I know this is old, but here is the final working script, for anyone interested in capturing F5 configuraitons(most of the config anyways:
!/opt/SPECTRUM/bin/perl -w
# This script will capture the running configuration of a
# BigIP F5 device through an SSH session and print it to STDOUT.
#
# Error Codes:
# 0 = Success
# 255 = Usage error
# 254 = Invalid timeout value
# 252 = Invalid Prompt
# 251 = Permission Denied Error
# 250 = Login Failed
# 249 = Exec prompt not found error
# 244 = Error retrieving configuration
# 245 = Insufficient privileges
# 253 = Unexpected output
#
use strict;
use warnings;
use Net::SSH::Expect;
$ENV{'PATH'} = "/usr/bin:" . $ENV{'PATH'};
### Main ###
if ( $#ARGV != 4 && $#ARGV != 5 ) {
print "Usage: BigIP_F5_capture.pl <device IP> <user> <pass> <enable_pass>
<login_timeout_in_seconds> <capture_timeout_in_seconds>\n";
print STDERR "Usage: BigIP_F5_capture.pl <deviceIP> <user> <pass>
<enable_pass> <login_timeout_in_seconds> <capture_timeout_in_seconds>\n";
exit 255;
}
elsif ( $ARGV[4] < 1 || $ARGV[4] > 600 ) {
print "$ARGV[4] is the login timeout and must be an int between 1 and 600 seconds\n";
print STDERR "$ARGV[4] is the login timeout and must be an int between 1 and 600 seconds\n";
exit 254;
}
elsif ( $#ARGV == 5 && ( $ARGV[5] < 1 || $ARGV[5] > 600 ) ) {
print "$ARGV[5] is the capture timeout and must be an int between 1 and 600 seconds\n";
print STDERR "$ARGV[5] is the capture timeout and must be an int between 1and 600 seconds\n";
exit 254;
}
else {
my $capture_timeout = $ARGV[4];
if ( $ARGV[5] ) {
$capture_timeout = $ARGV[5];
}
my $errorCode = 1;
my @data;
my $errorString = "\nHost $ARGV[0]: \n";
( $errorCode, @data ) = GetConfig( $ARGV[0], $ARGV[1], $ARGV[2], $ARGV[3], $ARGV[4], $capture_timeout );
if ( $errorCode == 0 ) {
# Success. The startup configuration
# content is in the data variable
foreach (@data) { print "$_\n" }; # print the configuration to STDOUT
exit 0;
}
else {
print STDERR $errorString;
if ( $errorCode == 245 ) {
print STDERR join " ", @data, "\nEnsure that the device user has
sufficient privileges to disable paging and view the config\n";
}
else {
print STDERR join " ", @data, "\n";
}
exit $errorCode;
}
}
exit 0;
sub GetConfig {
my $deviceIP = shift;
my $user = shift;
my $pass = shift;
my $epass = shift;
my $login_timeout = shift;
my $capture_timeout = shift;
my @config;
my $msg;
my $ssh = Net::SSH::Expect->new(
host => $deviceIP,
user => $user,
password => $pass,
raw_pty => 1,
no_terminal => 0,
timeout => $login_timeout
);
my $login_output = $ssh->login();
# check if the login and password is ok
if ( $login_output =~ /denied/ ) {
$msg = "Login has failed. Permission with credentials supplied. Please check the device.\nThe username in use is $user";
$ssh->close();
return ( 251, $msg );
}
# login output should contain the right prompt characters
if ( $login_output !~ /(tmos)/ ) {
$msg = "Login has failed. Didn't see device prompt as expected.";
# print STDERR $login_output;
# print STDERR "Usage: BigIP_F5_capture.pl <$deviceIP> <$user> <$pass> <$epass> <$login_timeout> <$capture_timeout> <$login_output> \n";
$ssh->close();
return ( 252, $msg);
}
$ssh->exec("bash");
$ssh->send("cat /config/*.conf");
$ssh->timeout($capture_timeout);
$ssh->peek(0);
#discard the first line, which is the bash command
shift @config;
#discard the second line, which is the cat command
shift @config;
while( my $line = $ssh->read_line() )
{
# get configuration content
if( $line !~
/(tmos)|Active:In Sync|Standby:In Sync/ )
{
push @config, $line;
}
}
if ( @config <= 0 ) {
$msg = "No data retrieved, the capture timeout may be too low.";
$ssh->close();
return ( 244, $msg );
}
if ( scalar grep { $_ =~ /^%/ } @config ) {
# Ensure cat command actually returned the config and not an error
# message containing '%'
return ( 245, @config );
}
return ( 0, @config[0 .. $#config - 1] ); # everything was okay, return the captured data except last line
}
#
#END