-
11717171819232324252526272828292931313233333434353636394040424343444444444748505254575861636566697072757778818385878992939697
100
Table of Contents
Table of ContentsF5 TMSH Reference - 16.xGeneral
greptimetmsh
Commandscdcpcreatedeleteeditexitgeneratehelpinstalllistloadmodifymvpublishpwdquitrebootreset-statsrestartrunsavesend-mailshowshutdownstartstopsubmit
Modulesanalytics
analytics afm-sweeper reportanalytics afm-sweeper
scheduled-reportanalytics application-security-anomalies
reportanalytics application-security-anomalies
scheduled-reportanalytics application-security-incidents
reportanalytics application-security-network reportanalytics
application-security-network scheduled-reportanalytics
application-security reportanalytics application-security
scheduled-reportanalytics asm-bypass reportanalytics asm-bypass
scheduled-reportanalytics asm-cpu reportanalytics asm-cpu
scheduled-reportanalytics asm-enforced-entities reportanalytics
asm-learning-suggestions reportanalytics asm-memory reportanalytics
asm-memory scheduled-reportanalytics asm-policy-changes
reportanalytics asm-violation reportanalytics asm-violation
scheduled-reportanalytics bot-defense-event reportanalytics
cpu-per-vip reportanalytics cpu reportanalytics cpu
scheduled-reportanalytics device-traffic reportanalytics
device-traffic scheduled-reportanalytics disk-info reportanalytics
disk-info scheduled-report
-
101104107109111114115118120124127130133136138139141146148150152154156159160162165166170172173175177179181183185188190192194195200203205207209211213216217220221223225228231233235237240242244247248249253255258
259259262
analytics dns-cache-resolver reportanalytics dns-profile
reportanalytics dns-protocol scheduled-reportanalytics dns-rpz
reportanalytics dns reportanalytics dns scheduled-reportanalytics
dos-l3 reportanalytics dos-l3 scheduled-reportanalytics dos-l7
reportanalytics dos-vis-attacks reportanalytics dos-vis-common
reportanalytics dos-vis-vips reportanalytics fw-nat reportanalytics
fw-nat scheduled-reportanalytics global-settingsanalytics
gtm-wideip reportanalytics http reportanalytics http
scheduled-reportanalytics ip-intelligence reportanalytics
ip-intelligence scheduled-reportanalytics ip-layer reportanalytics
ip-layer scheduled-reportanalytics lsn-pool reportanalytics
lsn-pool scheduled-reportanalytics memory-per-process
reportanalytics memory reportanalytics memory
scheduled-reportanalytics network reportanalytics network
scheduled-reportanalytics network stale-rulesanalytics pem
reportanalytics pem scheduled-reportanalytics pool-traffic
reportanalytics pool-traffic scheduled-reportanalytics proc-cpu
reportanalytics proc-cpu scheduled-reportanalytics
protocol-inspection reportanalytics protocol-security-http
reportanalytics protocol-security-http scheduled-reportanalytics
protocol-security reportanalytics protocol-security
scheduled-reportanalytics reportanalytics sip-dos reportanalytics
sip-dos scheduled-reportanalytics sip reportanalytics sip
scheduled-reportanalytics ssl-orchestrator-service-virtual
reportanalytics ssl-orchestrator-service-virtual
scheduled-reportanalytics ssl-orchestrator reportanalytics
ssl-orchestrator scheduled-reportanalytics swg-blocked
reportanalytics swg-blocked scheduled-reportanalytics swg
reportanalytics swg scheduled-reportanalytics system-monitor
reportanalytics tcp-analytics reportanalytics tcp-analytics
scheduled-reportanalytics tcp reportanalytics tcp
scheduled-reportanalytics tmm-dns-zone reportanalytics
traffic-classification reportanalytics traffic-classification
scheduled-reportanalytics udp reportanalytics udp
scheduled-reportanalytics uri-typeanalytics vcmp reportanalytics
vcmp scheduled-reportanalytics virtual reportanalytics virtual
scheduled-report
api-protectionapi-protection profile apiprotectionapi-protection
response
-
264265265266268269271272273275276278279280282284286287289291292294295298301302303305307308309311312312313315316317318320322323324327329330331332333335336337338340341342343344346347348349350351352352353355356358360361
api-protection serverapm
apm aaa active-directory-trusted-domainsapm aaa
active-directoryapm aaa crldpapm aaa endpoint-management-systemapm
aaa f5-mfa-configurationapm aaa f5-service-connectorapm aaa
http-connector-requestapm aaa http-connector-transportapm aaa
httpapm aaa kerberos-keytab-fileapm aaa kerberosapm aaa ldapapm aaa
oamapm aaa oauth-providerapm aaa oauth-requestapm aaa
oauth-serverapm aaa ocspapm aaa okta-connectorapm aaa radiusapm aaa
saml-idp-automationapm aaa saml-idp-connectorapm aaa samlapm aaa
securidapm aaa tacacsplusapm access-infoapm aclapm
apm-avr-configapm client imageapm configuration captchaapm epsec
epsec-packageapm epsec software-statusapm licenseapm log-settingapm
ntlm machine-accountapm ntlm ntlm-authapm oauth db-instanceapm
oauth jwk-configapm oauth jwt-configapm oauth jwt-provider-listapm
oauth oauth-claimapm oauth oauth-client-appapm oauth
oauth-resource-serverapm oauth oauth-scopeapm oauth
purged-entriesapm oauth token-detailsapm policy access-policyapm
policy agent aaa-active-directoryapm policy agent
aaa-client-certapm policy agent aaa-crldpapm policy agent
aaa-httpapm policy agent aaa-ldapapm policy agent aaa-oauthapm
policy agent aaa-ocspapm policy agent aaa-radiusapm policy agent
aaa-samlapm policy agent aaa-securidapm policy agent acct-radiusapm
policy agent acct-tacacsplusapm policy agent api-authenticationapm
policy agent api-server-selectionapm policy agent decision-boxapm
policy agent dynamic-aclapm policy agent ending-allowapm policy
agent ending-denyapm policy agent ending-redirectapm policy agent
endpoint-check-machine-certapm policy agent
endpoint-check-softwareapm policy agent
endpoint-linux-check-fileapm policy agent
endpoint-linux-check-processapm policy agent
endpoint-mac-check-file
-
363364365366368369370372373374375377378379380381382383385386387391392393394395396397398399400401401402402402403408412414418419420421423424426427428433435436437439441442444445446448449451452452454456461463465466468469
apm policy agent endpoint-mac-check-processapm policy agent
endpoint-machine-infoapm policy agent
endpoint-windows-browser-cache-cleanerapm policy agent
endpoint-windows-check-fileapm policy agent
endpoint-windows-check-processapm policy agent
endpoint-windows-check-registryapm policy agent
endpoint-windows-group-policyapm policy agent
endpoint-windows-info-osapm policy agent
endpoint-windows-protected-workspaceapm policy agent
external-logon-pageapm policy agent http-header-modifyapm policy
agent ip-geolocation-lookupapm policy agent ip-reputation-lookupapm
policy agent irule-eventapm policy agent kerberosapm policy agent
l7-protocol-lookupapm policy agent loggingapm policy agent
logon-pageapm policy agent message-boxapm policy agent oamapm
policy agent oauth-authzapm policy agent request-classificationapm
policy agent resource-assignapm policy agent response-selectionapm
policy agent route-domain-selectionapm policy agent
server-cert-response-controlapm policy agent server-cert-statusapm
policy agent session-checkapm policy agent ssl-checkapm policy
agent tacacsplusapm policy agent variable-assignapm policy
customization-groupapm policy customization-languagesapm policy
image-fileapm policy policy-itemapm policy
windows-group-policy-fileapm profile accessapm profile
connectivityapm profile exchangeapm profile oauthapm profile
remote-desktopapm profile vdiapm report custom-report-fieldapm
resource app-tunnelapm resource client-rate-classapm resource
client-traffic-classifierapm resource ipv6-leasepoolapm resource
leasepoolapm resource network-accessapm resource portal-accessapm
resource remote-desktop citrix-client-bundleapm resource
remote-desktop citrix-client-package-fileapm resource
remote-desktop citrixapm resource remote-desktop questapm resource
remote-desktop rdpapm resource remote-desktop vmware-viewapm
resource sandboxapm resource webtop-linkapm resource webtopapm saml
artifact-resolution-serviceapm saml attribute-consuming-serviceapm
saml auth-context-class-listapm sessionapm sso basicapm sso
form-basedapm sso form-basedv2apm sso kerberosapm sso ntlmv1apm sso
ntlmv2apm sso oauth-bearerapm sso saml-resourceapm sso
saml-sp-automation
-
470472475476476
477478478479480482483484
484484485489491492493495495497498501502503504
506506507508510511512515526527
528528529531532534537538539540541541542544546548549
550550551553557558559561561562565568569571573575577
apm sso saml-sp-connectorapm sso samlapm swg-content-typeapm
swg-schemeapm url-filter
asmasm device-syncasm http-methodasm httpclass-asmasm policyasm
predefined-policyasm response-codeasm webapp-language
authauth apm-authauth cert-ldapauth ldapauth login-failuresauth
partitionauth password-policyauth passwordauth radius-serverauth
radiusauth remote-roleauth remote-userauth sourceauth tacacsauth
user
clicli admin-partitionscli alias privatecli alias sharedcli
global-settingscli historycli preferencecli scriptcli
transactioncli version
cmcm add-to-trustcm certcm config-synccm device-groupcm devicecm
failover-statuscm keycm remove-from-trustcm sha1-fingerprintcm
sniff-updatescm sync-statuscm traffic-groupcm trust-domaincm
watch-devicegroup-devicecm watch-sys-devicecm
watch-trafficgroup-device
gtmgtm datacentergtm distributed-appgtm global-settings
generalgtm global-settings load-balancinggtm global-settings
metrics-exclusionsgtm global-settings metricsgtm iquerygtm ldnsgtm
linkgtm listenergtm monitor bigip-linkgtm monitor bigipgtm monitor
externalgtm monitor firepassgtm monitor ftpgtm monitor
gateway-icmp
-
579581583585587589592594596597599601603605607609611613615617619621623625627629631632633639646652657663669671673674679681682685688690693696
699699700700709
714714716717719721724726727729731733734736737738739739740741742
gtm monitor gtpgtm monitor httpgtm monitor httpsgtm monitor
imapgtm monitor ldapgtm monitor mssqlgtm monitor mysqlgtm monitor
nntpgtm monitor nonegtm monitor oraclegtm monitor pop3gtm monitor
postgresqlgtm monitor radius-accountinggtm monitor radiusgtm
monitor real-servergtm monitor scriptedgtm monitor sipgtm monitor
smtpgtm monitor snmp-linkgtm monitor snmpgtm monitor soapgtm
monitor tcp-half-opengtm monitor tcpgtm monitor udpgtm monitor
wapgtm monitor wmigtm pathgtm persistgtm pool agtm pool aaaagtm
pool cnamegtm pool mxgtm pool naptrgtm pool srvgtm prober-poolgtm
regiongtm rulegtm servergtm topologygtm trafficgtm wideip agtm
wideip aaaagtm wideip cnamegtm wideip mxgtm wideip naptrgtm wideip
srv
ilxilx global-settingsilx node-versionilx pluginilx
workspace
ltmltm alg-log-profileltm auth crldp-serverltm auth
kerberos-delegationltm auth ldapltm auth ocsp-responderltm auth
profileltm auth radius-serverltm auth radiusltm auth ssl-cc-ldapltm
auth ssl-crldpltm auth ssl-ocspltm auth tacacsltm cipher groupltm
cipher ruleltm classification applicationltm classification
auto-update settingsltm classification auto-update statusltm
classification categoryltm classification celtm classification
signature-definition
-
743744745746747748749749750751752754755755756758759760761762762763764765766770772775776778780782783784788789790791793794795799801803808809810812814815817818819821822824825827830833834836838842844847849852855859862865
ltm classification signature-update-scheduleltm classification
signature-versionltm classification signaturesltm classification
stats applicationltm classification stats url-categoryltm
classification stats urlcat-cloudltm classification
update-signaturesltm classification updatesltm classification
url-cat-policyltm classification url-categoryltm classification
urldb-feed-listltm classification urldb-fileltm clientssl-proxy
cached-certsltm clientssl ocsp-stapling-responsesltm data-group
externalltm data-group internalltm default-node-monitorltm dns
analytics global-settingsltm dns cache global-settingsltm dns cache
records allltm dns cache records keyltm dns cache records msgltm
dns cache records nameserverltm dns cache records rrsetltm dns
cache resolverltm dns cache transparentltm dns cache
validating-resolverltm dns dns-express-dbltm dns dnssec keyltm dns
dnssec zoneltm dns nameserverltm dns tsig-keyltm dns zoneltm
eviction-policyltm global-settings connectionltm global-settings
generalltm global-settings ruleltm global-settings
traffic-controlltm ifileltm lsn-log-profileltm lsn-poolltm
message-routing diameter peerltm message-routing diameter profile
routerltm message-routing diameter profile sessionltm
message-routing diameter routeltm message-routing diameter
transport-configltm message-routing generic peerltm message-routing
generic protocolltm message-routing generic routeltm
message-routing generic routerltm message-routing generic
transport-configltm message-routing mqtt peerltm message-routing
mqtt profile routerltm message-routing mqtt profile sessionltm
message-routing mqtt routeltm message-routing mqtt
transport-configltm message-routing sip peerltm message-routing sip
profile routerltm message-routing sip profile sessionltm
message-routing sip routeltm message-routing sip
transport-configltm monitor diameterltm monitor dnsltm monitor
externalltm monitor firepassltm monitor ftpltm monitor
gateway-icmpltm monitor httpltm monitor http2ltm monitor httpsltm
monitor icmpltm monitor imap
-
868869872874876879882885886888891894896899900903904907910913915917919922925927930933935938940941943945948950951953955956958960962964965968988995
100110031004100510121016101910221024102610291034103610381039104110421045105110531054105510561058
ltm monitor inbandltm monitor ldapltm monitor module-scoreltm
monitor mqttltm monitor mssqlltm monitor mysqlltm monitor nntpltm
monitor noneltm monitor oracleltm monitor pop3ltm monitor
postgresqlltm monitor radius-accountingltm monitor radiusltm
monitor real-serverltm monitor rpcltm monitor saspltm monitor
scriptedltm monitor sipltm monitor smbltm monitor smtpltm monitor
snmp-dca-baseltm monitor snmp-dcaltm monitor soapltm monitor
tcp-echoltm monitor tcp-half-openltm monitor tcpltm monitor udpltm
monitor virtual-locationltm monitor wapltm monitor wmiltm
nat-statsltm natltm nodeltm persistence cookieltm persistence
dest-addrltm persistence global-settingsltm persistence hashltm
persistence hostltm persistence msrdpltm persistence
persist-recordsltm persistence sipltm persistence source-addrltm
persistence sslltm persistence universalltm policy-strategyltm
policyltm poolltm profile analyticsltm profile
certificate-authorityltm profile classificationltm profile
client-ldapltm profile client-sslltm profile dhcpv4ltm profile
dhcpv6ltm profile diameterltm profile dns-loggingltm profile dnsltm
profile fasthttpltm profile fastl4ltm profile fixltm profile ftpltm
profile georedundancyltm profile gtpltm profile htmlltm profile
http-compressionltm profile httpltm profile http2ltm profile
http3ltm profile httprouterltm profile icapltm profile iiopltm
profile ilx
-
105910611062106310651067106810691071107210731074107610781079108010811083108410851087108910911094109610991100110611091110111111121114111511171119112011271128113011321132113411351137113811401142114411461147114811491150115111521154115511551158
1164116511661167
11681168117011711177117811801180
ltm profile imapltm profile ipotherltm profile ipsecalgltm
profile maptltm profile mblbltm profile mqttltm profile mssqlltm
profile netflowltm profile ntlmltm profile ocsp-stapling-paramsltm
profile ocspltm profile one-connectltm profile pcpltm profile
pop3ltm profile pptpltm profile qoeltm profile quicltm profile
radiusltm profile ramcacheltm profile request-adaptltm profile
request-logltm profile response-adaptltm profile rewriteltm profile
rtspltm profile sctpltm profile server-ldapltm profile
server-sslltm profile sipltm profile smtpltm profile smtpsltm
profile socksltm profile splitsessionclientltm profile
splitsessionserverltm profile statisticsltm profile streamltm
profile tcp-analyticsltm profile tcpltm profile tftpltm profile
traffic-accelerationltm profile udpltm profile wa-cacheltm profile
web-accelerationltm profile web-securityltm profile websocketltm
profile xmlltm rule-profilerltm ruleltm snat-translationltm snatltm
snatpoolltm tacdb customdb-fileltm tacdb customdbltm tacdb
licenseddbltm tacdb queryltm traffic-classltm
traffic-matching-criterialtm urlcat-cloud-cacheltm urlcat-queryltm
virtual-addressltm virtual
mgmtmgmt shared settings api-status availabilitymgmt shared
settings api-status log resource-propertymgmt shared settings
api-status log resource
netnet address-listnet arpnet bwc policynet bwc
priority-groupnet bwc traffic-groupnet clone-statsnet cmetrics
-
118111821183118411851186118811891190119211921193119311941198119811991202120312051205120712081209120912101211121212131214121712191220122112231225122612281230123212341236123712381247124812481249124912511254125412551258125912601261126212631265126612691272127312741275127612781279128012811283
net cos global-settingsnet cos map-8021pnet cos map-dscpnet cos
traffic-prioritynet dag-globalsnet dns-resolvernet f5opticsnet fdb
tunnelnet fdb vlannet ike-evt-statnet ike-msg-statnet
interface-cosnet interface-ddmnet interfacenet ipsec-statnet ipsec
ike-daemonnet ipsec ike-peernet ipsec ike-sanet ipsec
ipsec-policynet ipsec ipsec-sanet ipsec
manual-security-associationnet ipsec traffic-selectornet
ipv6-subscriber-prefix-lengthnet lldp-globalsnet lldp-neighborsnet
mroutenet multicast-globalsnet ndpnet packet-filter-trustednet
packet-filternet packet-tester securitynet port-listnet
port-mirrornet rate-shaping classnet rate-shaping color-policernet
rate-shaping drop-policynet rate-shaping queuenet rate-shaping
shaping-policynet route-domainnet routenet router-advertisementnet
routing access-listnet routing bfdnet routing bgpnet routing
community-listnet routing debugnet routing extcommunity-listnet
routing prefix-listnet routing profile bgpnet routing route-mapnet
rst-causenet self-allownet selfnet service-policynet sfc-statsnet
sfc chainnet sfc hopnet sfc sfnet stp-globalsnet stpnet
timer-policynet trunknet tunnels endpointnet tunnels etheripnet
tunnels fec-statnet tunnels fecnet tunnels genevenet tunnels grenet
tunnels ipipnet tunnels ipsecnet tunnels lw4o6net tunnels map
-
1284128512861288129012911292129312951298
130013001303130413051305130613071308130913101312131313141316132713291330133213331335133813401342134413471349135313541355135713581359135913601361136213631366136713691370
13711371137313741399140114011402140314041405140614071407140814081417141814191420
net tunnels pppnet tunnels tcp-forwardnet tunnels tunnelnet
tunnels v6rdnet tunnels vxlannet tunnels wccpnet vlan-allowednet
vlan-groupnet vlannet wccp
pempem forwarding-endpointpem global-settings analyticspem
global-settings gxpem global-settings hsl-flowpem global-settings
hsl-reportpem global-settings insert-contentpem global-settings
policypem global-settings quota-mgmtpem global-settings
session-mgmt-attributespem global-settings
subscriber-activity-logpem interception-endpointpem irulepem
listenerpem policypem profile diameter-endpointpem profile
radius-aaapem profile spmpem profile subscriber-mgmtpem protocol
diameter-avppem protocol profile gxpem protocol profile radiuspem
protocol radius-avppem quota-mgmt rating-grouppem reporting
format-scriptpem service-chain-endpointpem sessiondbpem stats
actionpem stats dtospem stats gxpem stats gypem stats hslpem stats
hudnode-optpem stats multiple-ippem stats persistencepem stats
radiuspem stats sdpem stats subscriberpem stats tetheringpem
subscriber-attributepem subscriberpem subscribers
securitysecurity analytics settingssecurity anti-fraud
engine-updatesecurity anti-fraud profilesecurity anti-fraud
signatures-updatesecurity blacklist-publisher
all-blacklist-publishersecurity blacklist-publisher
blacklist-publisher-statssecurity blacklist-publisher
by-addrsecurity blacklist-publisher by-categorysecurity
blacklist-publisher categorysecurity blacklist-publisher
profilesecurity bot-defense anomaly-categorysecurity bot-defense
anomalysecurity bot-defense classsecurity bot-defense
micro-servicesecurity bot-defense profilesecurity bot-defense
signature-categorysecurity bot-defense signaturesecurity
bot-defense templatesecurity cloud-services cmd
-
142114221423142414251427142714281430143114311432143314331434143414351435143614371438143914481449145214531454145514591473147514761478147914811481148214821483148414841485148714871492149214931493149714991501150715081509151015111512151215161517151815221523152515261527152915301530154315431544
security cloud-services connectorsecurity datasync
background-taskssecurity datasync device-statssecurity datasync
global-profilesecurity datasync local-profilesecurity debug
drop-redirect-statssecurity debug matchersecurity debug
registersecurity device-id attributesecurity device
device-contextsecurity dos auto-thresholds heavy-urlssecurity dos
auto-thresholds stress-basedsecurity dos auto-thresholds
top-device-idssecurity dos auto-thresholds top-geolocationssecurity
dos auto-thresholds top-source-ipssecurity dos auto-thresholds
top-urlssecurity dos auto-thresholds tps-basedsecurity dos
autodos-file-objectsecurity dos behavioral-signaturesecurity dos
bot-signature-categorysecurity dos bot-signaturesecurity dos
device-configsecurity dos dns-nxdomain-statsecurity dos
dos-signaturesecurity dos dynamic-signaturessecurity dos
ip-uncommon-protolistsecurity dos l4bdos-file-objectsecurity dos
network-whitelistsecurity dos profilesecurity dos
spva-statssecurity dos stress-statssecurity dos
udp-portlistsecurity dos virtualsecurity firewall
address-listsecurity firewall config-change-logsecurity firewall
container-statsecurity firewall context-statsecurity firewall
current-statesecurity firewall fqdn-entitysecurity firewall
fqdn-infosecurity firewall global-fqdn-policysecurity firewall
global-rulessecurity firewall ipi-category-infosecurity firewall
management-ip-rulessecurity firewall matching-rulesecurity firewall
on-demand-compilationsecurity firewall
on-demand-rule-deploysecurity firewall policysecurity firewall
port-listsecurity firewall port-misuse-policysecurity firewall
rule-listsecurity firewall rule-statsecurity firewall
schedulesecurity firewall user-domainsecurity firewall
user-listsecurity firewall uuid-default-autogeneratesecurity
flowspec-route-injector flowspec-advertised-route-infosecurity
flowspec-route-injector profilesecurity http file-typesecurity http
mandatory-headersecurity http profilesecurity ip-intelligence
blacklist-categorysecurity ip-intelligence feed-listsecurity
ip-intelligence global-policysecurity ip-intelligence infosecurity
ip-intelligence policysecurity log antifraud-storage-fieldsecurity
log network-storage-fieldsecurity log profilesecurity log
protocol-dns-storage-fieldsecurity log
protocol-sip-storage-fieldsecurity log remote-format
-
15451546154615471548155115561556155815581559155915601560156115611562156315631565156515661566156815691570157115721572157315731574157815791582
1583158315841584158515861587158815901598159815991600160116021606160716081609161016101611161216141614161516171619162016211622162416241625162516261630
security log storage-fieldsecurity malicious-sources
device-idssecurity malicious-sources ip-addressessecurity nat
destination-translationsecurity nat policysecurity nat
source-translationsecurity packet-filter default-rulessecurity
packet-filter policysecurity packet-filter rule-statsecurity
presentation tmui netflow-detailssecurity presentation tmui
netflow-listsecurity presentation tmui signature-detailssecurity
presentation tmui signature-listsecurity protected-servers
netflow-tmc-statsecurity protocol-inspection auto-update
settingssecurity protocol-inspection auto-update statussecurity
protocol-inspection common-configsecurity protocol-inspection
compliance-enumssecurity protocol-inspection compliancesecurity
protocol-inspection learning-statssecurity protocol-inspection
learning-suggestionssecurity protocol-inspection
profile-statussecurity protocol-inspection profilesecurity
protocol-inspection servicesecurity protocol-inspection
signaturesecurity protocol-inspection stagingsecurity
protocol-inspection systemsecurity protocol-inspection
updatessecurity protocol-inspection virtual-serverssecurity
scrubber dwbl-scrubber-category-statssecurity scrubber
dwbl-scrubber-statsecurity scrubber profilesecurity scrubber
unredirectsecurity ssh profilesecurity zone
syssys air-filter-resetsys alert lcdsys aomsys appiq configsys
application apl-scriptsys application custom-statsys application
servicesys application templatesys autoscale-groupsys
availabilitysys clocksys clustersys config-diffsys configsys
connectionsys consolesys coresys cpusys crypto
acceleration-strategysys crypto allow-key-exportsys crypto
ca-bundle-managersys crypto cert-order-managersys crypto
cert-validation-response ocspsys crypto cert-validator crlsys
crypto cert-validator ocspsys crypto certsys crypto check-certsys
crypto clientsys crypto crlsys crypto csrsys crypto
encrypted-attributessys crypto fips by-handlesys crypto fips
external-hsmsys crypto fips keysys crypto keysys crypto
master-key
-
163016321633163416351635163616371638163816401641164216431644164516461646164716481649165016511652165316531654165416561657165816591661166216631664166516661668166916711671167216731674167516751676167916801681168216821685168616871688168916911692169216941695169616961697169816981699170017011702
sys crypto pkcs12sys crypto serversys daemon-hasys
daemon-log-settings clusterdsys daemon-log-settings csyncdsys
daemon-log-settings icr-eventdsys daemon-log-settings icrdsys
daemon-log-settings lindsys daemon-log-settings mcpdsys
daemon-log-settings tmmsys datastorsys dbsys default-configsys
diags ihealth-requestsys diags ihealth-resultsys diags ihealthsys
disk application-volumesys disk directorysys disk logical-disksys
dnssys dynad instrumentationsys dynad keysys dynad rpmsys dynad
settingssys dynad statussys ecm configsys ecm registersys
failoversys feature-modulesys file apache-ssl-certsys file
browser-capabilities-dbsys file data-groupsys file
device-capabilities-dbsys file external-monitorsys file ifilesys
file lwtunneltblsys file rewrite-rulesys file ssl-certsys file
ssl-crlsys file ssl-keysys fipsusersys fix-connectionsys foldersys
fpga firmware-configsys fpga infosys fpga turboflex-profilesys
geoipsys global-settingssys ha-groupsys ha-statussys hardwaresys
host-infosys httpdsys hypervisor-infosys icall eventsys icall
handler periodicsys icall handler perpetualsys icall handler
triggeredsys icall istats-triggersys icall publishersys icall
scriptsys icmp-statsys icontrol-soapsys integrity status-checksys
internal-proxysys ip-addresssys ip-statsys ipfix destinationsys
ipfix elementsys ipfix irulessys iprep-statussys license
-
170317041705170617071708170917111712171317151716171817191720172117221723172417261726172717281728172917311732173217331734173417351735173617371738173817391741174117421743174417441745174617471747174817481749175017511751175317541759176117621764176617671767176917701771177317741775177717781778
sys log-config destination alertdsys log-config destination
arcsightsys log-config destination ipfixsys log-config destination
local-databasesys log-config destination local-syslogsys log-config
destination management-portsys log-config destination
remote-high-speed-logsys log-config destination remote-syslogsys
log-config destination splunksys log-config filtersys log-config
publishersys log-rotatesys logsys mac-addresssys management-dhcpsys
management-ipsys management-ovsdbsys management-proxy-configsys
management-routesys mcp-statesys memorysys nethsm
async-queue-statsys nethsm pkcs11d-statsys nethsm
sync-queue-statsys ntpsys outbound-smtpsys performance all-statssys
performance connectionssys performance dnsexpresssys performance
dnssecsys performance gtmsys performance ramcachesys performance
systemsys performance throughputsys pfman consumersys pfman
devicesys proc-infosys provisionsys pva-trafficsys raid arraysys
raid baysys raid disksys readysys scriptdsys servicesys sflow
data-source httpsys sflow data-source interfacesys sflow
data-source systemsys sflow data-source vlansys sflow
global-settings httpsys sflow global-settings interfacesys sflow
global-settings systemsys sflow global-settings vlansys sflow
receiversys smtp-serversys snmpsys software block-device-hotfixsys
software block-device-imagesys software hotfixsys software imagesys
software signaturesys software statussys software update-statussys
software updatesys software volumesys sshdsys state-mirroringsys
sync-sys-filessys syslogsys tmm-infosys tmm-trafficsys traffic
-
1779178017801781178217821784178417851787
17871787178817891789179017911791179217921793179417961797179717981798179917991799
1800180018011804180418051806180618071808
1808180818091812181318151830183118321832
1833183318341835183618371839184118431844184618471849
sys turboflex featuressys turboflex profile-configsys turboflex
profile allsys turboflex profile featuresys turboflex warningsys
ucssys url-db download-resultsys url-db download-schedulesys url-db
url-categorysys version
utilutil ccmodeutil clientssl-ciphersutil diadbutil dnatutilutil
establish adfs trustutil finalize custom amiutil geodbutil
geoutilutil ihealthutil ipsecalgdbutil lsndbutil platform checkutil
platform diagutil qkcloudutil serverssl-ciphersutil sipdbutil ssh
keyswaputil test-monitorutil verify encryption
vcmpvcmp globalvcmp guestvcmp health ha-statusvcmp health
module-provisionvcmp health promptvcmp health softwarevcmp
traffic-profilevcmp virtual-disk-templatevcmp virtual-disk
wamwam ad-policywam applicationwam domain listwam object-typewam
policywam resource concat-setwam resource domain-listwam resource
urlwam roi-statistics
womwom advertised-routewom deduplicationwom diagnose-connwom
endpoint-discoverywom local-endpointwom profile cifswom profile
isessionwom profile mapiwom remote-endpointwom remote-routewom
server-discoverywom verify-config
-
F5 TMSH Reference - 16.xF5 TMSH references are collections of
the available BIG-IP TMSH man pages.
General
grepNAME grep - Display lines matching a pattern
SYNTAX list [component] "|" grep [ [option | pattern] ... ] show
[component] "|" grep [ [option | pattern] ... ] options: -A
[integer] -B [integer] -C [integer] -E -G -P -c -e [pattern] -i -m
[integer] -n -o -v -w -x Note: Each option must be followed by a
space.
Note: tmsh treats any argument that is not preceded by a
supported option, and does not begin with a hyphen, as a search
pattern preceded by -e.
DESCRIPTION You can use grep to filter the output generated by
the commands list (configuration settings) and show (statistics and
runtime status). You must type the character | before the grep
specification. You can use multiple filters chained together.
EXAMPLES The following examples show how to use the grep utility
in tmsh.
list ltm node | grep "^10\.2" list ltm virtual | grep -i seattle
list ltm virtual | grep -i abc | grep -i ab | grep -i a
OPTIONS -A Display the specified number of lines of context
after matching lines.
-B Display the specified number of lines of context before
matching lines.
-C Display the specified number of lines of context before and
after matching lines.
-E Interpret patterns as extended regular expressions.
-G Interpret patterns as basic regular expressions.
-P Interpret patterns as Perl regular expressions.
-c Display a count of the lines that match. If -v is specified
the number of non-matching lines is displayed.
-e Specify a pattern. This is useful to protect against patterns
beginning with a hyphen.
-i Case insensitive search.
-m Stop reading input after the specified number of matching
lines. If -c is specified the count will not exceed the value
specified for -m. If -v is specified grep will stop after finding
the specified number of non-matching lines.
-n Prefix each line of output with the line number relative to
the input.
-o Show only the part of a matching line that matches the
pattern.
R
-
-v Invert the sense of matching, to select non-matching
lines.
-w Select only those lines containing matches that form whole
words. The test is that the matching substring must either be at
the beginning of the line, or preceded by a non-word constituent
character. Similarly, it must be either at the end of the line or
followed by a non-word constituent character. Word-constituent
characters are letters, digits, and the underscore.
-x Select only those matches that exactly match the whole
line.
SEE ALSO list, show, tmsh
COPYRIGHT No part of this program may be reproduced or
transmitted in any form or by any means, electronic or mechanical,
including photocopying, recording, or information storage and
retrieval systems, for any purpose other than the purchaser's
personal use, without the express written permission of F5
Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2009. All rights
reserved.
BIG-IP 2017-05-24 grep(1)
timeNAME Time - Date and Time formats.
MODULE All tmsh modules.
SYNTAX Date/Time Syntax now[ [ + | - ] [ d | h | w | m ] ]
yyyy-mm-dd[ : | T ]hh:mm[:ss] mm-dd[-yyyy][ : | T ]hh:mm[:ss]
mm/dd[/yyyy][ : | T ]hh:mm[:ss]
Date Range Syntax now[ [ + | - ] [ d | h | w | m ] ]--now[ [ + |
- ] [ d | h | w | m ] ] yyyy-mm-dd[ : | T ]hh:mm[:ss]--yyyy-mm-dd[
: | T ]hh:mm[:ss] mm-dd[-yyyy][ : | T ]hh:mm[:ss]--indefinite
epoch--mm/dd[/yyyy][ : | T ]hh:mm[:ss] now[ [ + | - ] [ d | h | w |
m ] ]
DESCRIPTION The date or time format is found in tmsh as an
attribute or parameter for many configuration items. Below are the
various formats supported for both Date/Time and Date Range. Please
see the examples for further assistance in using the required
formats.
DATE:TIME FORMATS nowX This date format starts with now (the
current time) and is optionally followed by + or - some time span.
The format will look like the following: now[ [ + | - ] integer [ d
| h | w | m ] ], where the user picks either before (-) or after
(+) the current time and then specifies integer number of
minutes(m), hours(h), days(d) or weeks(w). This format is
case-insensitive.
Examples: Input Date Description
now-3d 3 days ago. now+3h 3 hours from now. now-3m 3 minutes
ago. now+3w 3 weeks from now.
yyyy-mm-dd:hh:mm:ss This format requires a year, month, day
separated by - characters. A time is also required, which is
specified as hour:minute:second, where the seconds are optional.
The date and time must be separated by a : colon. Note: This is the
default time format for output from tmsh.
Examples: Input Date Description
2013-05-29:13:30 May 29th, 2013 at 1:30pm. 2000-01-04:12:22:30
January 4th, 2000 at 12:22pm and 30 seconds.
mm-dd-yyyy:hh:mm:ss This format requires at least a month(m) and
day(d) specified and optionally a year (y). If no year is
specified, tmsh will auto-fill the year with the current year. A
time is also required in the format of hour:minute:second, where
the seconds are optional.
Examples: Input Date Description
-
3-12-2015:12:01:00 March 12th, 2015 at 12:01 pm. 4-15:22:10:30
April 15th of this year at 10:10 pm and 30 seconds.
mm/dd/yyyy:hh:mm:ss This format requires at least a month(m) and
day(d) specified and optionally a year (y). If no year is
specified, tmsh will auto-fill the year with the current year. A
time is also required in the format of hour:minute:second, where
the seconds are optional.
Examples: Input Date Description
3/12/2015:12:01:00 March 12th, 2015 at 12:01 pm. 4/15:22:10:30
April 15th of this year at 10:10 pm and 30 seconds.
T Delimiter Any of the above time formats may optionally use a
capital letter T (as in the word Time) to separate the date from
the time, instead of using a colon (:).
Examples: Input Date Description
9/16/2005T12:01:01 September 16th, 2005 at 12:01pm and 1 second.
2011-11-12T00:03:30 November 12th, 2011 at 12:03am and 30
seconds.
Special Dates There are two special dates that may be used in
tmsh. They are indefinite and epoch. Below is an explanation of
those dates.
indefinite The date will be marked as being infinitely in the
future (end of time).
epoch The date will be marked as being infinitely in the past
(beginning of time).
DATE RANGES DateX--DateZ A Date Range is 2 dates in a valid Date
Format separated by a -- (double hyphen). The dates may be any of
the Date Formats specified above. See examples below on how to use
this notation.
Examples: Input Date Description
now-2d--now-4d 2 to 4 days ago. now--now-3m From 3 minutes ago
to now. epoch--3/12/2011:12:00:00 Everything older than March 12th,
2011 at noon. 2008-03-12--indefinite Everything after midnight on
March 12th, 2008.
DateX When specifying a date range, the second date may be left
out. This will cause the system to assume the second date in the
range to be now. Using this format for a date range may make it
confusing when using the NowX date format listed above. The
following examples will help clarify how to use this format with
any supported Date Format.
Examples: Input Date Description
now-3d From 3 days ago to now. now+3w From now to 3 weeks from
now. epoch Everything before the current date and time. indefinite
Everything after the current date and time.
SEE ALSO tmsh, create, modify
COPYRIGHT No part of this program may be reproduced or
transmitted in any form or by any means, electronic or mechanical,
including photocopying, recording, or information storage and
retrieval systems, for any purpose other than the purchaser's
personal use, without the express written permission of F5
Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2013, 2016. All rights
reserved.
BIG-IP 2016-03-14 time(1)
tmshNAME tmsh - Traffic Management Shell - A command line
interface for managing the BIG-IP(r) system.
DESCRIPTION
-
You can use tmsh to configure and manage the BIG-IP system in
conjunction with the Configuration utility, which is the
browser-based BIG-IP system and network management tool.
MODULES The structure of tmsh is hierarchical and modular. The
highest level is the root module, which contains subordinate
modules: auth, cli, gtm, ltm, net, sys and wom. Use the command
help with no arguments to display the module hierarchy relative to
the current module.
The gtm, ltm, net, sys, and wom modules also contain subordinate
modules. All modules and subordinate modules contain components. To
display the list of modules and components that are available in
the current module type Tab or ? at the tmsh prompt.
Commands operate on components. To display the list of available
commands type Tab or ? at the beginning of the command line. To
display a list of components on which a command can operate type
the command followed by a space followed by Tab or ?.
The following examples illustrate how to navigate the tmsh
hierarchy.
To enter a module, type the name of the module at the tmsh
prompt.
(tmos)# ltm
The prompt displays the current module location.
(tmos.ltm)#
You can display the components in a module using the commands
list (configuration) and show (statistics and runtime status). The
following command sequence displays the virtual server
configuration of the BIG-IP system.
(tmos.ltm)# list virtual
In the following examples, the commands list and show display
information about only ltm components.
(tmos.ltm)# list (tmos.ltm)# show
You can access any component in any module from any other module
by specifying a complete path to the component. For example, from
the ltm module, the following command displays all of the
properties of the VLANs on the system. The forward slash /
specifies that what follows is relative to the root module.
(tmos.ltm)# list /net vlan all-properties
The forward slash is optional if the root module is the current
module. For example, the following command sequences display
profiles.
(tmos)# list ltm profile (tmos)# list /ltm profile (tmos)# list
/ ltm profile
Most components also support component mode. You can navigate to
a single component and run commands to manage that component. For
example, from the ltm module, to navigate to the node component,
use the following command.
(tmos.ltm)# node
To display the properties of all nodes, use the following
command.
(tmos.ltm.node)# list
You can also navigate to a specific object (object mode). For
example, from the node component, to enter object mode for a
specific node, enter the command modify followed by the IP address
of the node.
(tmos.ltm.node)# modify 10.1.1.10
In object mode, you can configure property settings directly.
For example, to set the connection limit for 10.1.1.10 to 10000,
use the following command.
(tmos.ltm.node.10.1.1.10)# connection-limit 10000
To exit a module enter the command exit at the tmsh prompt, as
shown below.
(tmos.ltm)# exit (tmos)#
PRODUCT PROVISIONING You must provision a BIG-IP system module
before you can use tmsh to configure that product, for example, the
Global Traffic Manager. The command sequence list sys provision
displays the BIG-IP system modules that can be provisioned. For
more information about provisioning, see the TMOS(r) Management
Guide for BIG-IP Systems and help sys provision.
LOADING/SAVING THE SYSTEM CONFIGURATION The system applies all
configuration changes that you make from within tmsh to the running
configuration of the system.
You can save a portion of the running configuration known as the
base configuration. You can also load the base configuration from
the stored configuration files.
-
To save the base configuration to the stored configuration
files, use the command sequence: save sys base- config. To replace
the running base configuration with the configuration in the stored
configuration files, use the command sequence: load /sys
base-config.
Additionally, you can save the entire running configuration or
load all of the stored configuration files.
To save the entire running configuration to the stored
configuration files, use the command sequence: save /sys config. To
replace the entire running configuration with the configuration in
the stored configuration files using the command sequence: load
/sys config.
HELP tmsh tmsh includes man pages for each of the commands and
components that are available within tmsh. You access the man pages
using the following command syntax: help [ [command] | [full path
to component] ].
For example, to access the man page for the vlan component from
the root module, use this command sequence: help / net vlan.
You can also search the man pages for information on a specific
topic. To do this you use the command syntax: help search [topic].
You can perform a help search from within any module in the tmsh
hierarchy. For example, to find the man pages that contain a
reference to VLANs, use this command sequence: help search vlan
To display a list of topics that are available in a module use
this command sequence: help [full path to module].
For example, to display the topics that are available in the
current module use this command: help. To display the topics that
are available in the net module use this command sequence: help /
net.
CONTEXT-SENSITIVE HELP tmsh includes a context-sensitive help
feature that provides help as you type commands. At any time, you
can type a question mark (?) on the command line, and tmsh returns
information to assist you in completing the command. Based on when
you type the question mark, you get the following results.
When you type a question mark immediately following any portion
of a command, tmsh returns possible completions for the command,
but does not complete the command as the command completion feature
does. When you type a space before the question mark, tmsh returns
descriptive text that explains the commands, components, or
properties that you can configure. When you type a question mark in
the middle of a command, tmsh returns help on the command to the
left of the cursor.
Note: To use a question mark in a Glob or regular expression,
you must escape the question mark using quotation marks,
apostrophes, or a backslash.
Additionally, you can request context-sensitive help for the
last command in a series of commands. For more information, see
ENTERING MULTIPLE COMMANDS, following.
COMMAND COMPLETION At any point while typing or editing a
command in tmsh, you can press the Tab key. tmsh either completes
the current or next word, or displays possible completions for the
current or next word. If tmsh displays nothing after you press the
Tab key, no options exist to complete the word. If you move the
cursor anywhere on the command line and press the Tab key, tmsh
completes what is to the left of the cursor.
Command completion also reduces the amount of typing that is
required to run commands. When you press the Tab key, the system
automatically completes the current command-line element to as many
unique characters as possible. If there is more than one possible
completion the list of possible completions displays. Command
completion also completes configuration object identifiers.
ENTERING MULTIPLE COMMANDS You can enter multiple commands on
the command line by separating the commands with semi-colons (;).
For example, to display the properties of the self IP addresses and
VLANs of the system, use this command sequence:
list / net self ; list / net vlan
When you enter multiple commands in this way, all of the
commands are added to the command history in a single line item,
regardless of whether any of the commands were successful. However,
if one of the commands that you enter fails to parse, tmsh does not
run the remaining commands you entered. tmsh audits commands as the
commands run; therefore, if a command fails to parse, tmsh does not
audit the remaining commands. For more information about the
command history, see COMMAND HISTORY, following.
You can also specify multiple commands in a command alias by
separating the commands with semi-colons. For example, to create an
alias that displays the properties of the VLANs and VLAN groups on
the system, use this command sequence:
create / cli alias vlans command "list / net vlan ; list / net
vlan-group"
You can request context-sensitive help and utilize the command
completion feature on the last command in a series of commands. For
example, the following command sequence displays help for the
vlan-group component.
list / net vlan ; list / net vlan-group ?
COMMAND HISTORY tmsh saves in the command history file each
command that you enter. The command history persists when you log
off of the system. The next time you log on to the system, you can
search for, display, and then edit, the tmsh commands that you
entered in previous sessions. The command history persists even
through a restart of
-
the BIG-IP system. For more information about the command
history feature, see help history.
The following examples show how to use the command history
feature.
To display the commands in the history list, enter either the
command sequence show history or an exclamation point (!). tmsh
displays a list of commands each preceded by a numeric ID.
To run a command from the history list, enter an exclamation
point followed by the numeric ID of the command.
To run the previous command, enter !!.
FILTERING OUTPUT You can filter the output generated by the
commands list (configuration settings) and show (statistics and
runtime status) using the UNIX grep utility. You must type the
character | before the grep specification. You can use multiple
filters chained together. For a list of supported grep options, see
the Traffic Management Shell (tmsh) Reference Guide.
The following examples show how to use the grep utility in
tmsh.
list ltm node | grep "^10\.2" list ltm virtual | grep -i seattle
list ltm virtual | grep -i abc | grep -i ab | grep -i a
KEYBOARD BINDINGS tmsh supports vi, emacs and default keyboard
bindings. You can set the binding using the keymap preference. For
more information, see help cli preference. For a detailed
description of the default mapping, see the Traffic Management
Shell (tmsh) Reference Guide.
Note that all mappings provide command-line editing and the
capability to search the command history.
WILDCARD OBJECT IDENTIFIERS You can specify configuration object
identifiers using glob and regular expression syntax.
For glob and regular expression syntax rules, see help glob and
help regex. Note that you can escape the glob and regular
expression special characters using a back slash.
The following examples show how to use glob and regular
expressions in tmsh.
Uses a glob expression to display the configuration of all nodes
that begin with 10.1..
list ltm node 10.1.*
Uses a regular expression to display the configuration of all
nodes that begin with 10. and contain .44.. Note that a regular
expression must begin with an @ symbol. This identifies to tmsh
that the identifier should be treated as a regular expression and
not a glob or standard object identifier. The leading @ is not part
of the regular expression.
list ltm node @^10\..*\.44\.
PREFERENCES You can customize the behavior of tmsh. For more
information, see help cli preference.
FILES tmsh manages several files in a user's home directory.
$HOME/.tmsh-history- contains command history.
STATISTICS You can use tmsh to display statistics, including
historical performance statistics. You can select the format in
which the statistics display, as well as reset the statistics for
some of the tmsh components. To determine if statistics are
available for a component, see the man page for the specific
component.
The following examples show how to display and reset statistics
for the net interface component from the root module.
show net interface reset-stats net interface
The following examples show how to display and reset statistics
for the net interface component from the net module.
show interface reset-stats interface
AUTOMATING TMSH You can use tmsh to build TCL scripts to
automate management of the BIG-IP. See the cli script help
page.
COMMAND LINE OPTIONS The following options can be specified when
tmsh is started from the system shell.
-a tmsh does not write commands to the command history file.
Note that if auditing is enabled, tmsh continues to write
commands to the audit log. This option is useful when writing
scripts from the system shell, because it stops the scripts from
filling up the command history file. This option applies to the
non-interactive mode only.
-c Run the specified command. A command that contains multiple
arguments must be in quotes. No other options
-
may be specified after -c
-d [ip address | host name] Connects to the specified blade in a
clustered system.
-e Disables video highlighting in tmsh.
-h Displays options you can use when accessing tmsh from the
system shell.
-m Generates a tmsh debug log named tmsh.out in the current
directory.
Note that when you run a tmsh script, the shell generates a
debug log file for the script named tmsh.out.[script name].
Using this option causes tmsh to run significantly slower.
-q Prevents tmsh from responding to user actions with questions.
This option is useful when writing non- interactive shell scripts
from the system shell.
-r This option allows the user to run TMSH the specified
version. This is used to provide backwards compatibility for older
TMSH syntax only. The version must be specified in the format
maj.min.pt, for example 11.5.0
SEE ALSO Detailed information on the following topics is
available through the help command: cli preference, cli script,
glob, help, regex, and sys provision.
For complete information about tmsh, see the Traffic Management
Shell (tmsh) Reference Guide. This guide is available on the
AskF5(sm) Knowledge Base ().
COPYRIGHT No part of this program may be reproduced or
transmitted in any form or by any means, electronic or mechanical,
including photocopying, recording, or information storage and
retrieval systems, for any purpose other than the purchaser's
personal use, without the express written permission of F5
Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2010, 2012. All rights
reserved.
BIG-IP 2014-02-18 tmsh(1)
Commands
cdNAME cd command - Change the current working folder.
MODULE All tmsh modules.
SYNTAX Use the command cd to change the current working
folder.
cd [folder name] cd /[folder name]
DESCRIPTION The command cd [folder name] changes the current
working folder to allow the user navigation around the folder
system (see sys folder). The command pwd displays the current
working directory.
The current working folder may be listed in the tmos command
prompt while in tmsh interactive mode (see cli preference).
Folder names are separated by a forward slash /.
There are two built-in folders:
/ is the root folder
/Common is the default folder for creating new configurations
objects.
Additionally, the following directory entries:
. is the current folder
.. is the parent folder
-
EXAMPLES cd /Common
Change the current working folder to /Common.
cd resources
Change the current working folder to resources. In this example
the resources folder is relative to the current working folder. As
an example, if the current working folder was /Common, the new
working folder will be /Common/resources.
cd resources/profiles/udp
Multiple folders may be specified. Tab complete assists filling
the command line with folder names.
cd /
Make the current working folder the root folder.
cd ../Alpha
Change the working directory by first going to the parent, and
then switch to the sub-folder Alpha.
SEE ALSO help, pwd, sys folder, tmsh
COPYRIGHT No part of this program may be reproduced or
transmitted in any form or by any means, electronic or mechanical,
including photocopying, recording, or information storage and
retrieval systems, for any purpose other than the purchaser's
personal use, without the express written permission of F5
Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2010. All rights
reserved.
BIG-IP 2011-08-31 cd(1)
cpNAME cp command - Creates a copy of a TMOS(tm) configuration
object.
MODULE All tmsh modules.
SYNTAX Use the command cp within a tmsh module to create a copy
of the component that resides in that module. To create a copy
component that resides in another module, use the full path to the
component.
cp [component] [source] [destination] cp / [module...module]
[component] [source] [destination]
DESCRIPTION You must provide a unique name for each component
destination of the copy operation.
EXAMPLES cp template mytemplate newtemplate
From within the sys application module, creates a new
Application Template named newtemplate with the same properties as
mytemplate .
cp / cli script my_script1 my_script2
From within the sys application module, copies the my_script1
script to my_script2 within the cli module.
OPTIONS component Specifies the type of the component that you
want to copy.
module Specifies the module within which the component that you
want to copy resides.
source Specifies the component to be copied.
destination Specifies a unique name for the component that will
be created as part of the copy.
SEE ALSO tmsh
COPYRIGHT
-
No part of this program may be reproduced or transmitted in any
form or by any means, electronic or mechanical, including
photocopying, recording, or information storage and retrieval
systems, for any purpose other than the purchaser's personal use,
without the express written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2010. All rights
reserved.
BIG-IP 2010-12-06 cp(1)
createNAME create command - Creates a TMOS(tm) configuration
component.
MODULE All tmsh modules.
SYNTAX Use the command create within a tmsh module to create a
component that resides in that module. To create a component that
resides in another module, use the full path to the component.
create [component] [name] [property [value]...] create /
[module...module] [component] [name] [property [value]...]
DESCRIPTION You must provide a unique name for each component
that you create.
EXAMPLES create pool pool1
From within the gtm module, creates a Global Traffic Manager
pool named pool1.
create / ltm pool my_pool
From within the gtm module, creates a Local Traffic Manager pool
named my_pool.
OPTIONS component Specifies the type of the component that you
want to create.
module Specifies the module within which the component that you
want to create resides.
name Specifies a unique name for the component.
property [value]... Specifies properties for the component and
their values.
SEE ALSO tmsh
COPYRIGHT No part of this program may be reproduced or
transmitted in any form or by any means, electronic or mechanical,
including photocopying, recording, or information storage and
retrieval systems, for any purpose other than the purchaser's
personal use, without the express written permission of F5
Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2010, 2013, 2016. All
rights reserved.
BIG-IP 2016-03-14 create(1)
deleteNAME delete command - Deletes a tmsh component.
MODULE All tmsh modules.
SYNTAX Use the command delete within a tmsh module to delete a
component that resides in that module. To delete a component that
resides in another module, use the full path to the component.
delete [component] [name]
-
delete / [module...module] [component] [name]
DESCRIPTION You must provide the name of the component that you
want to delete.
EXAMPLES delete pool pool1
From within the gtm module, deletes the Global Traffic Manager
pool named pool1.
delete / ltm pool my_pool
From within the gtm module, deletes the Local Traffic Manager
pool named my_pool.
OPTIONS component Specifies the type of the component that you
want to delete.
module Specifies the module within which the component that you
want to delete resides.
name Specifies the name of the component that you want to
delete. All may be used as an identifier for most component
types.
recursive Deletes all items in the current folder and all
sub-folders that match the module, component and the name
specified. all may be used as the name identifier with this
command.
Note: When using recursive and all together, you will be
prompted to verify this action. If you wish to disable this prompt,
you may run tmsh using the -q command-line option. This is very
useful when writing scripts that use this command.
SEE ALSO tmsh
COPYRIGHT No part of this program may be reproduced or
transmitted in any form or by any means, electronic or mechanical,
including photocopying, recording, or information storage and
retrieval systems, for any purpose other than the purchaser's
personal use, without the express written permission of F5
Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2010, 2013, 2016. All
rights reserved.
BIG-IP 2016-03-14 delete(1)
editNAME edit command - Opens the specified components in an
editor.
MODULES All tmsh modules.
SYNTAX Use the command edit to create components or modify the
configuration of components using a text editor. To edit a
component that resides in another module, use the full path to the
component.
edit [component] [name ... name | all] edit / [module...module]
[component] [name ... name | all]
DESCRIPTION You can use the command edit to create or modify
components in the auth, cli, gtm, ltm, net, sys and wom modules,
and iRules(r).
If you are assigned the role of Administrator, when you use the
command edit, the system starts the vi editor. If you are assigned
any other role, the system starts the pico/nano editor.
The system saves, in a temporary directory, the text file, named
data, that you are editing. When you save the file and close the
editor, the system checks for errors, and then prompts you with an
opportunity to continue editing and resolve any errors.
When you edit an existing component that can have associations,
such as a Global Traffic Manager wide IP that can have pool member
associations. but the component does not currently have
associations, to create the new associations, you must use the full
command syntax in the text file. For the full command syntax for
each component, see the associated man page.
When you edit a component that has associations with components
that are children of the component you are editing, the text file
contains a line for the configuration of the child components that
begins with the command modify, for example: pools modify {
[existing pool members configurations] }. In this case, if you want
to add or delete pool members, you must add additional lines to the
text file, for example: pools delete { [pool members to delete]
}.
-
If you want the text file that opens to contain all of the
editable properties of the component that you want to edit, you
must use the all-properties option at the end of the edit command
sequence; otherwise, only the non-default properties display in the
text file.
EXAMPLES edit / gtm pool a*
From the root module, opens a file in an editor in which you can
modify the configuration of all Global Traffic Manager pools with
names that start with the letter a using the template that displays
in the editor.
edit datacenter new_dc
From the gtm module, opens a file in an editor in which you can
create the Data Center named new_dc using the template that
displays in the editor.
edit datacenter a*
From the gtm module, opens a file in an editor in which you can
edit all existing datacenters with names that begin with the letter
a.
edit datacenter new_datacenter existing_datacenter
From the gtm module, opens a file in an editor in which you can
create a new datacenter and edit an existing datacenter. Note that
when the file opens, a template displays that you can use to create
a new datacenter followed by the configuration of the existing
datacenter.
edit rule rule_1
From the gtm module, opens a file in an editor in which you can
create an iRule named rule_1 using the template that displays in
the editor.
When the editor opens, and you are creating or editing an iRule,
you must enclose the iRule syntax in brackets, for example, [
...iRule... ]. Note that the template includes the brackets.
OPTIONS all Specifies that you want to modify all of the
existing components of the specified type.
component Specifies the type of component that you want to
create or modify.
module Specifies the module within which the component
resides.
name Specifies a unique name of each component that you want to
create or modify.
SEE ALSO tmsh
COPYRIGHT No part of this program may be reproduced or
transmitted in any form or by any means, electronic or mechanical,
including photocopying, recording, or information storage and
retrieval systems, for any purpose other than the purchaser's
personal use, without the express written permission of F5
Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2010, 2012-2013. All
rights reserved.
BIG-IP 2013-03-22 edit(1)
exitNAME exit command - Exits a tmsh module or component.
MODULE All tmsh modules.
SYNTAX Use the command exit within a tmsh module or component to
leave that module or component and return to the higher level of
the shell structure.
exit
Note that to exit tmsh and return to the BIG-IP(r) system
prompt, use the command quit.
DESCRIPTION For more information about the structure of tmsh,
see the Traffic Management Shell (tmsh) Reference Guide.
SEE ALSO tmsh
-
COPYRIGHT No part of this program may be reproduced or
transmitted in any form or by any means, electronic or mechanical,
including photocopying, recording, or information storage and
retrieval systems, for any purpose other than the purchaser's
personal use, without the express written permission of F5
Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2012. All rights
reserved.
BIG-IP 2012-04-05 exit(1)
generateNAME generate - Generate signed scripts using different
algorithms for components (for example, iRules).
MODULE All tmsh modules.
DESCRIPTION Use the generate command to generate signed scripts
for components. Currently two algorithms are supported: checksum
and signature.
generate checksum generate signature signing-key
SEE ALSO ltm rule, sys application template
COPYRIGHT No part of this program may be reproduced or
transmitted in any form or by any means, electronic or mechanical,
including photocopying, recording, or information storage and
retrieval systems, for any purpose other than the purchaser's
personal use, without the express written permission of F5
Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2009-2012. All rights
reserved.
BIG-IP 2014-04-08 generate(1)
helpNAME help command - Displays context-sensitive help
text.
MODULE All tmsh modules.
SYNTAX Use the command help within a tmsh module to display
information about the components that reside within that module, or
at the component level to display help about the component. To
display help for a component that resides in one module from within
another module, use the full path to the component.
Type the question mark (?) character anywhere in tmsh to display
a list of modules, components, and commands that are available
within the module in which you are currently working.
? help help [module...module] help [component] help /
[module...module] [component] help search [text]
DESCRIPTION You can display tmsh man pages using the command
help.
EXAMPLES ?
From within the gtm module, displays a list of modules,
components, and commands that are available.
help pool
From within the gtm module, displays help about Global Traffic
Manager pools.
help / ltm pool
-
From within the gtm module, displays help about Local Traffic
Manager pools.
OPTIONS component Specifies the type of the component for which
you want to display help.
search Use the search option to find help topics that contain
the specified text. The search is case insensitive. Text that
contains a space or special tmsh characters must be quoted. Note
that the search will not always find text that spans multiple
lines.
module Specifies the module within which the component for which
you want to display help resides.
SEE ALSO tmsh
COPYRIGHT No part of this program may be reproduced or
transmitted in any form or by any means, electronic or mechanical,
including photocopying, recording, or information storage and
retrieval systems, for any purpose other than the purchaser's
personal use, without the express written permission of F5
Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2010, 2012. All rights
reserved.
BIG-IP 2012-10-19 help(1)
installNAME install - Install and update components.
MODULE All tmsh modules.
DESCRIPTION Use the command install to install or update the
following components. For the description and syntax see the help
page for each component.
sys license sys software block-device-hotfix sys software
block-device-image sys software hotfix sys software image
SEE ALSO sys license, sys software block-device-hotfix, sys
software block-device-image, sys software hotfix, sys software
image, tmsh
COPYRIGHT No part of this program may be reproduced or
transmitted in any form or by any means, electronic or mechanical,
including photocopying, recording, or information storage and
retrieval systems, for any purpose other than the purchaser's
personal use, without the express written permission of F5
Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2009-2012. All rights
reserved.
BIG-IP 2014-04-20 install(1)
listNAME list command - Displays components that you have
permission to view.
MODULE All tmsh modules.
SYNTAX Use the list command within a tmsh module to display the
properties of the components in that module. To display the
properties of the components in one module from within another
module, use the full path to the component.
list [component]
-
list [component] [name] list [component] [name] [property] list
/ [module...module] [component] [name] [property] options:
all-properties current-module non-default-properties one-line
partition recursive
DESCRIPTION When the default Read partition is All, use the list
command to display all of the components that you have permission
to view within a tmsh module. When you specify a Read partition,
the list command displays:
· Only the components that you have permission to view in the
current partition
· All of the components that are not in partitions
· All of the components in partition Common
EXAMPLES list / ltm
From within the gtm module, displays the properties of all of
the components in the ltm module, including the components in the
ltm monitor, ltm persistence, and ltm profile modules.
list / ltm current-module
From within the gtm module, displays the properties of all of
the components in the ltm module, not including the components in
the ltm monitor, ltm persistence, and ltm profile modules.
list pool
From within the gtm module, displays the properties of all of
the Global Traffic Manager pools.
list pool all-properties
From within the gtm module, displays all of the properties of
all of the Global Traffic Manager pools.
list pool monitor
From within the gtm module, displays the monitor associated with
each Global Traffic Manager pool.
list / ltm pool
From within the gtm module, displays the properties of all of
the Local Traffic Manager pools.
OPTIONS all-properties Displays the values of all of the
properties of the specified component.
component Specifies the component that you want to display.
current-module Specifies to display only the components that
reside in the specified module, not the components that reside in
the sub-modules of that module.
For example, from within the ltm module to display only the
components in the gtm module, and not the components in the gtm
monitor and gtm settings sub-modules, use the following command
sequence: list / gtm current-module.
module Specifies the module within which the component that you
want to display resides.
Note: When you use the command list at the module level, by
default, the system does not display all of the components that
reside in the specified module. To display the properties of some
components you must explicitly specify the component. For example,
from the ltm module, to display the virtual addresses for the Local
Traffic Manager, use this command sequence:
list virtual-address
For more information about displaying the properties of a
component, see the man page for the component.
name Specifies the unique name of the component.
non-default-properties Displays the values of all of the
properties for which a user changed the value from the default
value for the specified component.
one-line Displays the configuration for each object on one line.
Configuration that consists of scripts will not be formatted on to
a single line. This include ltm and gtm iRules and tmsh
scripts.
partition Displays the administrative partition within which the
specified component exists.
-
property Specifies the property of the component that you want
to display.
recursive Specifies to display the components not only from the
current folder but also from all sub-folders recursively.
SEE ALSO tmsh
COPYRIGHT No part of this program may be reproduced or
transmitted in any form or by any means, electronic or mechanical,
including photocopying, recording, or information storage and
retrieval systems, for any purpose other than the purchaser's
personal use, without the express written permission of F5
Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2010, 2013, 2016. All
rights reserved.
BIG-IP 2016-03-14 list(1)
loadNAME load command - Replaces the running configuration of
the BIG-IP(r) system with the configuration in the specified files.
You can also use this command to import an ASM policy from a file /
standard input, and to install the Anti-fraud engine / signatures
update.
MODULE All tmsh modules.
SEE ALSO save, tmsh, asm policy, ltm dns dns-express db, sys
config, sys geoip, sys ucs
COPYRIGHT No part of this program may be reproduced or
transmitted in any form or by any means, electronic or mechanical,
including photocopying, recording, or information storage and
retrieval systems, for any purpose other than the purchaser's
personal use, without the express written permission of F5
Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2012. All rights
reserved.
BIG-IP 2014-12-30 load(1)
modifyNAME modify command - Modifies a tmsh component.
MODULE All tmsh modules.
SYNTAX Use the command modify within a tmsh module to modify a
component that resides in that module. To modify a component in one
module from within another module, use the full path to the
component.
modify [component] [name] [property [value] ]... modify /
[module...module] [component] [name] [property [value] ]...
DESCRIPTION You must provide the name of the component that you
want to modify.
You can apply one or more property settings to multiple
components using a single command sequence. For example, to
associate the Local Traffic Manager pool named pool-1 with the
virtual servers named virtual-1 and virtual-2, use this command
sequence: modify ltm virtual virtual-1 virtual-2 pool pool-1
EXAMPLES modify pool pool1 disabled
From within the gtm module, disables the Global Traffic Manager
pool named pool1.
modify / ltm pool my_pool disabled
From within the gtm module, disables the Local Traffic Manager
pool named my_pool.
-
OPTIONS component Specifies the type of the component that you
want to modify.
module Specifies the module within which the component that you
want to modify resides.
name Specifies the unique name of the component that you want to
modify.
property [value]... Specifies the properties of the component
that you want to modify and their new values.
SEE ALSO tmsh
COPYRIGHT No part of this program may be reproduced or
transmitted in any form or by any means, electronic or mechanical,
including photocopying, recording, or information storage and
retrieval systems, for any purpose other than the purchaser's
personal use, without the express written permission of F5
Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2010, 2013, 2016. All
rights reserved.
BIG-IP 2016-03-14 modify(1)
mvNAME mv command - Renames or moves a TMOS(tm) configuration
object.
MODULE All tmsh modules.
SYNTAX Use the mv command within a tmsh module to move or rename
the component that resides in that module. To move a component that
resides in another module, use the full path to the component.
mv [component] [source] [destination] mv / [module...module]
[component] [source] [destination]
DESCRIPTION You must provide a unique name for the source and
destination of the move operation.
WARNING Currently MV is an experimental feature. By using this
feature, you may be subject to loss of statistics and disruption in
GTM service. If you plan to move or rename a Virtual Server, please
contact your GTM administrator before doing so. You may enable this
feature by setting the appropriate db variable. This can be done by
issuing the command:
modify /sys db mcpd.mvenabled value true
This will turn on the feature and allow moving and rename of
select objects through TMSH only. Once you have finished using the
feature, we recommend disabling it once again. You may do this by
issuing the following command:
modify /sys db mcpd.mvenabled value false
Please use responsibly.
EXAMPLES mv cm device bigip seattle32
Renames the device named bigip to seattle32.
mv ltm pool mypool myotherpool
Renames the LTM Pool named mypool to myotherpool.
mv ltm pool /Common/by/mypool /Common/myotherpool
/Common/sub/mythirdpool to-folder /Partition2/sub1
Moves the 3 pools in 3 different locations named mypool,
myotherpool and mythirdpool into a single folder in another
partition.
OPTIONS to-folder Specifies the folder to move the item or items
into.
component Specifies the type of the component that you want to
move.
destination
-
Specifies a unique name for the component.
module Specifies the module within which the component that you
want to move resides.
source Specifies the component to be moved.
SEE ALSO tmsh
COPYRIGHT No part of this program may be reproduced or
transmitted in any form or by any means, electronic or mechanical,
including photocopying, recording, or information storage and
retrieval systems, for any purpose other than the purchaser's
personal use, without the express written permission of F5
Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2012. All rights
reserved.
BIG-IP 2014-03-25 mv(1)
publishNAME publish - Finalizes changes in the policy by
creating a read-only copy of it.
MODULE All tmsh modules.
DESCRIPTION Use the command publish to make wam policies
available for usage in wam applications. You can also use this
command to apply asm policies. For the description and syntax see
the help page for wam policy or asm policy.
SEE ALSO asm policy, wam policy, tmsh
COPYRIGHT No part of this program may be reproduced or
transmitted in any form or by any means, electronic or mechanical,
including photocopying, recording, or information storage and
retrieval systems, for any purpose other than the purchaser's
personal use, without the express written permission of F5
Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2009-2012. All rights
reserved.
BIG-IP 2012-09-05 publish(1)
pwdNAME pwd command - Display the current working folder.
MODULE All tmsh modules.
SYNTAX Use the command pwd to display the current working
folder.
pwd
DESCRIPTION Display the current working folder
EXAMPLES pwd
SEE ALSO cd, help, sys folder, tmsh
COPYRIGHT No part of this program may be reproduced or
transmitted in any form or by any means, electronic or mechanical,
including photocopying, recording, or information storage and
retrieval systems, for any purpose other than the purchaser's
personal use, without the express written permission of F5
Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2012. All rights
reserved.
-
BIG-IP 2012-04-05 pwd(1)
quitNAME quit command - Exits tmsh.
MODULE All tmsh modules.
SYNTAX Use the following command at the tmsh prompt to close
tmsh and return to the BIG-IP(r) system prompt.
quit
Note that to exit a tmsh module or component, you use the
command exit.
SEE ALSO tmsh
COPYRIGHT No part of this program may be reproduced or
transmitted in any form or by any means, electronic or mechanical,
including photocopying, recording, or information storage and
retrieval systems, for any purpose other than the purchaser's
personal use, without the express written permission of F5
Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2010. All rights
reserved.
BIG-IP 2010-12-06 quit(1)
rebootNAME reboot command - Reboots the system or boots the
system into a different volume.
MODULE All tmsh modules.
SYNTAX reboot options: slot [ [slot number] | all ] volume
[name]
DESCRIPTION You can use the command reboot to reboot the system
or cluster. If you do not specify an option, the local system
reboots.
You can use the volume option to reboot a system into a specific
volume. For a cluster, you can use the volume option to reboot all
slots into the specified volume.
Additionally, for a cluster, you can use the slot option to
reboot either a specific slot or all slots. Note that the slot
option does not modify the active volume.
EXAMPLES reboot
Immediately reboots the running image.
reboot volume HD1.2
If the volume HD1.2 has a complete image on it, the system (or
cluster) reboots into that image immediately. However, if a
software installation is in progress on the volume the system
reboots as soon as the installation is complete.
If the volume contains software that is not a version permitted
by the license a warning will be displayed requiring the user to
input Y/N with the Y standing for 'Yes', proceed with the reboot,
or N for 'No', stop the reboot and return to the tmsh command
line.
OPTIONS slot [ [slot number] | all ] Reboots either a specific
slot or all slots in a cluster, without changing the active volume
of the
-
slot(s).
This option is only available in a clustered environment.
Note: The slot and volume options are mutually exclusive.
volume Specifies the volume that you want to boot. The volume
you specify becomes the default boot volume. You cannot specify the
active volume. In a clustered environment all slots reboot into the
same volume.
Note: The slot and volume options are mutually exclusive.
SEE ALSO install, sys software hotfix, sys software image, sys
software status, sys software volume, tmsh
COPYRIGHT No part of this program may be reproduced or
transmitted in any form or by any means, electronic or mechanical,
including photocopying, recording, or information storage and
retrieval systems, for any purpose other than the purchaser's
personal use, without the express written permission of F5
Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2009-2012. All rights
reserved.
BIG-IP 2019-05-02 reboot(1)
reset-statsNAME reset-stats - Resets statistics for the
specified components.
MODULE All tmsh modules.
SYNTAX Use the command reset-stats within a tmsh module to reset
the statistics for the specified component to zero. To reset the
statistics for the specified component in one module from within
another module, use the full path to the component.
reset-stats [component] reset-stats [component] [name]
reset-stats / [module...module] [component] reset-stats /
[module...module] [component] [name]
DESCRIPTION You can reset statistics for a group of components,
or you can reset statistics for a specific component.
After you reset statistics, when you run the command show, you
may see a value of nan. This stands for not a number, which
indicates that no data is currently available. Wait a few moments
and run the command show again, and in most cases the nan value
will be replaced by an integer value.
It is important to note the following when you reset
statistics:
· For a dat