Forum Discussion

anson's avatar
anson
Icon for Nimbostratus rankNimbostratus
Sep 17, 2019

script to find difference between scf file

Hi,

Is there a option in f5 to trigger an alert based on scf difference . We recently had an issue with our f5 and the suggestion was to post a query with devcentral to track difference in scf file .

Statement from the support team

"You should be able to generate an SCF with a known good configuration and compare it with one generated whenever changes are made. If you see that changes aren't being reflected in the new SCF, that would indicate that mcpd hasn't been updated with the new configuration. This would be a sign that you should contact support:"

 

Below is the pseudo code that f5 had suggested.

 

Setup:

  Generate starting SCF

  Create custom SNMP trap to alert on script alert log, possibly send an email or whatever alerting function you wish to use.

 

Script Functions:

  On Cron - Generate SCF

            Diff against starting SCF

            If Diff output is empty

                Delete the new SCF

            Else

                Use Logger to record alert log

                Handle the new file as desired

  • Hello Anson.

    Actually, I usually use something like this during upgrades.

    1. Capture SCF before upgrade (initial)
    2. Capture SCF after upgrade (final)
    3. Compare them to check the differences
    # tmsh save sys config file /shared/tmp/<date>_initial.scf no-passphrase
    # tmsh save sys config file /shared/tmp/<date>_final.scf no-passphrase
    # tmsh show sys config-diff /shared/tmp/<date>_initial.scf /shared/tmp/<date>_final.scf | egrep -e "\s{3}\|\s{3}" -e "[<]$" -e "^\s*[>]"

    Let me know if it helps.

    KR,

    Dario.