analytics network stale-rulesΒΆ

analytics network stale-rules(1)		  BIG-IP TMSH Manual		     analytics network stale-rules(1)

NAME
       stale-rules - Displays a network firewall stale rules report.

MODULE
       analytics network

SYNTAX
       Show an analytics network stale-rules report using the syntax shown in the following sections.

   DISPLAY
	show stale-rules type [ enforced | staged ]

	 options:

	  drilldown {
	    {
		entity [ context | policy | rule-name ]
		values
		{
		  [value ...]
		}
	    } ...
	  }

	  field-fmt
	  first-rule-number [ value ]
	  number-of-rules [ value ]
	  range [ date range ]

DESCRIPTION
       Use this command to generate network firewall stale rules reports. A stale rule is one that has had not hits,
       or very few hits, over a specified time period.	The report is displayed in order from the least-hit rules
       (including rules with no hits) to the most hit rules.  You can generate a stale rules report for either
       enforced or staged rules.

EXAMPLES
       show analytics network stale-rules type enforced

	    Shows a stale rules report for enforced rules (either inline or not).

       show analytics network stale-rules type staged drilldown { { entity context values { /Common/virtual_server_1
       } } }

	    Shows a stale rules report for staged rules in the context of the virtual server /Common/virtual_server_1

       show analytics network stale-rules type enforced number-of-rules 100 range now-1w

	    Shows a stale rules report for enforced rules. 100 rules are shown in the report.  This report is shown
	    for the last week (including the last day).

       show analytics network stale-rules type enforced first-rule-number 10 number-of-rules 100 range now-1w

	    Shows a stale rules report for enforced rules. The first least hit 9 rules are skipped, and 100 rules are
	    shown in the report.  This report is shown for the last week (including the last day).

       show analytics network stale-rules type enforced first-rule-number 10 number-of-rules 100 range now-1d--now-1w

	    Shows a stale rules report for enforced rules. The first least hit 9 rules are skipped, and 100 rules are
	    shown in the report.  This report is shown for the last week, excluding the last day.

OPTIONS
       drilldown
	    Specifies specific entities that are used as a filter.

       field-fmt
	    Shows statistics in field format for the specified items.

       first-rule-number
	    Specifies the first rule number being displayed (rules are ordered by hit count in an ascending order).

       number-of-rules
	    Specifies the maximum number of firewall rules being displayed in the output result set. The default
	    value is 10.

       range
	    Specifies the time/date range of the analytics information that you want to display. The given results
	    will reflect the time range chosen here. The default value is the last hour (now--now-1h).

SEE ALSO
       analytics, analytics report, security analytics settings, show, tmsh

COPYRIGHT
       No part of this program may be reproduced or transmitted in any form or by any means, electronic or
       mechanical, including photocopying, recording, or information storage and retrieval systems, for any purpose
       other than the purchaser's personal use, without the express written permission of F5 Networks, Inc.

       F5 Networks and BIG-IP (c) Copyright 2008-2013. All rights reserved.

BIG-IP						      2013-11-04		     analytics network stale-rules(1)