iRule(s) uses the deprecated matchclass command-f5-all
Vendor: f5
OS: all
Description:
The matchclass command in iRules has been deprecated. indeni will alert if any iRules still use it.
Remediation Steps:
Information about the class command can be found at https://devcentral.f5.com/wiki/iRules.class.ashx
How does this work?
This alert logs into the F5 through SSH and parses all iRules looking for usage of the command “matchclass”.
Why is this important?
The command “matchclass” is used to check if a value is contained within a data group list. While still supported the command has been deprecated in favor of the more powerful and efficient “class” command.
Without Indeni how would you find this?
Log into the device through SSH. Enter TMSH and issue the command “cd /;list ltm rule recursive”. Look through each iRule definition for the use of the “matchclass” command.
f5-tmsh-list-ltm-rule-recursive
name: f5-tmsh-list-ltm-rule-recursive
description: Find use of matchclass
type: monitoring
monitoring_interval: 60 minutes
requires:
vendor: f5
product: load-balancer
shell: bash
comments:
f5-matchclass-used:
why: |
The command "matchclass" is used to check if a value is contained within a data group list. While still supported the command has been deprecated in favor of the more powerful and efficient "class" command.
how: |
This alert logs into the F5 through SSH and parses all iRules looking for usage of the command "matchclass".
can-with-snmp: false
can-with-syslog: false
steps:
- run:
type: SSH
command: tmsh -q -c "cd /;list ltm rule recursive"
parse:
type: AWK
file: tmsh-list-ltm-rule-recursive.parser.1.awk
f5_matchlass_used
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/f5/f5_matchlass_used.scala