From c37733457579109bb6e39394968443bdfb8de6a2 Mon Sep 17 00:00:00 2001
From: Fabrizio Fiorucci <f.fiorucci@f5.com>
Date: Tue, 28 Mar 2023 19:26:36 +0200
Subject: [PATCH] BIG-IP visualization added

---
 README.md                             | 15 +++++---
 contrib/GUI/psql/psql-data.sql        | 50 +++++++++++++++++++++++++++
 contrib/GUI/psql/psql-schema.sql      | 29 ++++++++++++++++
 contrib/bigip-collect/README.md       | 14 +++++---
 contrib/bigip-collect/bigIPCollect.sh | 34 ++++++++++++++----
 5 files changed, 126 insertions(+), 16 deletions(-)

diff --git a/README.md b/README.md
index 6ed93d1..15ee02f 100644
--- a/README.md
+++ b/README.md
@@ -1,8 +1,10 @@
 # Second Sight
 
-## Description and features
+Second Sight is a comprehensive tool to track assets for:
 
-Second Sight is a comprehensive tool that helps tracking NGINX OSS and NGINX Plus instances managed by NGINX Instance Manager/NGINX Management Suite and TMOS (BIG-IP, VIPRION, BIG-IP Virtual Edition) instances managed by BIG-IQ.
+- NGINX OSS and NGINX Plus instances managed by NGINX Instance Manager/NGINX Management Suite
+- TMOS (BIG-IP, VIPRION, BIG-IP Virtual Edition) instances managed by BIG-IQ
+- TMOS (BIG-IP, VIPRION, BIG-IP Virtual Edition) without centralized management
 
 Second Sight [web GUI](/contrib/GUI) provides visibility and insights on collected data.
 
@@ -10,7 +12,9 @@ Second Sight [web GUI](/contrib/GUI) provides visibility and insights on collect
 
 <img src="/contrib/GUI/screenshots/6.nginx-analytics.png"/>
 
-Raw data is collected from NGINX Instance Manager/NGINX Management Suite and BIG-IQ to provide visibility and insights on:
+## Description and features
+
+Raw data is collected from NGINX Instance Manager/NGINX Management Suite, BIG-IQ and TMOS instances to provide visibility and insights on:
 
 - Software usage
 - Hardware usage
@@ -19,14 +23,15 @@ Raw data is collected from NGINX Instance Manager/NGINX Management Suite and BIG
 - Telemetry data (CPU, RAM, disk, network throughput, ...)
 - Analytics and drill-down
 - vCMP hosts and guests map (for BIG-IP and VIPRION)
+- NGINX modules (for NGINX OSS and NGINX Plus)
 - Time-based usage reporting (for NGINX OSS, NGINX Plus, NGINX App Protect WAF and NGINX App Protect WAF DoS)
 
-Second Sight has been tested against:
+Second Sight has been tested on:
 
 - NGINX Instance Manager/NGINX Management Suite 2.1.0+
 - BIG-IQ 8.1.0, 8.1.0.2, 8.2.0
 
-Communication to NGINX Instance Manager / BIG-IQ is based on REST API, current features are:
+Communication to NGINX Instance Manager / BIG-IQ / TMOS is based on REST API, current features are:
 
 - REST API and high level reporting - see [usage page](/USAGE.md)
 - JSON Telemetry mode
diff --git a/contrib/GUI/psql/psql-data.sql b/contrib/GUI/psql/psql-data.sql
index d74ef7a..96640f7 100644
--- a/contrib/GUI/psql/psql-data.sql
+++ b/contrib/GUI/psql/psql-data.sql
@@ -28,3 +28,53 @@ insert into edw_customers values
 
 insert into edw_contracts values
 (0,'Not available','','',0);
+
+-- https://support.f5.com/csp/article/K4309
+insert into hwplatforms values
+(1,'D110','7250','F5-BIG-7250'),
+(2,'D113','10200','F5-BIG-10200'),
+(3,'C113','4200','F5-BIG-4200'),
+(4,'C109','5200','F5-BIG-5200'),
+(5,'D116','I15800','F5-BIG-I15800'),
+(6,'C124','I11800','F5-BIG-I11800-DS'),
+(7,'C123','I11800','F5-BIG-I11800'),
+--(8,'','I10800','F5-BIG-I10800-D'),
+(9,'C116','I10800','F5-BIG-I10800'),
+(10,'C126','I7820-DF','F5-BIG-I7820-DF'),
+--(11,'','I7800','F5-BIG-I7800-D'),
+(12,'C118','I7800','F5-BIG-I7800'),
+(13,'C125','I5820-DF','F5-BIG-I5820-DF'),
+(14,'C119','I5800','F5-BIG-I5800'),
+(15,'C115','I4800','F5-BIG-I4800'),
+(16,'C117','I2800','F5-BIG-I2800'),
+--(17,'','C4800','F5-VPR-C4800-DCN'),
+(18,'A109','B2100','F5-VPR-B2100'),
+(19,'A113','B2150','F5-VPR-B2150'),
+(20,'A112','B2250','F5-VPR-B2250'),
+(21,'A114','B4450','F5-VPR-B4450N'),
+(22,'F100','C2400','F5-VPR-C2400-AC'),
+(23,'F101','C2400','F5-VPR-C2400-AC'),
+--(24,'','C2400','F5-VPR-C2400-ACT'),
+(25,'J102','C4480','F5-VPR-C4480-AC'),
+--(26,'','C4480','F5-VPR-C4480-DCN'),
+(27,'S100','C4800','F5-VPR-C4800-AC'),
+(28,'S101','C4800','F5-VPR-C4800-AC'),
+(29,'Z100','VE','F5-VE'),
+(30,'Z101','VE-VCMP','F5-VE-VCMP');
+
+insert into tmossku values
+(1,'gtm','DNS'),
+(2,'sslo','SSLO'),
+(3,'apm','APM'),
+(4,'cgnat','CGNAT'),
+(5,'ltm','LTM'),
+(6,'avr','AVR'),
+(7,'fps',''),
+(8,'dos',''),
+(9,'lc',''),
+(10,'pem','PEM'),
+(11,'urldb',''),
+(12,'swg',''),
+(13,'asm','AWF'),
+(14,'afm','AFM'),
+(15,'ilx','');
diff --git a/contrib/GUI/psql/psql-schema.sql b/contrib/GUI/psql/psql-schema.sql
index 0cc1e2c..730195f 100644
--- a/contrib/GUI/psql/psql-schema.sql
+++ b/contrib/GUI/psql/psql-schema.sql
@@ -25,6 +25,35 @@ create table if not exists audit_log (
 	foreign key (tag) references audit_types(id)
 );
 
+create table if not exists bigip_json (
+        id              serial primary key,
+        ts              timestamp with time zone default now(),
+        uid             uuid unique,
+        regkey          varchar(33) not null,
+        content         jsonb not null,
+
+        unique (ts,regkey)
+);
+
+create table if not exists hwplatforms (
+        id              serial primary key,
+        platform        varchar(16) unique,
+        model           varchar(16),
+        sku             varchar(24),
+
+        unique (platform,model,sku)
+);
+
+create table if not exists tmossku (
+        id              serial primary key,
+        module          varchar(16) unique,
+        sku             varchar(24)
+);
+
+--
+-- Views
+--
+
 drop view all_audit_log;
 create view all_audit_log as
 	select audit_log.*,audit_types.description from audit_log, audit_types where audit_log.tag = audit_types.id;
diff --git a/contrib/bigip-collect/README.md b/contrib/bigip-collect/README.md
index 19764ce..59ba8bc 100644
--- a/contrib/bigip-collect/README.md
+++ b/contrib/bigip-collect/README.md
@@ -59,7 +59,9 @@ Second Sight - https://github.com/F5Networks/SecondSight
 [root@bigip1:Active:Disconnected] tmp # ./bigIPCollect.sh -i -s http://192.168.1.19:8080
 Username: admin
 Password: 
--> Collecting License info
+-> Collecting global settings
+-> Collecting management details
+-> Collecting license info
 -> Collecting software details
 -> Collecting hardware details
 -> Collecting provisioned modules
@@ -79,11 +81,13 @@ Password:
 [root@bigip1:Active:Disconnected] tmp # ./bigIPCollect.sh -i
 Username: admin
 Password: 
--> Collecting License info
--> Collecting Software release info
--> Collecting Provisioned modules info
+-> Collecting global settings
+-> Collecting management details
+-> Collecting license info
+-> Collecting software details
+-> Collecting hardware details
+-> Collecting provisioned modules
 -> Collecting APM usage
--> Collecting Hardware info
 -> Data collection completed, building tarfile
 -> All done, copy /tmp/20221122-2351-bigIPCollect.tgz to your local host using scp
 [root@bigip1:Active:Disconnected] tmp #
diff --git a/contrib/bigip-collect/bigIPCollect.sh b/contrib/bigip-collect/bigIPCollect.sh
index 5fda7af..3908058 100755
--- a/contrib/bigip-collect/bigIPCollect.sh
+++ b/contrib/bigip-collect/bigIPCollect.sh
@@ -11,10 +11,10 @@ This tool collects usage tracking data from BIG-IP for offline postprocessing.\n
 === Usage:\n\n
 $0 [options]\n\n
 === Options:\n\n
--h\t\t- This help\n
--i\t\t- Interactive mode\n
--u [username]\t- BIG-IP username (batch mode)\n
--p [password]\t- BIG-IP password (batch mode)\n
+-h\t\t\t- This help\n
+-i\t\t\t- Interactive mode\n
+-u [username]\t\t- BIG-IP username (batch mode)\n
+-p [password]\t\t- BIG-IP password (batch mode)\n
 -s [http(s)://address]\t- Upload data to Second Sight (optional)\n\n
 === Examples:\n\n
 Interactive mode:\n
@@ -65,7 +65,13 @@ fi
 
 RC="restcurl -u $BIGIP_USERNAME:$BIGIP_PASSWORD"
 
-echo "-> Collecting License info"
+echo "-> Collecting global settings"
+BIGIP_GLOBAL=`$RC /mgmt/tm/sys/global-settings`
+
+echo "-> Collecting management details"
+BIGIP_MGMT=`$RC /mgmt/tm/sys/management-ip`
+
+echo "-> Collecting license info"
 BIGIP_LICENSE=`$RC /mgmt/tm/sys/license`
 
 echo "-> Collecting software details"
@@ -93,12 +99,28 @@ JSON_STRING=$( jq -n \
                   --arg report_version "$REPORT_VERSION" \
                   --arg report_dataplane "$REPORT_DATAPLANE" \
                   --arg report_timestamp "$REPORT_TIMESTAMP" \
+                  --argjson global "$BIGIP_GLOBAL" \
+                  --argjson mgmt "$BIGIP_MGMT" \
                   --argjson license "$BIGIP_LICENSE" \
                   --argjson sw "$BIGIP_SOFTWARE" \
                   --argjson hw "$BIGIP_HARDWARE" \
                   --argjson modules "$BIGIP_MODULES" \
                   --argjson apm "$BIGIP_APM" \
-                  '{report: {kind: $report_kind, type: $report_type, version: $report_version, dataplane: $report_dataplane, timestamp: $report_timestamp}, license: $license, software: $sw, hardware: $hw, modules: $modules, apm: $apm}' )
+                  '{report: {
+			kind: $report_kind,
+			type: $report_type,
+			version: $report_version,
+			dataplane: $report_dataplane,
+			timestamp: $report_timestamp
+		},
+		global: $global,
+		mgmt: $mgmt,
+		license: $license,
+		software: $sw,
+		hardware: $hw,
+		modules: $modules,
+		apm: $apm}
+		' )
 
 echo "-> Data collection completed, building JSON payload"