Ghost hunt quick start
Structured quick-reference sections for prerequisites, installation, usage, and troubleshooting.
Prerequisites
- Python 3.6+ with OCI SDK and standard reporting dependencies
- OCI authentication configured (profile/config, instance principal, or resource principal)
- Read access to OCI Load Balancer and Identity services
- Writable output directory for CSV and JSON reports
Common parameters
| Parameter | Purpose | Example |
|---|---|---|
| --compartments | Limits the scan to specific compartments | ocid1.compartment...,ocid1.compartment... |
| --output | Sets output directory for CSV/JSON reports | ./reports/ |
| --profile | Uses a named OCI config profile | PRODUCTION |
| --config | Uses a custom OCI config file path | ~/.oci/custom_config |
Standard ghost-hunt workflow
- 1Run a tenancy-wide scan first to establish the baseline of unused load balancers.
- 2Use targeted compartment scans for production/dev environments to validate findings with owners.
- 3Review ghost scores and focus immediate action on `Definite Ghost` and `Likely Ghost` classifications.
- 4Use CSV for triage and JSON for automation/integration workflows.
python oci-loadbalancer-ghosthunter.py --output ./ghost-reports/ --profile DEFAULTpython oci-loadbalancer-ghosthunter.py --compartments ocid1.compartment.oc1..prod,ocid1.compartment.oc1..dev --output ./targeted-analysis/python oci-loadbalancer-ghosthunter.py --config ~/.oci/custom_config --compartments ocid1.compartment.oc1..networkingGhost score interpretation
| Score range | Classification | Recommended action |
|---|---|---|
| 80+ | Definite Ghost | High-confidence cleanup candidate after ownership check |
| 60-79 | Likely Ghost | Validate with app/network teams before cleanup |
| 40-59 | Suspicious | Investigate listeners/backends/usage history |
| 20-39 | Review Needed | Monitor and inspect configuration |
| 0-19 | Active | Usually retain unless other evidence indicates waste |
CSV and JSON outputs
| Output | Primary use | Who uses it |
|---|---|---|
| CSV report | Triage, filtering, dashboards | FinOps / platform ops |
| JSON report | Automation workflows and integrations | Engineering / platform tooling |
- Review ghost scoring reasons in the report before deleting any OCI load balancer resources.
Troubleshooting
- If authentication fails, verify the active OCI profile/config and test compartment access with OCI CLI commands.
- If scans are slow in large tenancies, target specific compartments and run during off-peak hours.
- If results are incomplete, confirm IAM permissions for Load Balancer and Identity read operations.
Scoring is not deletion approval
Ghost scores prioritize review; they do not replace change validation with application/network owners.
Advanced Ghost Detection Features
Sophisticated multi-factor analysis engine that identifies unused OCI Load Balancers with precision scoring and comprehensive reporting capabilities.
Intelligent Ghost Scoring
Multi-factor analysis with 0-100 scale scoring system evaluating backend sets, listeners, certificates, and lifecycle state for accurate ghost detection.
Compartment Intelligence
Smart compartment discovery with automatic tenancy scanning or targeted compartment analysis with proper OCI SDK integration.
Comprehensive Analysis
Analyzes backend sets, listeners, SSL certificates, health probes, and lifecycle states for both Classic and Network Load Balancers.
Dual Format Reporting
Generates structured CSV for analysis and rich JSON reports with detailed ghost scoring breakdown and actionable recommendations.
Status Classification
5-tier classification system: Definite Ghost (≥80), Likely Ghost (≥60), Suspicious (≥40), Review Needed (≥20), Active (<20).
Backend Health Analysis
Evaluates backend set configurations, health status, and connectivity to identify load balancers with no healthy backends or empty pools.
OCI SDK Integration
Native OCI Python SDK integration with proper authentication, error handling, and support for multiple OCI profiles and configurations.
Age-Based Scoring
Intelligent age analysis that adds scoring weight to older load balancers (>30 days) with existing ghost characteristics for enhanced accuracy.
Chef's Usage Examples
Real-world scenarios for hunting down ghost load balancers in your OCI environment like a professional sous chef organizing the kitchen.
Complete Tenancy Ghost Hunt
python oci-loadbalancer-ghosthunter.py
--output ./ghost-reports/
--profile DEFAULTComprehensive scan across all compartments in your OCI tenancy to identify forgotten load balancers consuming resources but not serving traffic.
Targeted Compartment Analysis
python oci-loadbalancer-ghosthunter.py
--compartments ocid1.compartment.oc1..prod,ocid1.compartment.oc1..dev
--output ./targeted-analysis/Focus your ghost hunting on specific compartments like production and development environments for targeted cost optimization efforts.
Multi-Profile Environment Scan
python oci-loadbalancer-ghosthunter.py
--profile PRODUCTION
--output ./prod-ghost-analysis/Use different OCI profiles to scan multiple tenancies or environments with proper authentication and configuration management.
Custom Configuration Analysis
python oci-loadbalancer-ghosthunter.py
--config ~/.oci/custom_config
--compartments ocid1.compartment.oc1..networkingUse custom OCI configuration files and target specific networking compartments for specialized ghost hunting operations.
Technical Specifications
Professional-grade Python implementation with comprehensive OCI SDK integration and intelligent ghost detection algorithms.
Requirements
- Python 3.6+ with OCI Python SDK installed
- OCI Authentication configured (config file, instance principal, or resource principal)
- IAM Permissions for Load Balancer and Identity services (read access)
- Network Connectivity to OCI management endpoints
- Required Packages: oci, argparse, csv, json, logging, datetime
Parameters
Core Analysis Features
Ghost Scoring Engine
- • Multi-factor analysis with 0-100 scale scoring
- • Backend set evaluation (empty pools, offline backends)
- • Listener configuration analysis
- • SSL certificate validation for Classic LBs
- • Lifecycle state assessment
- • Age-based scoring adjustments
Reporting & Output
- • Structured CSV for data analysis and BI tools
- • Rich JSON reports with detailed breakdowns
- • Ghost status classification (5-tier system)
- • Backend and listener detail extraction
- • Shape and bandwidth information
- • Compartment and tenancy metadata
Ghost Scoring Breakdown
Sophisticated multi-factor algorithm that evaluates load balancer configurations to identify unused resources with precision scoring.
Backend Sets Analysis
- • 50 points: No backend sets configured
- • 45 points: All backend sets are empty or offline
- • 25 points: Some backend sets are empty
Listener Configuration
- • 40 points: No listeners configured
- • 35 points: All listeners lack valid backend sets
- • 20 points: Some listeners lack backend sets
Lifecycle State
- • 30 points: Non-ACTIVE/CREATING state
- • 0 points: ACTIVE or CREATING state
SSL Certificates
- • 15 points: HTTPS listeners without SSL certificates (Classic LB only)
- • 0 points: Proper SSL configuration
Age Analysis
- • 10 points: Created >30 days ago with existing ghost score >40
- • 0 points: Recently created or low ghost score
Status Classification
- • ≥80: DEFINITE GHOST
- • ≥60: LIKELY GHOST
- • ≥40: SUSPICIOUS
- • ≥20: REVIEW NEEDED
- • <20: ACTIVE
Professional Reporting
Comprehensive dual-format reporting designed for both technical analysis and executive presentation with detailed ghost scoring insights.
CSV Data Export
Structured data format perfect for analysis, BI tool integration, and automated processing workflows.
Key Data Fields:
- • Load balancer name, OCID, and type
- • Ghost score and status classification
- • Compartment and tenancy information
- • Backend set and listener counts
- • Lifecycle state and creation date
- • Shape and bandwidth details
- • Detailed ghost scoring reasons
JSON Detailed Reports
Rich structured format with comprehensive details, perfect for API integration and detailed analysis workflows.
Enhanced Features:
- • Complete ghost scoring breakdown
- • Backend set health analysis
- • Listener configuration details
- • SSL certificate information
- • Nested compartment hierarchy
- • Timestamp and metadata
- • Actionable recommendations
Chef's Best Practices
Professional tips for effective ghost hunting and OCI load balancer optimization from the CloudCostChefs kitchen.
OCI Authentication Setup
- Configure OCI CLI with proper authentication (API key, instance principal, or resource principal)
- Ensure IAM policies grant read access to Load Balancer and Identity services
- Test connectivity with
oci iam compartment listbefore running the script
Performance Optimization
- Use specific compartment targeting for faster scans in large tenancies
- Run during off-peak hours to minimize impact on OCI API rate limits
- Monitor script output for any authentication or permission issues
Ghost Analysis Strategy
- Focus on"DEFINITE GHOST" and"LIKELY GHOST" classifications for immediate action
- Review"SUSPICIOUS" load balancers with application teams before cleanup
- Use ghost scoring reasons to understand why resources were flagged
Report Integration
- Import CSV reports into BI tools for trend analysis and executive dashboards
- Use JSON reports for automated workflows and API integrations
- Schedule regular scans to track ghost load balancer trends over time
Start Your Ghost Hunt Today
Download the OCI Load Balancer Ghost Hunter and start identifying unused resources in your Oracle Cloud Infrastructure environment.
Part of the CloudCostChefs toolkit • Open source
What to do next
Pick the path that fits where you are right now.