interface. Should be one of disable , txonly , rxonly or txrx .Sample: txonly | |||
mac_address string | changed | Displays the 6-byte ethernet address in non-case-sensitive hexadecimal colon notation. Sample: 00:0b:09:88:00:9a | |||
media_sfp string | changed | The settings for an SFP (pluggable) interface. Sample: auto | |||
mtu integer | changed | Displays the Maximum Transmission Unit (MTU) of the interface, which is the maximum number of bytes in a frame without IP fragmentation. Sample: 1500 | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: irule1 | |||
prefer_port string | changed | Indicates which side of a combo port the interface uses, if both sides of the port have the potential for external links. Sample: sfp | |||
sflow_poll_interval integer | changed | Specifies the maximum interval in seconds between two pollings. | |||
sflow_poll_interval_global boolean | changed | Specifies whether the global interface poll-interval setting overrides the object-level poll-interval setting. Sample: True | |||
stp_auto_edge_port boolean | changed | STP edge port detection. Sample: True | |||
stp_enabled boolean | changed | Whether STP is enabled or not. | |||
stp_link_type string | changed | Specifies the STP link type for the interface. Sample: auto | |||
irules complex | When irules is specified in gather_subset . | iRule related facts. Sample: hash/dictionary of values | |||
checksum string | changed | Checksum of the iRule as calculated by BIG-IP. Sample: d41d8cd98f00b204e9800998ecf8427e | |||
definition string | changed | The actual definition of the iRule. Sample: when HTTP_REQUEST ... | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/irul1 | |||
ignore_verification boolean | changed | Whether the verification of the iRule should be ignored or not. | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: irule1 | |||
signature string | changed | The calculated signature of the iRule. Sample: WsYy2M6xMqvosIKIEH/FSsvhtWMe6xKOA6i7f... | |||
ltm_pools complex | When ltm-pools is specified in gather_subset . | List of LTM (Local Traffic Manager) pools. Sample: hash/dictionary of values | |||
active_member_count integer | changed | The number of active pool members in the pool. Sample: 3 | |||
all_avg_queue_entry_age integer | changed | Average queue entry age, for both the pool and its members. Sample: 5 | |||
all_max_queue_entry_age_ever integer | changed | Maximum queue entry age ever, for both the pool and its members. Sample: 2 | |||
all_max_queue_entry_age_recently integer | changed | Maximum queue entry age recently, for both the pool and its members. Sample: 5 | |||
all_num_connections_queued_now integer | changed | Number of connections queued now, for both the pool and its members. Sample: 20 | |||
all_num_connections_serviced integer | changed | Number of connections serviced, for both the pool and its members. Sample: 15 | |||
all_queue_head_entry_age integer | changed | Queue head entry age, for both the pool and its members. Sample: 4 | |||
allow_nat boolean | changed | Whether NATs are automatically enabled or disabled for any connections using this pool. Sample: True | |||
allow_snat boolean | changed | Whether SNATs are automatically enabled or disabled for any connections using this pool. Sample: True | |||
availability_status string | changed | The availability of the pool. Sample: offline | |||
available_member_count integer | changed | The number of available pool members in the pool. Sample: 4 | |||
client_ip_tos string | changed | Whether the system sets a Type of Service (ToS) level within a packet sent to the client, based on the targeted pool. Values can range from 0 to 255 , or be set to pass-through or mimic .Sample: pass-through | |||
client_link_qos string | changed | Whether the system sets a Quality of Service (QoS) level within a packet sent to the client, based on the targeted pool. Values can range from 0 to 7 , or be set to pass-through .Sample: pass-through | |||
current_sessions integer | changed | Current sessions. Sample: 2 | |||
description string | changed | Description of the pool. Sample: my pool | |||
enabled_status string | changed | The enabled-ness of the pool. Sample: enabled | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/pool1 | |||
ignore_persisted_weight boolean | changed | Do not count the weight of persisted connections on pool members when making load balancing decisions. | |||
lb_method string | changed | Load balancing method used by the pool. Sample: round-robin | |||
member_count integer | changed | Total number of members in the pool. Sample: 50 | |||
members complex | when members exist in the pool. | List of LTM (Local Traffic Manager) pools. | |||
address string | changed | IP address of the pool member. Sample: 1.1.1.1 | |||
connection_limit integer | changed | The maximum number of concurrent connections allowed for a pool member. | |||
description string | changed | The description of the pool member. Sample: pool member 1 | |||
dynamic_ratio integer | changed | A range of numbers that you want the system to use in conjunction with the ratio load balancing method. Sample: 1 | |||
encapsulation_profile string | changed | The encapsulation profile to use for the pool member. Sample: ip4ip4 | |||
ephemeral boolean | changed | Whether the node backing the pool member is ephemeral or not. Sample: True | |||
fqdn_autopopulate boolean | changed | Whether the node should scale to the IP address set returned by DNS. Sample: True | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Includes the port in the name Sample: /Common/member:80 | |||
inherit_profile boolean | changed | Whether the pool member inherits the encapsulation profile from the parent pool. | |||
logging boolean | changed | Whether the monitor applied should log its actions. | |||
monitors list | changed | Monitors active on the pool member. Monitor names are in their "full_path" form. Sample: ['/Common/http'] | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: member:80 | |||
partition string | changed | Partition that the member exists on. Sample: Common | |||
priority_group integer | changed | The priority group within the pool for this pool member. | |||
rate_limit boolean | changed | The maximum number of connections per second allowed for a pool member. | |||
ratio integer | changed | The weight of the pool for load balancing purposes. Sample: 1 | |||
session string | changed | Enables or disables the pool member for new sessions. Sample: monitor-enabled | |||
state string | changed | Controls the state of the pool member, overriding any monitors. Sample: down | |||
metadata complex | changed | Dictionary of arbitrary key/value pairs set on the pool. Sample: hash/dictionary of values | |||
minimum_active_members integer | changed | Whether the system load balances traffic according to the priority number assigned to the pool member. This parameter is identical to priority_group_activation and is just an alias for it.Sample: 2 | |||
minimum_up_members integer | changed | The minimum number of pool members that must be up. Sample: 1 | |||
minimum_up_members_action string | changed | The action to take if the minimum_up_members_checking is enabled and the number of active pool members falls below the number specified in minimum_up_members .Sample: failover | |||
minimum_up_members_checking boolean | changed | Enables or disables the minimum_up_members feature. | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: pool1 | |||
pool_avg_queue_entry_age integer | changed | Average queue entry age, for the pool only. Sample: 5 | |||
pool_max_queue_entry_age_ever integer | changed | Maximum queue entry age ever, for the pool only. Sample: 2 | |||
pool_max_queue_entry_age_recently integer | changed | Maximum queue entry age recently, for the pool only. Sample: 5 | |||
pool_num_connections_queued_now integer | changed | Number of connections queued now, for the pool only. Sample: 20 | |||
pool_num_connections_serviced integer | changed | Number of connections serviced, for the pool only. Sample: 15 | |||
pool_queue_head_entry_age integer | changed | Queue head entry age, for the pool only. Sample: 4 | |||
priority_group_activation integer | changed | Whether the system load balances traffic according to the priority number assigned to the pool member. This parameter is identical to minimum_active_members and is just an alias for it.Sample: 2 | |||
queue_depth_limit integer | changed | The maximum number of connections that may simultaneously be queued to go to any member of this pool. Sample: 3 | |||
queue_on_connection_limit boolean | changed | Enable or disable queuing connections when pool member or node connection limits are reached. Sample: True | |||
queue_time_limit integer | changed | Specifies the maximum time, in milliseconds, a connection will remain enqueued. | |||
real_session string | changed | The actual REST API value for the session attribute.This is different from the state return value, insofar as the return value can be considered a generalization of all available sessions, instead of the specific value of the session.Sample: monitor-enabled | |||
real_state string | changed | The actual REST API value for the state attribute.This is different from the state return value, insofar as the return value can be considered a generalization of all available states, instead of the specific value of the state.Sample: up | |||
reselect_tries integer | changed | The number of times the system tries to contact a pool member after a passive failure. | |||
server_ip_tos string | changed | The Type of Service (ToS) level to use when sending packets to a server. Sample: pass-through | |||
server_link_qos string | changed | The Quality of Service (QoS) level to use when sending packets to a server. Sample: pass-through | |||
server_side_bits_in integer | changed | Number of server-side ingress bits. Sample: 1000 | |||
server_side_bits_out integer | changed | Number of server-side egress bits. Sample: 200 | |||
server_side_current_connections integer | changed | Number of current connections server-side. Sample: 300 | |||
server_side_max_connections integer | changed | Maximum number of connections server-side. Sample: 40 | |||
server_side_pkts_in integer | changed | Number of server-side ingress packets. Sample: 1098384 | |||
server_side_pkts_out integer | changed | Number of server-side egress packets. Sample: 3484734 | |||
server_side_total_connections integer | changed | Total number of connections. Sample: 24 | |||
service_down_action string | changed | The action to take if the service specified in the pool is marked down. Sample: none | |||
slow_ramp_time integer | changed | The ramp time for the pool. This provides the ability to cause a pool member that has just been enabled, or marked up, to receive proportionally less traffic than other members in the pool. Sample: 10 | |||
status_reason string | changed | If there is a problem with the status of the pool, that problem is reported here. Sample: The children pool member(s) are down. | |||
total_requests integer | changed | Total requests. Sample: 8 | |||
nodes complex | When nodes is specified in gather_subset . | Node related facts. Sample: hash/dictionary of values | |||
address string | changed | IP address of the node. Sample: 2.3.4.5 | |||
availability_status string | changed | The availability of the node. Sample: offline | |||
connection_limit integer | changed | Maximum number of connections that node can handle. Sample: 100 | |||
description string | changed | Description of the node. Sample: My node | |||
dynamic_ratio integer | changed | Dynamic ratio number for the node used when doing Dynamic Ratio load balancing.Sample: 200 | |||
enabled_status string | changed | The enabled-ness of the node. Sample: enabled | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/5.6.7.8 | |||
monitor_rule string | changed | A string representation of the full monitor rule. Sample: /Common/https_443 and /Common/icmp | |||
monitor_status string | changed | Status of the node as reported by the monitor(s) associated with it. This value is also used in determining node state .Sample: down | |||
monitor_type string | changed | The monitor_type field related to the bigip_node module, for this nodes monitors.Sample: and_list | |||
monitors list | changed | A list of the monitors identified in the monitor_rule .Sample: ['/Common/https_443', '/Common/icmp'] | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: 5.6.7.8 | |||
rate_limit integer | changed | Maximum number of connections per second allowed for node. Sample: 1000 | |||
ratio integer | changed | Fixed size ratio used for node during Ratio load balancing.Sample: 10 | |||
session_status string | changed | This value is also used in determining node state .Sample: enabled | |||
status_reason string | changed | If there is a problem with the status of the node, that problem is reported here. Sample: /Common/https_443 No successful responses received... | |||
oneconnect_profiles complex | When oneconnect-profiles is specified in gather_subset . | OneConnect profile related facts. Sample: hash/dictionary of values | |||
description string | changed | Description of the resource. Sample: My profile | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/oneconnect | |||
idle_timeout_override integer | changed | Specifies the number of seconds that a connection is idle before the connection flow is eligible for deletion. Sample: 1000 | |||
limit_type string | changed | When none , simultaneous in-flight requests and responses over TCP connections to a pool member are counted toward the limit.When idle , idle connections will be dropped as the TCP connection limit is reached.When strict , the TCP connection limit is honored with no exceptions. This means that idle connections will prevent new TCP connections from being made until they expire, even if they could otherwise be reused.Sample: idle | |||
max_age integer | changed | Specifies the maximum age, in number of seconds, of a connection in the connection reuse pool. Sample: 100 | |||
max_reuse integer | changed | Specifies the maximum number of times that a server connection can be reused. Sample: 1000 | |||
max_size integer | changed | Specifies the maximum number of connections that the system holds in the connection reuse pool. If the pool is already full, then the server connection closes after the response is completed. Sample: 1000 | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: oneconnect | |||
parent string | changed | Profile from which this profile inherits settings. Sample: oneconnect | |||
share_pools boolean | changed | Indicates that connections may be shared not only within a virtual server, but also among similar virtual servers. Sample: True | |||
source_mask string | changed | Specifies a source IP mask. If no mask is provided, the value any6 is used.Sample: 255.255.255.0 | |||
partitions complex | When partitions is specified in gather_subset . | Partition related information. Sample: hash/dictionary of values | |||
default_route_domain integer | changed | ID of the route domain that is associated with the IP addresses that reside in the partition. | |||
description string | changed | Description of the partition. Sample: Tenant 1 | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: Common | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: Common | |||
provision_info complex | When provision-info is specified in gather_subset . | Module provisioning related information. Sample: hash/dictionary of values | |||
cpu_ratio integer | changed | Ratio of CPU allocated to this module. Only relevant if level was specified as custom . Otherwise, this value will be reported as 0 . | |||
disk_ratio integer | changed | Ratio of disk allocated to this module. Only relevant if level was specified as custom . Otherwise, this value will be reported as 0 . | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: asm | |||
level integer | changed | Provisioned level of the module on BIG-IP. Valid return values can include none , minimum , nominal , dedicated and custom . | |||
memory_ratio integer | changed | Ratio of memory allocated to this module. Only relevant if level was specified as custom . Otherwise, this value will be reported as 0 . | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: asm | |||
self_ips complex | When self-ips is specified in gather_subset . | Self-IP related facts. Sample: hash/dictionary of values | |||
allow_access_list list | changed | List of protocols and optionally their ports that are allowed to access the Self-IP. Also known as port-lockdown in the web interface. Items in the list are in the format of "protocol:port". Some items may not have a port associated with them and in those cases the port is 0 .Sample: ['tcp:80', 'egp:0'] | |||
description string | changed | Description of the Self-IP. Sample: My self-ip | |||
floating boolean | changed | Whether the Self-IP is a floating address or not. Sample: True | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/self1 | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: self1 | |||
netmask string | changed | Netmask portion of the IP address. In dotted notation. Sample: 255.255.255.0 | |||
netmask_cidr integer | changed | Netmask portion of the IP address. In CIDR notation. Sample: 24 | |||
service_policy string | changed | Service policy assigned to the Self-IP. Sample: /Common/service1 | |||
traffic_group string | changed | Traffic group the Self-IP is associated with. Sample: /Common/traffic-group-local-only | |||
traffic_group_inherited boolean | changed | Whether or not the traffic group is inherited. | |||
vlan string | changed | VLAN associated with the Self-IP. Sample: /Common/vlan1 | |||
server_ssl_profiles complex | When server-ssl-profiles is specified in gather_subset . | Server SSL related facts. Sample: hash/dictionary of values | |||
alert_timeout string | changed | Maximum time period in seconds to keep the SSL session active after alert message is sent, or indefinite. Sample: 100 | |||
allow_expired_crl boolean | changed | Use the specified CRL file even if it has expired. Sample: True | |||
authenticate_depth integer | changed | The client certificate chain maximum traversal depth Sample: 9 | |||
authenticate_name string | changed | Common Name (CN) that is embedded in a server certificate. The system authenticates a server based on the specified CN. Sample: foo | |||
authentication_frequency string | changed | Specifies the frequency of authentication. Sample: once | |||
bypass_on_client_cert_fail boolean | Enables or disables SSL forward proxy bypass on failing to get client certificate that server asks for. Sample: True | ||||
bypass_on_handshake_alert boolean | Enables or disables SSL forward proxy bypass on receiving handshake_failure, protocol_version or unsupported_extension alert message during the serverside SSL handshake. | ||||
c3d_ca_cert string | Name of the certificate file that is used as the certification authority certificate when SSL client certificate constrained delegation is enabled. Sample: /Common/cacert.crt | ||||
c3d_ca_key string | Name of the key file that is used as the certification authority key when SSL client certificate constrained delegation is enabled. Sample: /Common/default.key | ||||
c3d_cert_extension_includes list | Extensions of the client certificates to be included in the generated certificates using SSL client certificate constrained delegation. Sample: ['basic-constraints', 'extended-key-usage', '...'] | ||||
c3d_cert_lifespan integer | Lifespan of the certificate generated using the SSL client certificate constrained delegation. Sample: 24 | ||||
ca_file string | Certificate authority file name. Sample: default.crt | ||||
cache_size integer | The SSL session cache size. Sample: 262144 | ||||
cache_timeout integer | The SSL session cache timeout value, which is the usable lifetime seconds of negotiated SSL session IDs. Sample: 86400 | ||||
cert string | The name of the certificate installed on the traffic management system for the purpose of terminating or initiating an SSL connection. Sample: /Common/default.crt | ||||
chain string | Specifies or builds a certificate chain file that a client can use to authenticate the profile. Sample: /Common/default.crt | ||||
cipher_group string | Specifies a cipher group. | ||||
ciphers string | Specifies a cipher name Sample: DEFAULT | ||||
crl_file string | Specifies the certificate revocation list file name. | ||||
description string | changed | Description of the resource. Sample: My profile | |||
expire_cert_response_control string | Specifies the BIGIP action when the server certificate has expired. Sample: drop | ||||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: serverssl | |||
generic_alert boolean | Enables or disables generic-alert. Sample: True | ||||
handshake_timeout string | Specifies the handshake timeout in seconds. Sample: 10 | ||||
key string | Specifies the key file name. Specifies the name of the key installed on the traffic management system for the purpose of terminating or initiating an SSL connection. Sample: /Common/default.key | ||||
max_active_handshakes string | Specifies the maximum number allowed SSL active handshakes. Sample: 100 | ||||
mod_ssl_methods boolean | Enables or disables ModSSL methods. Sample: True | ||||
mode boolean | Enables or disables SSL processing. | ||||
name string | changed | Relative name of the resource in BIG-IP. Sample: serverssl | |||
ocsp string | Specifies the name of ocsp profile for purpose of validating status of server certificate. | ||||
options list | Enables options, including some industry-related workarounds. Sample: ['netscape-reuse-cipher-change-bug', 'dont-insert-empty-fragments'] | ||||
parent string | changed | Profile from which this profile inherits settings. Sample: serverssl | |||
peer_cert_mode string | Specifies the peer certificate mode. Sample: ignore | ||||
proxy_ssl boolean | Allows further modification of application traffic within an SSL tunnel while still allowing the server to perform necessary authorization, authentication, auditing steps. Sample: True | ||||
proxy_ssl_passthrough boolean | Allows Proxy SSL to passthrough the traffic when ciphersuite negotiated between the client and server is not supported. Sample: True | ||||
renegotiate_period string | Number of seconds from the initial connect time after which the system renegotiates an SSL session. Sample: indefinite | ||||
renegotiate_size string | Specifies a throughput size, in megabytes, of SSL renegotiation. Sample: indefinite | ||||
renegotiation boolean | Whether renegotiations are enabled. Sample: True | ||||
retain_certificate boolean | APM module requires storing certificate in SSL session. When no , certificate will not be stored in SSL session. | ||||
secure_renegotiation string | Specifies the secure renegotiation mode. Sample: require | ||||
server_name string | Server name to be included in SNI (server name indication) extension during SSL handshake in ClientHello. | ||||
session_mirroring boolean | Enables or disables the mirroring of sessions to high availability peer. Sample: True | ||||
session_ticket boolean | Enables or disables session-ticket. | ||||
sni_default boolean | When yes , this profile is the default SSL profile when the server name in a client connection does not match any configured server names, or a client connection does not specify any server name at all.Sample: True | ||||
sni_require boolean | When yes , connections to a server that does not support SNI extension will be rejected. | ||||
ssl_c3d boolean | Enables or disables SSL Client certificate constrained delegation. Sample: True | ||||
ssl_forward_proxy_bypass boolean | Enables or disables ssl-forward-proxy-bypass feature. Sample: True | ||||
ssl_forward_proxy_enabled boolean | Enables or disables ssl-forward-proxy feature. | ||||
ssl_sign_hash string | Specifies SSL sign hash algorithm which is used to sign and verify SSL Server Key Exchange and Certificate Verify messages for the specified SSL profiles. Sample: sha1 | ||||
strict_resume boolean | Enables or disables the resumption of SSL sessions after an unclean shutdown. | ||||
unclean_shutdown boolean | Specifies, when yes , that the SSL profile performs unclean shutdowns of all SSL connections, which means that underlying TCP connections are closed without exchanging the required SSL shutdown alerts.Sample: True | ||||
untrusted_cert_response_control string | Specifies the BIGIP action when the server certificate has untrusted CA. Sample: drop | ||||
software_hotfixes complex | When software-hotfixes is specified in gather_subset . | List of software hotfixes. Sample: hash/dictionary of values | |||
build string | changed | Build number of the image. This is usually a sub-string of the name .Sample: 3.0.1679 | |||
checksum string | changed | MD5 checksum of the image. Note that this is the checksum that is stored inside the ISO. It is not the actual checksum of the ISO. Sample: df1ec715d2089d0fa54c0c4284656a98 | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: Hotfix-BIGIP-13.0.0.3.0.1679-HF3.iso | |||
id string | changed | ID component of the image. This is usually a sub-string of the name .Sample: HF3 | |||
name string | changed | Name of the image. Sample: Hotfix-BIGIP-13.0.0.3.0.1679-HF3.iso | |||
product string | changed | Product contained in the ISO. Sample: BIG-IP | |||
title string | changed | Human friendly name of the image. Sample: Hotfix Version 3.0.1679 | |||
verified boolean | changed | Whether or not the system has verified this image. Sample: True | |||
version string | changed | Version of software contained in the image. This is a sub-string of the name .Sample: 13.0.0 | |||
software_images complex | When software-images is specified in gather_subset . | List of software images. Sample: hash/dictionary of values | |||
build string | changed | Build number of the image. This is usually a sub-string of the name .Sample: 0.0.1 | |||
build_date string | changed | Date of the build. Sample: 2018-05-05T15:26:30 | |||
checksum string | changed | MD5 checksum of the image. Note that this is the checksum that is stored inside the ISO. It is not the actual checksum of the ISO. Sample: df1ec715d2089d0fa54c0c4284656a98 | |||
file_size integer | changed | Size, in megabytes, of the image. Sample: 1938 | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: BIGIP-13.1.0.7-0.0.1.iso | |||
last_modified string | changed | Last modified date of the ISO. Sample: 2018-05-05T15:26:30 | |||
name string | changed | Name of the image. Sample: BIGIP-13.1.0.7-0.0.1.iso | |||
product string | changed | Product contained in the ISO. Sample: BIG-IP | |||
verified boolean | changed | Whether or not the system has verified this image. Sample: True | |||
version string | changed | Version of software contained in the image. This is a sub-string of the name .Sample: 13.1.0.7 | |||
software_volumes complex | When software-volumes is specified in gather_subset . | List of software volumes. Sample: hash/dictionary of values | |||
active boolean | changed | Whether the volume is currently active or not. An active volume contains the currently running version of software. Sample: True | |||
base_build string | changed | Base build version of the software installed in the volume. When a hotfix is installed, this refers to the base version of software that the hotfix requires. Sample: 0.0.6 | |||
build string | changed | Build version of the software installed in the volume. Sample: 0.0.6 | |||
default_boot_location boolean | changed | Whether this volume is the default boot location or not. Sample: True | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: HD1.1 | |||
name string | changed | Relative name of the resource in BIG-IP. This usually matches the full_name .Sample: HD1.1 | |||
product string | changed | The F5 product installed in this slot. This should always be BIG-IP. Sample: BIG-IP | |||
status string | changed | Status of the software installed, or being installed, in the volume. When complete , indicates that the software has completed installing.Sample: complete | |||
version string | changed | Version of software installed in the volume, excluding the build number.Sample: 13.1.0.4 | |||
ssl_certs complex | When ssl-certs is specified in gather_subset . | SSL certificate related facts. Sample: hash/dictionary of values | |||
create_time string | changed | Specifies the time at which the file-object was created. Sample: 2018-05-15T21:11:15Z | |||
expiration_date string | changed | Specifies a string representation of the expiration date of the certificate. Sample: Aug 13 21:21:29 2031 GMT | |||
expiration_timestamp integer | changed | Specifies the date at which this certificate expires. Stored as a POSIX time. Sample: 1944422489 | |||
fingerprint string | changed | Displays the SHA-256 fingerprint of the certificate. Sample: SHA256/88:A3:05:...:59:01:EA:5D:B0 | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/cert1 | |||
is_bundle boolean | changed | Specifies whether the certificate file is a bundle (that is, whether it contains more than one certificate). | |||
issuer string | changed | Specifies X509 information of the certificate's issuer. Sample: [email protected],...CN=support.f5.com, | |||
key_size integer | changed | Specifies the size (in bytes) of the file associated with this file object. Sample: 2048 | |||
key_type string | changed | Specifies the type of cryptographic key associated with this certificate. Sample: rsa-private | |||
last_update_time string | changed | Specifies the last time at which the file-object was updated/modified. Sample: 2018-05-15T21:11:15Z | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: cert1 | |||
sha1_checksum string | changed | SHA1 checksum of the certificate. Sample: 1306e84e1e6a2da53816cefe1f684b80d6be1e3e | |||
subject string | changed | Specifies X509 information of the certificate's subject. Sample: [email protected],CN=... | |||
system_path string | changed | Path on the BIG-IP where the cert can be found. Sample: /config/ssl/ssl.crt/f5-irule.crt | |||
ssl_keys complex | When ssl-certs is specified in gather_subset . | SSL certificate related facts. Sample: hash/dictionary of values | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/key1 | |||
key_size integer | changed | Specifies the size of the cryptographic key associated with this file object, in bits. Sample: 2048 | |||
key_type string | changed | Specifies the cryptographic type of the key in question. That is, which algorithm this key is compatible with. Sample: rsa-private | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: key1 | |||
security_type string | changed | Specifies the type of security used to handle or store the key. Sample: normal | |||
sha1_checksum string | changed | The SHA1 checksum of the key. Sample: 1fcf7de3dd8e834d613099d8e10b2060cd9ecc9f | |||
system_path string | changed | The path on the filesystem where the key is stored. Sample: /config/ssl/ssl.key/default.key | |||
system_db complex | When system-db is specified in gather_subset . | System DB related facts. Sample: hash/dictionary of values | |||
default string | changed | Default value of the key. Sample: www.f5.com | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: vendor.wwwurl | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: vendor.wwwurl | |||
scf_config string | changed | Whether the database key would be found in an SCF config or not. | |||
value string | changed | The value of the key Sample: www.f5.com | |||
value_range string | changed | The accepted range of values for the key Sample: string | |||
system_info complex | When traffic-groups is specified in gather_subset . | Traffic group related facts. Sample: hash/dictionary of values | |||
base_mac_address string | changed | Media Access Control address (MAC address) of the device. Sample: fa:16:3e:c3:42:6f | |||
chassis_serial string | Serial of the chassis Sample: 11111111-2222-3333-444444444444 | ||||
hardware_information complex | changed | Information related to the hardware (drives and CPUs) of the system. | |||
model string | The model of the hardware. Sample: Virtual Disk | ||||
name string | The name of the hardware. Sample: HD1 | ||||
type string | The type of hardware. Sample: physical-disk | ||||
versions complex | Hardware specific properties | ||||
name string | Name of the property Sample: Size | ||||
version string | Value of the property Sample: 154.00G | ||||
host_board_part_revision string | Revision of the host board. | ||||
host_board_serial string | Serial of the host board. | ||||
marketing_name string | changed | Marketing name of the device platform. Sample: BIG-IP Virtual Edition | |||
package_edition string | changed | Displays the software edition. Sample: Point Release 7 | |||
package_version string | A string combining the product_build and product_build_date .Sample: Build 0.0.1 - Tue May 15 15:26:30 PDT 2018 | ||||
platform string | Platform identifier. Sample: Z100 | ||||
product_build string | Build version of the release version. Sample: 0.0.1 | ||||
product_build_date string | Human readable build date. Sample: Tue May 15 15:26:30 PDT 2018 | ||||
product_built integer | Unix timestamp of when the product was built. Sample: 180515152630 | ||||
product_changelist integer | Changelist that product branches from. Sample: 2557198 | ||||
product_code string | Code identifying the product. Sample: BIG-IP | ||||
product_jobid integer | ID of the job that built the product version. Sample: 1012030 | ||||
product_version string | Major product version of the running software. Sample: 13.1.0.7 | ||||
switch_board_part_revision string | Switch board revision. | ||||
switch_board_serial string | Serial of the switch board. | ||||
time complex | changed | Mapping of the current time information to specific time-named keys. | |||
day integer | changed | The current day of the month, in numeric form. Sample: 7 | |||
hour integer | changed | The current hour of the day in 24-hour form. Sample: 18 | |||
minute integer | changed | The current minute of the hour. Sample: 16 | |||
month integer | changed | The current month, in numeric form. Sample: 6 | |||
second integer | changed | The current second of the minute. Sample: 51 | |||
year integer | changed | The current year in 4-digit form. Sample: 2018 | |||
uptime integer | Time, in seconds, since the system booted. Sample: 603202 | ||||
tcp_half_open_monitors complex | When tcp-half-open-monitors is specified in gather_subset . | TCP Half-open monitor related facts. Sample: hash/dictionary of values | |||
description string | changed | Description of the resource. Sample: My monitor | |||
destination string | Specifies the IP address and service port of the resource that is the destination of this monitor. Sample: *:* | ||||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/tcp | |||
interval integer | Specifies, in seconds, the frequency at which the system issues the monitor check when either the resource is down or the status of the resource is unknown. Sample: 5 | ||||
manual_resume boolean | Specifies whether the system automatically changes the status of a resource to up at the next successful monitor check. Sample: True | ||||
name string | changed | Relative name of the resource in BIG-IP. Sample: tcp | |||
parent string | changed | Profile from which this profile inherits settings. Sample: tcp | |||
time_until_up integer | Specifies the amount of time, in seconds, after the first successful response before a node is marked up. | ||||
timeout integer | Specifies the number of seconds the target has in which to respond to the monitor request. Sample: 16 | ||||
transparent boolean | Specifies whether the monitor operates in transparent mode. | ||||
up_interval integer | Specifies, in seconds, the frequency at which the system issues the monitor check when the resource is up. | ||||
tcp_monitors complex | When tcp-monitors is specified in gather_subset . | TCP monitor related facts. Sample: hash/dictionary of values | |||
adaptive boolean | Whether adaptive response time monitoring is enabled for this monitor. | ||||
adaptive_divergence_type string | Specifies whether the adaptive-divergence-value is relative or absolute .Sample: relative | ||||
adaptive_divergence_value integer | Specifies how far from mean latency each monitor probe is allowed to be. Sample: 25 | ||||
adaptive_limit integer | Specifies the hard limit, in milliseconds, which the probe is not allowed to exceed, regardless of the divergence value. Sample: 200 | ||||
adaptive_sampling_timespan integer | Specifies the size of the sliding window, in seconds, which records probe history. Sample: 300 | ||||
description string | changed | Description of the resource. Sample: My monitor | |||
destination string | Specifies the IP address and service port of the resource that is the destination of this monitor. Sample: *:* | ||||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/tcp | |||
interval integer | Specifies, in seconds, the frequency at which the system issues the monitor check when either the resource is down or the status of the resource is unknown. Sample: 5 | ||||
ip_dscp integer | Specifies the differentiated services code point (DSCP). | ||||
manual_resume boolean | Specifies whether the system automatically changes the status of a resource to up at the next successful monitor check. Sample: True | ||||
name string | changed | Relative name of the resource in BIG-IP. Sample: tcp | |||
parent string | changed | Profile from which this profile inherits settings. Sample: tcp | |||
reverse boolean | Specifies whether the monitor operates in reverse mode. When the monitor is in reverse mode, a successful check marks the monitored object down instead of up. | ||||
time_until_up integer | Specifies the amount of time, in seconds, after the first successful response before a node is marked up. | ||||
timeout integer | Specifies the number of seconds the target has in which to respond to the monitor request. Sample: 16 | ||||
transparent boolean | Specifies whether the monitor operates in transparent mode. | ||||
up_interval integer | Specifies, in seconds, the frequency at which the system issues the monitor check when the resource is up. | ||||
tcp_profiles complex | When tcp-profiles is specified in gather_subset . | TCP profile related facts. Sample: hash/dictionary of values | |||
abc boolean | Appropriate Byte Counting (RFC 3465) When yes , increases the congestion window by basing the increase amount on the number of previously unacknowledged bytes that each ACK covers.Sample: True | ||||
ack_on_push boolean | Specifies, when yes , significantly improved performance to Microsoft Windows and MacOS peers who are writing out on a very small send buffer. | ||||
auto_proxy_buffer boolean | Specifies, yes , that the system uses the network measurements to set the optimal proxy buffer size.Sample: True | ||||
auto_receive_window boolean | Specifies, when yes , that the system uses the network measurements to set the optimal receive window size. | ||||
auto_send_buffer boolean | Specifies, when yes , that the system uses the network measurements to set the optimal send buffer size.Sample: True | ||||
close_wait string | Specifies the length of time that a TCP connection remains in the LAST-ACK state before quitting. In addition to a numeric value, the value of this fact may also be one of immediate or indefinite .When immediate , specifies that the TCP connection closes immediately after entering the LAST-ACK state.When indefinite , specifies that TCP connections in the LAST-ACK state do not close until they meet the maximum retransmissions timeout.Sample: indefinite | ||||
congestion_control string | Specifies the algorithm to use to share network resources among competing users to reduce congestion. Return values may include, high-speed , cdg , chd , none , cubic , illinois , new-reno , reno , scalable , vegas , westwood , and woodside .Sample: high-speed | ||||
congestion_metrics_cache boolean | Specifies, when yes , that the system uses a cache for storing congestion metrics.Subsequently, because these metrics are already known and cached, the initial slow-start ramp for previously-encountered peers improves. Sample: True | ||||
congestion_metrics_cache_timeout integer | Specifies the number of seconds for which entries in the congestion metrics cache are valid. | ||||
deferred_accept boolean | Specifies, when yes , that the system defers allocation of the connection chain context until the system has received the payload from the client.Enabling this setting is useful in dealing with 3-way handshake denial-of-service attacks. Sample: True | ||||
delay_window_control boolean | Specifies that the system uses an estimate of queuing delay as a measure of congestion to control, in addition to the normal loss-based control, the amount of data sent. Sample: True | ||||
delayed_acks boolean | Specifies, when checked (enabled), that the system can send fewer than one ACK (acknowledgment) segment per data segment received. Sample: True | ||||
description string | changed | Description of the resource. Sample: My profile | |||
dont_fragment_flag string | Specifies the Don't Fragment (DF) bit setting in the IP Header of the outgoing TCP packet. Sample: pmtu | ||||
dsack boolean | D-SACK (RFC 2883) Specifies, when yes , the use of the selective ACK (SACK) option to acknowledge duplicate segments.Sample: True | ||||
early_retransmit boolean | Specifies, when yes , that the system uses early retransmit (as specified in RFC 5827) to reduce the recovery time for connections that are receive- buffer or user-data limited.Sample: True | ||||
enhanced_loss_recovery boolean | Specifies whether the system uses enhanced loss recovery to recover from random packet losses more effectively. Sample: True | ||||
explicit_congestion_notification boolean | Specifies, when yes , that the system uses the TCP flags CWR (congestion window reduction) and ECE (ECN-Echo) to notify its peer of congestion and congestion counter-measures.Sample: True | ||||
fast_open boolean | Specifies, when yes , that the system supports TCP Fast Open, which reduces latency by allowing a client to include the first packet of data with the SYNSample: True | ||||
fast_open_cookie_expiration integer | Specifies the number of seconds that a Fast Open Cookie delivered to a client is valid for SYN packets from that client. Sample: 1000 | ||||
fin_wait_1 string | Specifies the length of time that a TCP connection is in the FIN-WAIT-1 or CLOSING state before quitting. Sample: indefinite | ||||
fin_wait_2 string | Specifies the length of time that a TCP connection is in the FIN-WAIT-2 state before quitting. Sample: 100 | ||||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: tcp | |||
idle_timeout string | Specifies the length of time that a connection is idle (has no traffic) before the connection is eligible for deletion. Sample: 300 | ||||
initial_congestion_window_size integer | Specifies the initial congestion window size for connections to this destination. Sample: 3 | ||||
initial_receive_window_size integer | Specifies the initial receive window size for connections to this destination. Sample: 5 | ||||
ip_tos string | Specifies the L3 Type of Service (ToS) level that the system inserts in TCP packets destined for clients. Sample: mimic | ||||
keep_alive_interval string | Specifies how frequently the system sends data over an idle TCP connection, to determine whether the connection is still valid. Sample: 50 | ||||
limited_transmit_recovery boolean | Specifies, when yes , that the system uses limited transmit recovery revisions for fast retransmits (as specified in RFC 3042) to reduce the recovery time for connections on a lossy network.Sample: True | ||||
link_qos string | Specifies the L2 Quality of Service (QoS) level that the system inserts in TCP packets destined for clients. Sample: 200 | ||||
max_segment_retrans integer | Specifies the maximum number of times that the system resends data segments. Sample: 8 | ||||
max_segment_size integer | Specifies the largest amount of data that the system can receive in a single TCP segment, not including the TCP and IP headers. Sample: 1460 | ||||
max_syn_retrans integer | Specifies the maximum number of times that the system resends a SYN packet when it does not receive a corresponding SYN-ACK. Sample: 3 | ||||
md5_signature boolean | Specifies, when yes , to use RFC2385 TCP-MD5 signatures to protect TCP traffic against intermediate tampering.Sample: True | ||||
minimum_rto integer | Specifies the minimum length of time the system waits for acknowledgements of data sent before resending the data. Sample: 1000 | ||||
mptcp_checksum boolean | Specifies, when yes , that the system calculates the checksum for MPTCP connections. | ||||
mptcp_checksum_verify boolean | Specifies, when yes , that the system verifies the checksum for MPTCP connections. | ||||
mptcp_fallback string | Specifies an action on fallback, that is, when MPTCP transitions to regular TCP, because something prevents MPTCP from working correctly. Sample: reset | ||||
mptcp_fast_join boolean | Specifies, when yes , a FAST join, allowing data to be sent on the MP_JOIN_SYN, which can allow a server response to occur in parallel with the JOIN. | ||||
mptcp_idle_timeout integer | Specifies the number of seconds that an MPTCP connection is idle before the connection is eligible for deletion. Sample: 300 | ||||
mptcp_join_max integer | Specifies the highest number of MPTCP connections that can join to a given connection. Sample: 5 | ||||
mptcp_make_after_break boolean | Specifies that make-after-break functionality is supported, allowing for long-lived MPTCP sessions. | ||||
mptcp_no_join_dss_ack boolean | Specifies, when checked (enabled), that no DSS option is sent on the JOIN ACK. | ||||
mptcp_retransmit_min integer | Specifies the minimum value (in msec) of the retransmission timer for these MPTCP flows. Sample: 1000 | ||||
mptcp_rto_max integer | Specifies the number of RTOs (retransmission timeouts) before declaring the subflow dead. Sample: 5 | ||||
mptcp_subflow_max integer | Specifies the maximum number of MPTCP subflows for a single flow. Sample: 6 | ||||
mptcp_timeout integer | Specifies, in seconds, the timeout value to discard long-lived sessions that do not have an active flow. Sample: 3600 | ||||
multipath_tcp boolean | Specifies, when yes , that the system accepts Multipath TCP (MPTCP) connections, which allow multiple client-side flows to connect to a single server-side flow.Sample: True | ||||
nagle_algorithm boolean | Specifies whether the system applies Nagle's algorithm to reduce the number of short segments on the network. | ||||
name string | changed | Relative name of the resource in BIG-IP. Sample: /Common/tcp | |||
parent string | changed | Profile from which this profile inherits settings. Sample: tcp | |||
pkt_loss_ignore_burst integer | Specifies the probability of performing congestion control when multiple packets are lost, even if the Packet Loss Ignore Rate was not exceeded. | ||||
pkt_loss_ignore_rate integer | Specifies the threshold of packets lost per million at which the system performs congestion control. | ||||
proxy_buffer_high integer | Specifies the proxy buffer level, in bytes, at which the receive window is closed. Sample: 49152 | ||||
proxy_buffer_low integer | Specifies the proxy buffer level, in bytes, at which the receive window is opened. Sample: 32768 | ||||
proxy_max_segment boolean | Specifies, when yes , that the system attempts to advertise the same maximum segment size (MSS) to the server-side connection as that of the client-side connection.Sample: True | ||||
proxy_options boolean | Specifies, when yes , that the system advertises an option (such as time stamps) to the server only when the option is negotiated with the client. | ||||
push_flag string | Specifies how the BIG-IP system receives ACKs. Sample: default | ||||
rate_pace boolean | Specifies, when yes , that the system paces the egress packets to avoid dropping packets, allowing for optimum goodput.Sample: True | ||||
rate_pace_max_rate integer | Specifies the maximum rate in bytes per second to which the system paces TCP data transmission. | ||||
receive_window integer | Specifies the maximum advertised RECEIVE window size. Sample: 65535 | ||||
reset_on_timeout boolean | Specifies, when yes , that the system sends a reset packet (RST) in addition to deleting the connection, when a connection exceeds the idle timeout value.Sample: True | ||||
retransmit_threshold integer | Specifies the number of duplicate ACKs (retransmit threshold) to start fast recovery. Sample: 3 | ||||
selective_acks boolean | Specifies, when yes , that the system processes data using selective ACKs (SACKs) whenever possible, to improve system performance.Sample: True | ||||
selective_nack boolean | Specifies, when yes , that the system processes data using a selective negative acknowledgment (SNACK) whenever possible, to improve system performance.Sample: True | ||||
send_buffer integer | Specifies the SEND window size. Sample: 65535 | ||||
slow_start boolean | Specifies, when yes , that the system uses Slow-Start Congestion Avoidance as described in RFC3390 in order to ramp up traffic without causing excessive congestion on the link.Sample: True | ||||
syn_cookie_enable boolean | Specifies the default (if no DoS profile is associated) number of embryonic connections that are allowed on any virtual server, before SYN Cookie challenges are enabled for that virtual server. Sample: True | ||||
syn_cookie_white_list boolean | Specifies whether or not to use a SYN Cookie WhiteList when doing software SYN Cookies. | ||||
syn_retrans_to_base integer | Specifies the initial RTO (Retransmission TimeOut) base multiplier for SYN retransmissions. Sample: 3000 | ||||
tail_loss_probe boolean | Specifies, when yes , that the system uses Tail Loss Probe to reduce the number of retransmission timeouts.Sample: True | ||||
time_to_live string | Specifies the outgoing TCP packet's IP Header TTL mode. Sample: proxy | ||||
time_to_live_v4 integer | Specifies the outgoing packet's IP Header TTL value for IPv4 traffic. Sample: 255 | ||||
time_to_live_v6 integer | Specifies the outgoing packet's IP Header TTL value for IPv6 traffic. Sample: 64 | ||||
time_wait string | Specifies the length of time that a TCP connection remains in the TIME-WAIT state before entering the CLOSED state. Sample: 2000 | ||||
time_wait_recycle boolean | Specifies, when yes , that connections in a TIME-WAIT state are reused when the system receives a SYN packet, indicating a request for a new connection.Sample: True | ||||
timestamps boolean | Specifies, when yes , that the system uses the timestamps extension for TCP (as specified in RFC 1323) to enhance high-speed network performance.Sample: True | ||||
verified_accept boolean | Specifies, when yes , that the system can actually communicate with the server before establishing a client connection.Sample: True | ||||
zero_window_timeout string | Specifies the timeout in milliseconds for terminating a connection with an effective zero length TCP transmit window. Sample: 2000 | ||||
traffic_groups complex | When traffic-groups is specified in gather_subset . | Traffic group related facts. Sample: hash/dictionary of values | |||
auto_failback_enabled boolean | changed | Specifies whether the traffic group fails back to the default device. Sample: True | |||
auto_failback_time integer | changed | Specifies the time required to fail back. Sample: 60 | |||
description string | changed | Description of the traffic group. Sample: My traffic group | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/tg1 | |||
ha_load_factor integer | changed | Specifies a number for this traffic group that represents the load this traffic group presents to the system relative to other traffic groups. Sample: 1 | |||
ha_order list | changed | This list of devices specifies the order in which the devices will become active for the traffic group when a failure occurs. Sample: ['/Common/device1', '/Common/device2'] | |||
is_floating boolean | changed | Indicates whether the traffic group can fail over to other devices in the device group. | |||
mac_masquerade_address string | changed | Specifies a MAC address for the traffic group. Sample: 00:98:76:54:32:10 | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: tg1 | |||
trunks complex | When trunks is specified in gather_subset . | Trunk related facts. Sample: hash/dictionary of values | |||
configured_member_count integer | changed | The number of configured members that are associated with the trunk. Sample: 1 | |||
description string | changed | Description of the Trunk. Sample: My trunk | |||
distribution_hash string | changed | The basis for the has that the system uses as the frame distribution algorithm. The system uses this hash to determine which interface to use for forwarding traffic. Sample: src-dst-ipport | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/trunk1 | |||
interfaces list | changed | The list of interfaces that are part of the trunk. Sample: ['1.2', '1.3'] | |||
lacp_enabled boolean | changed | Whether LACP is enabled or not. Sample: True | |||
lacp_mode string | changed | The operation mode for LACP. Sample: passive | |||
lacp_timeout integer | changed | The rate at which the system sends the LACP control packets. Sample: 10 | |||
link_selection_policy string | changed | The LACP policy that the trunk uses to determine which member link can handle new traffic. Sample: maximum-bandwidth | |||
media_speed integer | changed | Speed of the media attached to the trunk. Sample: 10000 | |||
media_status boolean | changed | Whether the media that is part of the trunk is up or not. Sample: True | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: trunk1 | |||
operational_member_count integer | changed | Number of working members associated with the trunk. Sample: 1 | |||
stp_enabled boolean | changed | Whether Spanning Tree Protocol (STP) is enabled or not. Sample: True | |||
udp_profiles complex | When udp-profiles is specified in gather_subset . | UDP profile related facts. Sample: hash/dictionary of values | |||
allow_no_payload boolean | changed | Allow the passage of datagrams that contain header information, but no essential data. Sample: True | |||
buffer_max_bytes integer | changed | Ingress buffer byte limit. Maximum allowed value is 16777215. Sample: 655350 | |||
buffer_max_packets integer | changed | Ingress buffer packet limit. Maximum allowed value is 255. | |||
datagram_load_balancing boolean | changed | Load balance UDP datagram by datagram Sample: True | |||
description string | changed | Description of the resource. Sample: My profile | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: udp | |||
idle_timeout boolean | changed | Number of seconds that a connection is idle before the connection is eligible for deletion. In addition to a number, may be one of the values indefinite , or immediate .Sample: 200 | |||
ip_df_mode string | changed | Describes the Don't Fragment (DF) bit setting in the outgoing UDP packet. May be one of pmtu , preserve , set , or clear .When pmtu , sets the outgoing UDP packet DF big based on the ip pmtu setting.When preserve , preserves the incoming UDP packet Don't Fragment bit.When set , sets the outgoing UDP packet DF bit.When clear , clears the outgoing UDP packet DF bit.Sample: pmtu | |||
ip_tos_to_client string | changed | The Type of Service level that the traffic management system assigns to UDP packets when sending them to clients. May be numeric, or the values pass-through or mimic .Sample: mimic | |||
ip_ttl_mode string | changed | The outgoing UDP packet's TTL mode. Valid modes are proxy , preserve , decrement , and set .When proxy , set the IP TTL of ipv4 to the default value of 255 and ipv6 to the default value of 64.When preserve , set the IP TTL to the original packet TTL value.When decrement , set the IP TTL to the original packet TTL value minus 1.When set , set the IP TTL with the specified values in ip_ttl_v4 and ip_ttl_v6 values in the same profile.Sample: proxy | |||
ip_ttl_v4 integer | changed | IPv4 TTL. Sample: 10 | |||
ip_ttl_v6 integer | changed | IPv6 TTL. Sample: 100 | |||
link_qos_to_client string | changed | The Quality of Service level that the system assigns to UDP packets when sending them to clients. May be either numberic, or the value pass-through .Sample: pass-through | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: /Common/udp | |||
no_checksum boolean | changed | Whether the checksum processing is enabled or disabled. Note that if the datagram is IPv6, the system always performs checksum processing. Sample: True | |||
parent string | changed | Profile from which this profile inherits settings. Sample: udp | |||
proxy_mss boolean | changed | When yes , specifies that the system advertises the same mss to the server as was negotiated with the client.Sample: True | |||
vcmp_guests complex | When vcmp-guests is specified in gather_subset . | vCMP related facts. Sample: hash/dictionary of values | |||
allowed_slots list | changed | List of slots that the guest is allowed to be assigned to. Sample: [0, 1, 3] | |||
assigned_slots list | changed | Slots that the guest is assigned to. Sample: [0] | |||
boot_priority integer | changed | Specifies boot priority of the guest. Lower number means earlier to boot. Sample: 65535 | |||
cores_per_slot integer | changed | Number of cores that the system allocates to the guest. Sample: 2 | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: guest1 | |||
hostname string | changed | FQDN assigned to the guest. Sample: guest1.localdomain | |||
hotfix_image string | changed | hotfix image to install onto any of this guest's newly created virtual disks. Sample: Hotfix-BIGIP-12.1.3.4-0.0.2-hf1.iso | |||
initial_image string | changed | Software image to install onto any of this guest's newly created virtual disks. Sample: BIGIP-12.1.3.4-0.0.2.iso | |||
mgmt_address string | changed | Management IP address configuration for the guest. Sample: 2.3.2.3 | |||
mgmt_network string | changed | Accessibility of this vCMP guest's management network. Sample: bridged | |||
mgmt_route string | changed | Management gateway IP address for the guest. Sample: 2.2.2.1 | |||
min_number_of_slots integer | changed | Specifies the minimum number of slots that the guest must be assigned to. Sample: 2 | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: guest1 | |||
number_of_slots integer | changed | Specifies the number of slots the guest should be assigned to. This number is always greater than, or equal to, min_number_of_slots .Sample: 2 | |||
ssl_mode string | changed | The SSL hardware allocation mode for the guest. Sample: shared | |||
state string | changed | Specifies the state of the guest. May be one of configured , provisioned , or deployed .Each state implies the actions of all states before it. Sample: provisioned | |||
virtual_disk string | changed | The filename of the virtual disk to use for this guest. Sample: guest1.img | |||
virtual_addresses complex | When virtual-addresses is specified in gather_subset . | Virtual address related facts. Sample: hash/dictionary of values | |||
address string | changed | The virtual IP address. Sample: 2.3.4.5 | |||
arp_enabled boolean | changed | Whether or not ARP is enabled for the specified virtual address. Sample: True | |||
auto_delete_enabled boolean | changed | Indicates if the virtual address will be deleted automatically on deletion of the last associated virtual server or not. | |||
connection_limit integer | changed | Concurrent connection limit for one or more virtual servers. | |||
description string | changed | The description of the virtual address. Sample: My virtual address | |||
enabled boolean | changed | Whether the virtual address is enabled or not. Sample: True | |||
floating boolean | changed | Property derived from traffic-group. A floating virtual address is a virtual address for a VLAN that serves as a shared address by all devices of a BIG-IP traffic-group. Sample: True | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/2.3.4.5 | |||
icmp_echo boolean | changed | Whether the virtual address should reply to ICMP echo requests. Sample: True | |||
inherited_traffic_group boolean | changed | Indicates if the traffic-group is inherited from the parent folder. | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: 2.3.4.5 | |||
netmask string | changed | Netmask of the virtual address. Sample: 255.255.255.255 | |||
route_advertisement boolean | changed | Specifies the route advertisement setting for the virtual address. | |||
spanning boolean | changed | Whether or not spanning is enabled for the specified virtual address. | |||
traffic_group string | changed | Traffic group on which the virtual address is active. Sample: /Common/traffic-group-1 | |||
virtual_servers complex | When virtual-addresses is specified in gather_subset . | Virtual address related facts. Sample: hash/dictionary of values | |||
authentication_profile list | changed | Specifies a list of authentication profile names, separated by spaces, that the virtual server uses to manage authentication. Sample: ['/Common/ssl_drldp'] | |||
auto_lasthop string | changed | When enabled, allows the system to send return traffic to the MAC address that transmitted the request, even if the routing table points to a different network or interface. Sample: default | |||
availability_status string | changed | The availability of the virtual server. Sample: offline | |||
bw_controller_policy string | changed | The bandwidth controller for the system to use to enforce a throughput policy for incoming network traffic. Sample: /Common/bw1 | |||
client_side_bits_in integer | changed | Number of client-side ingress bits. Sample: 1000 | |||
client_side_bits_out integer | changed | Number of client-side egress bits. Sample: 200 | |||
client_side_current_connections integer | changed | Number of current connections client-side. Sample: 300 | |||
client_side_evicted_connections integer | changed | Number of evicted connections client-side. Sample: 100 | |||
client_side_max_connections integer | changed | Maximum number of connections client-side. Sample: 40 | |||
client_side_pkts_in integer | changed | Number of client-side ingress packets. Sample: 1098384 | |||
client_side_pkts_out integer | changed | Number of client-side egress packets. Sample: 3484734 | |||
client_side_slow_killed integer | changed | Number of slow connections killed, client-side. Sample: 234 | |||
client_side_total_connections integer | changed | Total number of connections. Sample: 24 | |||
cmp_enabled boolean | changed | Whether or not clustered multi-processor (CMP) acceleration is enabled. Sample: True | |||
cmp_mode string | changed | The clustered-multiprocessing mode. Sample: all-cpus | |||
connection_limit integer | changed | Maximum number of concurrent connections you want to allow for the virtual server. Sample: 100 | |||
connection_mirror_enabled boolean | changed | Whether or not connection mirroring is enabled. Sample: True | |||
cpu_usage_ratio_last_1_min integer | changed | CPU Usage Ratio (%) Last 1 Minute | |||
cpu_usage_ratio_last_5_min integer | changed | CPU Usage Ratio (%) Last 5 Minutes | |||
cpu_usage_ratio_last_5_sec integer | changed | CPU Usage Ratio (%) Last 5 Seconds | |||
current_syn_cache integer | changed | Current SYN Cache | |||
default_pool string | changed | Pool name that you want the virtual server to use as the default pool. Sample: /Common/pool1 | |||
description string | changed | The description of the virtual server. Sample: My virtual | |||
destination string | changed | Name of the virtual address and service on which the virtual server listens for connections. Sample: /Common/2.2.3.3%1:76 | |||
destination_address string | changed | Address portion of the destination .Sample: 2.3.3.2 | |||
destination_port integer | changed | Port potion of the destination .Sample: 80 | |||
enabled boolean | changed | Whether or not the virtual is enabled. Sample: True | |||
ephemeral_bits_in integer | changed | Number of ephemeral ingress bits. Sample: 1000 | |||
ephemeral_bits_out integer | changed | Number of ephemeral egress bits. Sample: 200 | |||
ephemeral_current_connections integer | changed | Number of ephemeral current connections. Sample: 300 | |||
ephemeral_evicted_connections integer | changed | Number of ephemeral evicted connections. Sample: 100 | |||
ephemeral_max_connections integer | changed | Maximum number of ephemeral connections. Sample: 40 | |||
ephemeral_pkts_in integer | changed | Number of ephemeral ingress packets. Sample: 1098384 | |||
ephemeral_pkts_out integer | changed | Number of ephemeral egress packets. Sample: 3484734 | |||
ephemeral_slow_killed integer | changed | Number of ephemeral slow connections killed. Sample: 234 | |||
ephemeral_total_connections integer | changed | Total number of ephemeral connections. Sample: 24 | |||
fallback_persistence_profile string | changed | Fallback persistence profile for the virtual server to use when the default persistence profile is not available. Sample: /Common/fallback1 | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/2.3.4.5 | |||
gtm_score integer | changed | Specifies a score that is associated with the virtual server. | |||
hardware_syn_cookie_instances integer | changed | Hardware SYN Cookie Instances | |||
ip_intelligence_policy string | changed | IP Intelligence policy assigned to the virtual Sample: /Common/ip1 | |||
irules list | changed | List of iRules that customize the virtual server to direct and manage traffic. Sample: ['/Common/rule1', "/Common/rule2'"] | |||
last_hop_pool string | changed | Name of the last hop pool that you want the virtual server to use to direct reply traffic to the last hop router. Sample: /Common/pool1 | |||
max_conn_duration integer | changed | Max Conn Duration/msec | |||
mean_conn_duration integer | changed | Mean Conn Duration/msec | |||
min_conn_duration integer | changed | Min Conn Duration/msec | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: 2.3.4.5 | |||
nat64_enabled boolean | changed | Whether or not NAT64 is enabled. Sample: True | |||
persistence_profile string | changed | The persistence profile you want the system to use as the default for this virtual server. Sample: /Common/persist1 | |||
profiles complex | List of the profiles attached to the virtual. | ||||
context string | changed | Which side of the connection the profile affects; either all , client-side or server-side .Sample: client-side | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: /Common/tcp | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: tcp | |||
protocol string | changed | IP protocol for which you want the virtual server to direct traffic. Sample: tcp | |||
rate_class string | changed | Name of an existing rate class that you want the virtual server to use to enforce a throughput policy for incoming network traffic. | |||
rate_limit integer | changed | Maximum number of connections per second allowed for a virtual server. Sample: 34 | |||
rate_limit_destination_mask integer | changed | Specifies a mask, in bits, to be applied to the destination address as part of the rate limiting. Sample: 32 | |||
rate_limit_mode string | changed | Indicates whether the rate limit is applied per virtual object, per source address, per destination address, or some combination thereof. Sample: object | |||
rate_limit_source_mask integer | changed | Specifies a mask, in bits, to be applied to the source address as part of the rate limiting. | |||
security_log_profiles list | changed | Specifies the log profile applied to the virtual server. Sample: ['/Common/global-network', '/Common/local-dos'] | |||
snat_pool string | changed | Specifies the name of a LSN or SNAT pool used by the specified virtual server. Sample: /Common/pool1 | |||
snat_type string | changed | Specifies the type of source address translation associated with the specified virtual server. Sample: none | |||
software_syn_cookie_instances integer | changed | Software SYN Cookie Instances | |||
source_address string | changed | Specifies an IP address or network from which the virtual server will accept traffic. Sample: 0.0.0./0 | |||
source_port_behavior string | changed | Specifies whether the system preserves the source port of the connection. Sample: preserve | |||
status_reason string | changed | If there is a problem with the status of the virtual, that problem is reported here. Sample: The children pool member(s) either don't have service checking... | |||
syn_cache_overflow integer | changed | SYN Cache Overflow | |||
syn_cookies_status string | changed | SYN Cookies Status Sample: not-activated | |||
total_hardware_accepted_syn_cookies integer | changed | SYN Cookies Total Hardware Accepted. | |||
total_hardware_syn_cookies integer | changed | SYN Cookies Total Hardware | |||
total_requests integer | changed | Total requests. Sample: 8 | |||
total_software_accepted_syn_cookies integer | changed | SYN Cookies Total Software Accepted. | |||
total_software_rejected_syn_cookies integer | changed | Total Software Rejected | |||
total_software_syn_cookies integer | changed | Total Software | |||
translate_address boolean | changed | Enables or disables address translation for the virtual server. Sample: True | |||
translate_port boolean | changed | Enables or disables port translation. Sample: True | |||
type string | changed | Virtual server type. Sample: standard | |||
vlans list | changed | List of VLANs on which the virtual server is either enabled or disabled. Sample: ['/Common/vlan1', '/Common/vlan2'] | |||
vlans complex | When vlans is specified in gather_subset . | List of VLAN facts. Sample: hash/dictionary of values | |||
auto_lasthop string | changed | Allows the system to send return traffic to the MAC address that transmitted the request, even if the routing table points to a different network or interface. Sample: enabled | |||
cmp_hash_algorithm string | changed | Specifies how the traffic on the VLAN will be disaggregated. Sample: default | |||
description string | changed | Description of the VLAN. Sample: My vlan | |||
failsafe_action string | changed | Action for the system to take when the fail-safe mechanism is triggered. Sample: reboot | |||
failsafe_enabled boolean | changed | Whether failsafe is enabled or not. Sample: True | |||
failsafe_timeout integer | changed | Number of seconds that an active unit can run without detecting network traffic on this VLAN before it starts a failover. Sample: 90 | |||
if_index integer | changed | Index assigned to this VLAN. It is a unique identifier assigned for all objects displayed in the SNMP IF-MIB. Sample: 176 | |||
interfaces complex | changed | List of tagged or untagged interfaces and trunks that you want to configure for the VLAN. | |||
full_path string | changed | Full name of the resource as known to BIG-IP. Sample: 1.3 | |||
name string | changed | Relative name of the resource in BIG-IP. Sample: 1.3 | |||
tagged boolean | changed | Whether the interface is tagged or not. | |||
learning_mode string | changed | Whether switch ports placed in the VLAN are configured for switch learning, forwarding only, or dropped. Sample: enable-forward | |||
mtu integer | changed | Specific maximum transition unit (MTU) for the VLAN. Sample: 1500 | |||
sflow_poll_interval integer | changed | Maximum interval in seconds between two pollings. | |||
sflow_poll_interval_global boolean | changed | Whether the global VLAN poll-interval setting, overrides the object-level poll-interval setting. | |||
sflow_sampling_rate integer | changed | Ratio of packets observed to the samples generated. | |||
sflow_sampling_rate_global boolean | changed | Whether the global VLAN sampling-rate setting, overrides the object-level sampling-rate setting. Sample: True | |||
source_check_enabled boolean | changed | Specifies that only connections that have a return route in the routing table are accepted. Sample: True | |||
tag integer | changed | Tag number for the VLAN. Sample: 30 | |||
true_mac_address string | changed | Media access control (MAC) address for the lowest-numbered interface assigned to this VLAN. Sample: fa:16:3e:10:da:ff |
Status
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by an Ansible Partner. [certified]
Authors
- Tim Rupp (@caphrim007)
- Wojciech Wypior (@wojtek0806)
Hint
If you notice any issues in this documentation you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.8/modules/bigip_device_facts_module.html