You can write a tmsh script to be used locally on the BIG-IP to query that information, or you can use the iControl REST interface to query it as well. You might end up with more than one query to drill down for precisely the correct information as profiles and policies are buried in subcollections of the parent virtual server object. In one query, however, you can pull back the name, destination (IP+port of the virtual server) and the profile collection items like so with curl or a tool like Postman:
https://ltm3.test.local/mgmt/tm/ltm/virtual?$select=name,destination,profilesReference&expandSubcollections=true
This returns all the virtual servers with only the name, ip+port, and profile information in the following json format (only showing the virtual server with a policy on it for brevity):
{
"kind": "tm:ltm:virtual:virtualcollectionstate",
"selfLink": "https://localhost/mgmt/tm/ltm/virtual?$select=name%2Cdestination%2CprofilesReference&expandSubcollections=true&ver=14.0.0",
"items": [
{
"name": "bigvip_443",
"destination": "/Common/192.168.102.60:443",
"profilesReference": {
"link": "https://localhost/mgmt/tm/ltm/virtual/~Common~bigvip_443/profiles?ver=14.0.0",
"isSubcollection": true,
"items": [
{
"kind": "tm:ltm:virtual:profiles:profilesstate",
"name": "ASM_asm_test_policy",
"partition": "Common",
"fullPath": "/Common/ASM_asm_test_policy",
"generation": 569,
"selfLink": "https://localhost/mgmt/tm/ltm/virtual/~Common~bigvip_443/profiles/~Common~ASM_asm_test_policy?ver=14.0.0",
"context": "all",
"nameReference": {
"link": "https://localhost/mgmt/tm/security/bot-defense/asm-profile/~Common~ASM_asm_test_policy?ver=14.0.0"
}
},
{
"kind": "tm:ltm:virtual:profiles:profilesstate",
"name": "clientssl",
"partition": "Common",
"fullPath": "/Common/clientssl",
"generation": 553,
"selfLink": "https://localhost/mgmt/tm/ltm/virtual/~Common~bigvip_443/profiles/~Common~clientssl?ver=14.0.0",
"context": "clientside",
"nameReference": {
"link": "https://localhost/mgmt/tm/ltm/profile/client-ssl/~Common~clientssl?ver=14.0.0"
}
},
{
"kind": "tm:ltm:virtual:profiles:profilesstate",
"name": "http",
"partition": "Common",
"fullPath": "/Common/http",
"generation": 553,
"selfLink": "https://localhost/mgmt/tm/ltm/virtual/~Common~bigvip_443/profiles/~Common~http?ver=14.0.0",
"context": "all",
"nameReference": {
"link": "https://localhost/mgmt/tm/ltm/profile/http/~Common~http?ver=14.0.0"
}
},
{
"kind": "tm:ltm:virtual:profiles:profilesstate",
"name": "tcp",
"partition": "Common",
"fullPath": "/Common/tcp",
"generation": 553,
"selfLink": "https://localhost/mgmt/tm/ltm/virtual/~Common~bigvip_443/profiles/~Common~tcp?ver=14.0.0",
"context": "all",
"nameReference": {
"link": "https://localhost/mgmt/tm/ltm/profile/tcp/~Common~tcp?ver=14.0.0"
}
},
{
"kind": "tm:ltm:virtual:profiles:profilesstate",
"name": "websecurity",
"partition": "Common",
"fullPath": "/Common/websecurity",
"generation": 568,
"selfLink": "https://localhost/mgmt/tm/ltm/virtual/~Common~bigvip_443/profiles/~Common~websecurity?ver=14.0.0",
"context": "all",
"nameReference": {
"link": "https://localhost/mgmt/tm/ltm/profile/web-security/~Common~websecurity?ver=14.0.0"
}
}
]
}
},
This is a lot cleaner if you write a script in your language of choice to return only the data you want from your virtual servers, and this can be done from a remote machine against however many big-ip devices you have.