Skip to main content

Netmiko

from pprint import pprintfrom netmiko import ConnectHandlerfrom time import timeimport json, os, threading, sys
def config_worker( ip, username, password, extra ):
    #---- Connect to the device ----    print ("---- Connecting to device {0}".format( ip ))
    #---- Connect to the device    session = ConnectHandler( device_type = "cisco_s300", ip = ip, username = username, password = password, global_delay_factor=2 )
    if extra == "extra":        #---- Use CLI command to get configuration data from device        print ("---- Retrieving result of extra command")        config_data = session.send_command("show mac address-table",expect_string=r"#",delay_factor=6)
        #---- Write out configuration information to file        print ("---- Storing extra command output: ", basepath + "extra/" + ip)        with open( basepath + "extra/" + ip, "w" ) as config_out:  config_out.write( config_data )
    else:        #---- Use CLI command to get configuration data from device        print ("---- Retrieving configuration from device")        config_data = session.send_command("show run",expect_string=r"#",delay_factor=6)
        #---- Use CLI command to save configuration on device        session.send_command("wr",expect_string=r"Overwrite file",delay_factor=6)        session.send_command("Y",expect_string=r"Copy succeeded",delay_factor=6)
        #---- Write out configuration information to file        print ("---- Storing configuration: ", basepath + "configs/" + ip)        with open( basepath + "configs/" + ip, "w" ) as config_out:  config_out.write( config_data )
    session.disconnect()
    return
#==============================================================================# ---- Main: Get Configuration#==============================================================================
#---- Define base path to run from anywherebasepath = os.path.abspath(os.path.dirname(__file__)) + "/"
#---- Retrieve arguments if passedif len(sys.argv) > 1:    extra = sys.argv[1]else:    extra = None
#---- Retrieve creds from filewith open(basepath + "creds.json", "r") as f:    creds = json.load(f)
username = creds["CISCO"]["USERNAME"]password = creds["CISCO"]["PASSWORD"]
#---- Retrieve list of IPs from fileips = [line.rstrip("\n") for line in open( basepath + "devices-cisco")]
starting_time = time()
config_threads_list = []
for ip in ips:    print ("---- Creating thread for: ", ip)    config_threads_list.append( threading.Thread( target=config_worker, args=( ip, username, password, extra, ) ) )
print ("---- Begin get config threading ----")for config_thread in config_threads_list:    config_thread.start()
for config_thread in config_threads_list:    config_thread.join()
print ("---- End get config threading, elapsed time=", time() - starting_time)

title: Netmiko - backup-cron.sh.md

category: Automation#

#!/bin/bash
python3 /x/backup-fortigate.pypython3 /x/backup-cisco.py
OUTPUT=`su -s /bin/bash -c 'cd /x/configs && git status 2>&1' x 2>&1`;
if [[ $OUTPUT != *"nothing to commit, working directory clean"* ]]; then  OUTPUT2=`su -s /bin/bash -c 'cd /x/configs && git add . 2>&1 && git commit -m "nemiko Bash Auto Git Push" 2>&1 && git push 2>&1' x 2>&1`;  eval $(echo $OUTPUT2 | mail -s "netmiko Bash Auto Git Push" [email protected]);  curl -H "Content-Type: application/json" -d "{\"title\": \"netmiko Bash Auto Git Push\", \"text\": \"*****        *****\n\n $OUTPUT2 \", \"themeColor\": \"EA4300\", \"type\": \"\" }" https://x;else  exit;fi

title: Netmiko - backup-fortigate.py.md

category: Automation#

from scp import SCPClientimport os, paramiko, json
def fortigate_backup(ip, username, password):
    ssh = paramiko.client.SSHClient()    ssh.set_missing_host_key_policy(paramiko.client.AutoAddPolicy())
    print ("---- Connecting to device {0}".format( ip ))
    ssh.connect(ip, username = username, password = password, timeout = 180)
    with SCPClient(ssh.get_transport(), socket_timeout = 180) as scp:
        config_filename = basepath + "configs/" + ip
        print ("---- Getting and writing configuration from device: " + config_filename)
        scp.get("sys_config", config_filename)
        print ("---- Configuration stored from device: " + config_filename)
    return
#---- Define base path to run from anywherebasepath = os.path.abspath(os.path.dirname(__file__)) + "/"
#---- Retrieve creds from filewith open(basepath + "creds.json", "r") as f:    creds = json.load(f)
username = creds["FORTIGATE"]["USERNAME"]password = creds["FORTIGATE"]["PASSWORD"]
#---- Retrieve list of IPs from fileips = [line.rstrip("\n") for line in open(basepath + "devices-fortigate")]
for ip in ips:    fortigate_backup(ip, username, password)

title: Netmiko - config-cisco.py.md

category: Automation#

from pprint import pprintfrom netmiko import ConnectHandlerfrom time import timeimport json, os, threading, sys
def config_worker( ip, username, password ):
    #---- Connect to the device ----    print ("---- Connecting to device {0}".format( ip ))
    #---- Connect to the device    session = ConnectHandler( device_type = "cisco_s300", ip = ip, username = username, password = password, global_delay_factor=2 )
    #---- Use CLI command to set configuration data on device    print ("---- Setting configuration on device")    config_data = session.config_mode()    config_data += session.send_command("no ip telnet server",expect_string=r"#",delay_factor=6)#    config_data += session.send_command_timing("clock timezone " " 0 minutes 0 \n",strip_command = False)#    config_data += session.send_command_timing("clock summer-time web recurring eu \n",strip_command = False)#    config_data += session.send_command_timing("clock source sntp \n",strip_command = False)#    config_data += session.send_command_timing("sntp unicast client enable \n",strip_command = False)#    config_data += session.send_command_timing("sntp unicast client poll \n",strip_command = False)#    config_data += session.send_command_timing("sntp server x.x.x.x poll \n",strip_command = False)#    config_data += session.send_command_timing("logging host x.x.x.x port 6514 \n",strip_command = False)#    config_data += session.send_command_timing("logging origin-id hostname \n",strip_command = False)#    config_data += session.send_command_timing("no logging console \n",strip_command = False)#    config_data += session.send_command_timing("no passwords complexity enable \n",strip_command = False)#    config_data += session.send_command_timing("passwords aging 0 \n",strip_command = False)#    config_data += session.send_command_timing("snmp-server server \n",strip_command = False)#    config_data += session.send_command_timing("snmp-server community public ro x.x.x.x view Default \n",strip_command = False)#    config_data += session.send_command_timing("no ip http server \n",strip_command = False)#    config_data += session.send_command_timing("encrypted radius-server key x \n",strip_command = False)#    config_data += session.send_command_timing("encrypted radius-server host x.x.x.x key x \n",strip_command = False)#    config_data += session.send_command_timing("ip http authentication aaa login-authentication radius local \n",strip_command = False)#    config_data += session.send_command_timing("aaa authentication login SSH radius local \n",strip_command = False)#    config_data += session.send_command_timing("aaa authentication login Telnet local \n",strip_command = False)#    config_data += session.send_command_timing("aaa authentication login Console local \n",strip_command = False)#    config_data += session.send_command_timing("aaa accounting login start-stop group radius \n",strip_command = False)#    config_data += session.send_command_timing("line ssh \n",strip_command = False)#    config_data += session.send_command_timing("login authentication SSH \n",strip_command = False)#    config_data += session.send_command_timing("password x encrypted \n",strip_command = False)#    config_data += session.send_command_timing("exit \n",strip_command = False)#    config_data += session.exit_config_mode()#    config_data += session.send_command_timing("wr",strip_command = False)#    config_data += session.send_command_timing("Y",strip_command = False)    print (config_data)    session.disconnect()
    return
#==============================================================================# ---- Main: Get Configuration#==============================================================================
#---- Define base path to run from anywherebasepath = os.path.abspath(os.path.dirname(__file__)) + "/"
#---- Retrieve creds from filewith open(basepath + "creds.json", "r") as f:    creds = json.load(f)
username = creds["CISCO"]["USERNAME"]password = creds["CISCO"]["PASSWORD"]
#---- Retrieve list of IPs from fileips = [line.rstrip("\n") for line in open( basepath + "devices-cisco")]
starting_time = time()
config_threads_list = []
for ip in ips:    print ("---- Creating thread for: ", ip)    config_threads_list.append( threading.Thread( target=config_worker, args=( ip, username, password, ) ) )
print ("---- Begin get config threading ----")for config_thread in config_threads_list:    config_thread.start()
for config_thread in config_threads_list:    config_thread.join()
print ("---- End get config threading, elapsed time=", time() - starting_time)

title: Netmiko - creds.json.sample.md

category: Automation#

{  "CISCO": {    "USERNAME": "cisco_radius_ro",    "PASSWORD": "12345"  },  "FORTIGATE": {    "USERNAME": "fortigate_scp_ro",    "PASSWORD": "12345"  }}

title: Netmiko - crontab.md

category: Automation#

00 1 * * *      root    /x/backup-cron.sh

title: Netmiko - devices-cisco.sample

category: Automation#

192.168.0.1

title: Netmiko - devices-fortigate.sample.md

category: Automation#

192.168.0.2