F5 – TMSH CLI Commands

I was going to list my favorites, but there were too many. So I decided to list all the options so you can see them and choose the command you want to run.

#SHOW

Options:
  current-module  Do not recurse into sub-modes
  recursive       Include sub-folders recursively
  running-config  Display configuration settings
  |               Route command output to a filter
Modules:
  analytics       Analytics reports
  api-protection
  asm             Application Security Manager
  auth            User accounts and authentication
  cli             Local user settings and configuration transactions
  cm              Centralized management configuration
  gtm             Global Traffic Manager
  ltm             Local Traffic Manager
  net             Network configuration
  security        Global Security Policies
  sys             General system configuration
  wom             WAN Optimization

 

#SHOW CM

Options:
  current-module    Do not recurse into sub-modes
  recursive         Include sub-folders recursively
  |                 Route command output to a filter
Components:
  device            Device configuration
  device-group      Device-group configuration
  failover-status   Display failover status
  sha1-fingerprint  Display local device SHA1 fingerprint.
  sync-status       Display sync status
  traffic-group     Traffic-group configuration

#SHOW LTM

Options:
  current-module             Do not recurse into sub-modes
  recursive                  Include sub-folders recursively
  |                          Route command output to a filter
Modules:
  auth                       Virtual server authentication configuration
  cipher                     Cipher Rule and Group configuration
  clientssl-proxy            Manage SSL Forward Proxy cached certificates
  data-group                 Data group configuration
  dns                        DNS configuration
  message-routing            Message routing framework configuration
  monitor                    LTM monitor templates
  persistence                Virtual server persistence configuration
  profile                    Virtual server profile configuration
  tacdb                      TACDB configuration.
Components:
  eviction-policy            Defines an eviction policy, used to select which flows to evict when approaching limits.
  ifile                      iFile Configuration
  nat                        Network address translation configuration
  nat-stats                  Displays Network address translation roll up statistics.
  node                       Node specific pool member configuration
  policy                     Centralized Policy Matching configuration
  pool                       Load balancing pool configuration
  rule                       iRules configuration
  snat                       Secure network address translation (SNAT) configuration
  snat-translation           SNAT translation address configuration
  snatpool                   Collections of SNAT translation addresses
  traffic-matching-criteria  Virtual server matching configuration
  urlcat-query               Query url category
  virtual                    Virtual server configuration
  virtual-address            Virtual server IP address configuration

#SHOW GTM

Options:
  current-module   Do not recurse into sub-modes
  recursive        Include sub-folders recursively
  |                Route command output to a filter
Modules:
  pool             GTM Load Balancing Pools. Type 'help pool' to see valid pool query types, and 'help pool [query type]' for more information on a specific
                   type of pool.
  wideip           GTM Wide IPs. Type 'help wideip' to see valid Wide IP query types, and 'help wideip [query type]' for more information on a specific type
                   of Wide IP.
Components:
  datacenter       Data center configuration
  distributed-app  Distributed application configuration
  iquery           IQuery statistics
  ldns             LDNS statistics
  link             Link configuration
  listener         Listeners accept DNS queries sent to a particular address.
  path             Path statistics
  persist          Displays the total number of persistence objects on the system.
  prober-pool      Prober Pool configuration
  rule             GTM iRule configuration
  server           GTM server configuration
  traffic          Global GTM statistics

#SHOW SYS

Options:
  current-module   Do not recurse into sub-modes
  recursive        Include sub-folders recursively
  |                Route command output to a filter
Modules:
  alert            Manage alerts on a system.
  crypto           Manage cryptographic objects such as keys and certificates.
  diags            Diagnostics
  disk             Manage disk configuration and utilization
  dynad
  fpga             FPGA(Field-Programmable Gate Array) firmware configuration
  icall            Manage iCall configuration items
  ipfix            Manages the common ipfix interface
  nethsm           Manages the common nethsm interface
  performance      System performance statistics
  raid             Manage disk arrays
  sflow            sFlow configuration
  software         Software Installation and Volume Management
  turboflex        TurboFlex profile configuration and feature list display
Components:
  availability     System availability metrics
  clock            Display the current date and time
  cluster          Cluster configuration
  config-diff      View the difference between two SCF files, or a file to running configuration
  connection       Displays, deletes or modifies active connections on the BIG-IP system.
  console          Configure the serial console
  cpu              CPU statistics of system overall performance and on management hosts.
  failover         Redundant system failover state
  fix-connection   FIX connection level stats
  ha-group         Specifies the ha group used to calculate the failover score.
  ha-mirror        Statistics for connection mirroring.
  ha-status
  hardware         View hardware information
  host-info        Host statistics, including system memory, CPU, and processor
  hypervisor-info  Configuration settings proposed by the vCMP hypervisor. (vCMP guest only)
  icmp-stat        Standard ICMP statistics, including ICMPv4 packets and errors, and ICMPv6 packets and errors.
  ip-address       View configured IP addresses
  ip-stat          Standard IP statistics, including IPv4 and IPv6 packets, fragments, fragments reassembled, and errors.
  iprep-status     Display the IP reputation database update status
  license          Manage the system license
  log              View system log files
  mac-address      View MAC addresses attached to the system
  mcp-state        Displays Master Control Program (mcp) state.
  memory           Memory statistics of system overall performance, on management hosts and traffic management modules, and on individual subsystem
  pptp-call-info   Displays or deletes active pptp-calls on the BIG-IP system
  proc-info        Display process status
  provision        Module resource configuration
  pva-traffic      Packet Velocity Acceleration Engine's (PVA) traffic statistics.
  ready            Displays the ready status for processing config/license/provision commands.
  service          Controls the BIG-IP system services.
  sync-sys-files   Sync System Files
  tmm-info         Traffic management statistics, including process, memory, and CPU usage.
  tmm-traffic      Traffic management statistics, including traffic information, error, and connections redirected.
  traffic          Global traffic statistics
  ucs              Displays the meta data in the specified UCS file.
  version          View system version and hotfix information

#SHOW NET

Options:
  current-module  Do not recurse into sub-modes
  recursive       Include sub-folders recursively
  |               Route command output to a filter
Modules:
  bwc             Bandwidth related configuration
  cos             Class of Service related configuration
  fdb             VLAN/Tunnel forwarding database configuration and status
  ipsec           IPsec configuration
  packet-tester   Displays test packet result based on policies and rules
  rate-shaping    Rate shaping configuration
  routing
  sfc
  tunnels         Tunnel configuration
Components:
  arp             Manage the Address Resolution Protocol (ARP) table
  clone-stats     Clone statistics
  cmetrics        Route metrics table display
  dns-resolver    DNS Resolver object.
  f5optics        Extensible F5 Optics
  ike-evt-stat    IKE event statistics
  ike-msg-stat    IKE message statistics
  interface       Interface configuration and statistics
  interface-cos   Interface COS (Class of Service) related statistics
  interface-ddm   Interface DDM (Digital Diagnostic Monitoring) related statistics
  ipsec-stat      IPSec statistics
  lldp-neighbors  List neighbor information detected by LLDP
  mroute          Displays multicast routes
  ndp             Manage the IPv6 Neighbor Discovery Protocol (NDP) table.
  packet-filter   Packet filter configuration
  route           Routing tables and configuration
  route-domain    Route domain configuration
  rst-cause       TCP/IP Reset Cause statistics.
  self            Self-IP address configuration
  stp             STP configuration
  trunk           Trunk configuration and statistics
  vlan            VLAN configuration and statistics
  vlan-allowed    Available VLANs which can be used by the system
  vlan-group      VLAN group configuration

#SHOW SECURITY

Options:
  current-module     Do not recurse into sub-modes
  recursive          Include sub-folders recursively
  |                  Route command output to a filter
Modules:
  bot-defense
  cloud-services     Cloud Services
  datasync           Datasync Framework
  dos                DoS Protection
  firewall           Global Firewall Policies
  ip-intelligence    IP Intelligence
  malicious-sources  Malicious Sources
admin@(F5-bigip1)(cfg-sync In Sync)(Active)(/Common)(tmos)# show security ?
Options:
  current-module     Do not recurse into sub-modes
  recursive          Include sub-folders recursively
  |                  Route command output to a filter
Modules:
  bot-defense
  cloud-services     Cloud Services
  datasync           Datasync Framework
  dos                DoS Protection
  firewall           Global Firewall Policies
  ip-intelligence    IP Intelligence
  malicious-sources  Malicious Sources