Simple Python Script to Read from Device

There’s a lot of talk about network programmability and I recently had a simple use case that surfaced. The goal was locating a serial number in Cisco Devices. Basically, a script is required that will do the following.

  • Process a list of IP Addresses and/or hostnames
  • SSH into each device
  • Determine if the device has a given SN

There are many ways this can be accomplished, but the method I am using utilizes SSH. This example requires the use of Paramiko to implement SSHv2. The script can match other items in the output of show version and can easily be modified to have multiple matches and return additional information.

Prerequisites

  • Paramiko (can be installed using PIP)
  • Python (tested with 2.7)

It is worth noting that the script I’m sharing will automatically add public ssh keys and therefore may not be appropriate in a high security environment.

The Python and sample device files can be downloaded here.

Python Code (updated with Auth/Connection Error Handling)

import paramiko
import socket
import getpass

#get user/password/substring (for search)
myuser = raw_input("Enter Username For Process: ")
mypass = getpass.getpass()
mysearch = raw_input("Please enter string to search: ")

#get a list of devices from devices.txt - one per line
qbfile = open("devices.txt", "r")

# loop through devices in qbfile
# ssh to each device and do a sho ver
# on-match print "device" has + current line
# exit


for aline in qbfile:
    myhost = aline.rstrip()
    ssh = paramiko.SSHClient()
    ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
    try:
        ssh.connect(myhost, username=myuser, password=mypass, timeout=15, auth_timeout=20)
        channel = ssh.invoke_shell()
        stdin = channel.makefile('wb')
        stdout = channel.makefile('rb')
        stdin.write('''
        terminal length 0
        show version
        exit
        ''')
        showver = stdout.read()
        for verline in showver.splitlines():
            if mysearch in verline:
                print myhost + " has " + verline
                ssh.close()
                exit()
        ssh.close()
    except paramiko.AuthenticationException, e:
        print "Could not authentication to " + myhost
    except (paramiko.SSHException, socket.error), e:
        print "SSH Error connecting to " + myhost

qbfile.close()

Device List (devices.txt – modify for your devices to be searched)

192.168.1.156
192.168.1.4

Testing FindSN.py

//searching for FTX1107Z2EE
MyMac:FindSN paulste$ python ./FindSN.py 
Enter Username For Process: cisco
Password: 
Please enter string to search: FTX1107Z2EE
192.168.1.4 has Processor board ID FTX1107Z2EE
MyMac:FindSN paulste$ 

//searching for FDO1451K1UM
MyMac:FindSN paulste$ python ./FindSN.py 
Enter Username For Process: cisco
Password: 
Please enter string to search: FDO1451K1UM
192.168.1.156 has Processor board ID FDO1451K1UM
MyMac:FindSN paul$ 

This is a very simple example of reaching out to a device, retrieving a block of information, and providing some feedback based on the information received. A simple modification would be commenting out the exit() in the “if loop”. After that modification searching for a string (Processor for example) returns the first matching line for all devices in devices.txt. This could be used as a starting point to many use cases.

Additional suggestions, use cases or better methods? I’d love to hear from you, so please comment below.

Disclaimer: This article includes the independent thoughts, opinions, commentary or technical detail of Paul Stewart. This may or may does not reflect the position of past, present or future employers.

No related content found.

About Paul Stewart, CCIE 26009 (Security)

Paul is a Network and Security Engineer, Trainer and Blogger who enjoys understanding how things really work. With over 15 years of experience in the technology industry, Paul has helped many organizations build, maintain and secure their networks and systems.
This entry was posted in Uncategorized. Bookmark the permalink.

2 Responses to Simple Python Script to Read from Device

  1. George Harizanov says:

    Rancid keeps track of serial numbers as well so if you have it installed it’s a matter of a simple grep to get the SN you are after. If not an option I normally use Perl with Net.Appliance.Session module that handles ssh/telnet etc. http://search.cpan.org/~oliver/Net-Appliance-Session-4.200003/lib/Net/Appliance/Session.pm
    But I have to say the Python example above (and the language in general) look appealing.

Leave a Reply