From: Daniel L. <dan...@ya...> - 2009-02-27 21:28:54
|
I tried many different Perl modules, all with various problems.... Many claim to be able to handle the prompts, and their variations, but I could not find one to work with a variety of Cisco devices... There are modules that will ssh (should be good for firewalls, but did not work with the PIX 7.0), etc. so I had to fall back to a more brute force approach. So I used the Net::Telnet::Cisco perl module... I could not find a perl module to handle the CatOS vs. IOS either... So I hard-coded in the IP addresses of the CatOS nodes. Here ya go.... change the copy command per your requirements (running-config, startup-config, nvram, etc.) Remember to take appropriate precautions when setting the file permissions, owner and group on this file!!! It will contain passwords afterall.... #!/usr/bin/perl use Net::Telnet::Cisco; use Timestamp::Simple qw(stamp); my $device = "$ARGV[0]"; my $backup_host = '192.168.10.3'; my $numArgs = $#ARGV + 1; my $dt = stamp; if ($numArgs != 1 ) { print "usage: save_router_config.pl device name\n"; exit; } my $session = Net::Telnet::Cisco->new(Host => $device ); # Need to check for CatOS devices if ($device =~ '192.168.10.6' | $device =~ '192.168.11.3') { $session->waitfor('/Enter Selection: /'); $session->print('K' . "\n"); $session->print('enable' . "\n"); # Replace ???????? with enable password $session->print('????????' . "\n"); } else { $session->waitfor('/Password: /'); # Replace ???????? with tty password $session->print('??????' . "\n"); # Replace ???????? with enable password $session->print('enable' . "\n"); $session->print('??????' . "\n"); } # Wait for login to complete sleep 15; if ($device =~ '192.168.10.6' | $device =~ '192.168.11.3') { $session->cmd("copy nvram tftp://$backup_host/configs/$device/$dt-$device.cfg\n\n\n"); } else { $session->cmd("copy run tftp://$backup_host/configs/$device/$dt-$device.cfg\n\n\n"); } sleep 15; $session->close; Tom Powers wrote: > Sound Solutions, Inc. > 8400 Highland Dr. > Wausau, WI 54401 > Tel: 715-842-7665 > Fax: 715-842-7620 > Dan...this looks great!! Good work...what does the get_gonfig.pl look > like? > > Tom P > > -----Original Message----- > From: Daniel Lacey [mailto:dan...@ya...] > Sent: Wednesday, February 25, 2009 7:28 PM > To: General OpenNMS Discussion > Subject: Re: [opennms-discuss] getting an email when a change is made on > a cisco switch > > Taz, > > You didn't post the version of ONMS you are using. > > You can perform a "write memory", "configure terminal" or some such to > generate a trap that is turned into an event that you can see in the > event list. > It will have the uei > "uei.opennms.org/vendor/Cisco/traps/ciscoConfigManEvent". > > This trap has alot of meanings depending on the values sent with the > trap... And they are explained in the event you will see in ONMS. > > You can get an email by going to the Admin link on the ONMS page for > your server. > Select "Configure Notifications" from the list. > Select "Configure Event Notifications" from the next list. > Click on the "Add New Event Notification" button above the list of > notifications. > Select "CISCO-CONFIG-MAN-MIB defined trap event: ciscoConfigManEvent" > from the list. > (Continue to define your notification as you would any other > notification) > Remember to turn the notification ON after you create it!!! > > This notification will tell you what the source of the trap was: > erase(1) commandSource(2) running(3) startup(4) local(5) networkTftp(6) > networkRcp(7) > and what the destination was: (Same values as source) > > Now if you are looking for what someone precisely did, like what command > they typed... That is not part of the trap. > > A more complicated example: > I created a specific event for "write memory", that includes the > <autoaction> tag and executes a script I wrote. > The script tells the cisco equipment to TFTP the config to a TFTP > server, with a filename and date/time stamp. > This event uses the values sent with the trap to match when the running > config is copied to the startup config. (write memory) > > > Here is the event: > <event> > <mask> > <maskelement> > <mename>id</mename> > <mevalue>.1.3.6.1.4.1.9.9.43.2</mevalue> > </maskelement> > <maskelement> > <mename>generic</mename> > <mevalue>6</mevalue> > </maskelement> > <maskelement> > <mename>specific</mename> > <mevalue>1</mevalue> > </maskelement> > <varbind> > <vbnumber>2</vbnumber> > <vbvalue>3</vbvalue> > </varbind> > <varbind> > <vbnumber>3</vbnumber> > <vbvalue>4</vbvalue> > </varbind> > </mask> > <uei>uei.opennms.org/vendor/Cisco/traps/ciscoConfigManEvent_wrmem</uei> > <event-label>CISCO-CONFIG-MAN-MIB defined trap event: > ciscoConfigManEvent_wrmem</event-label> > <descr><p>Notification of a configuration management event as > recorded in ccmHistoryEventTable.</p><table> > <tr><td><b> > ccmHistoryEventCommandSource</b></td><td>%parm[#1]% > </td><td><p;> > commandLine(1) snmp(2)</p> > </td;></tr><tr><td><b> > ccmHistoryEventConfigSource</b></td><td>%parm[#2]% > </td><td><p;> > erase(1) commandSource(2) running(3) startup(4) local(5) networkTftp(6) > networkRcp(7)</p> > </td;></tr><tr><td><b> > > ccmHistoryEventConfigDestination</b></td><td>%parm[#3] > % > </td><td><p;> > erase(1) commandSource(2) running(3) startup(4) local(5) networkTftp(6) > networkRcp(7)</p> > </td;></tr></table> > </descr> > <logmsg dest='logndisplay'><p>Cisco Event: A Configuration > Management event has occurred.</p></logmsg> > <severity>Warning</severity> > <autoaction>/usr/local/bin/get_config.pl %snmphost%</autoaction> > </event> > > Hope this helps! > Dan > > > > Travis Zadikem wrote: > >> Can someone please outline the steps to get an email when a change is >> made to cisco switch including the change? For a test I have added >> the following to my cisco 2950 but don't what needs to be done now in >> OpenNms. >> >> snmp-server community public RO >> snmp-server enable traps config >> snmp-server host 15.0.19.75 version 2c public >> >> >> thanks. >> Taz >> >> > ------------------------------------------------------------------------ > >> > ------------------------------------------------------------------------ > ------ > >> Open Source Business Conference (OSBC), March 24-25, 2009, San >> > Francisco, CA > >> -OSBC tackles the biggest issue in open source: Open Sourcing the >> > Enterprise > >> -Strategies to boost innovation and cut costs with open source >> > participation > >> -Receive a $600 discount off the registration fee with the source >> > code: SFAD > >> http://p.sf.net/sfu/XcvMzF8H >> >> > ------------------------------------------------------------------------ > >> _______________________________________________ >> Please read the OpenNMS Mailing List FAQ: >> http://www.opennms.org/index.php/Mailing_List_FAQ >> >> opennms-discuss mailing list >> >> To *unsubscribe* or change your subscription options, see the bottom >> > of this page: > >> https://lists.sourceforge.net/lists/listinfo/opennms-discuss >> > > > > ------------------------------------------------------------------------ > ------ > Open Source Business Conference (OSBC), March 24-25, 2009, San > Francisco, CA > -OSBC tackles the biggest issue in open source: Open Sourcing the > Enterprise > -Strategies to boost innovation and cut costs with open source > participation > -Receive a $600 discount off the registration fee with the source code: > SFAD > http://p.sf.net/sfu/XcvMzF8H > _______________________________________________ > Please read the OpenNMS Mailing List FAQ: > http://www.opennms.org/index.php/Mailing_List_FAQ > > opennms-discuss mailing list > > To *unsubscribe* or change your subscription options, see the bottom of > this page: > https://lists.sourceforge.net/lists/listinfo/opennms-discuss > > -------------------------------------------------------------------------- > > Sound Solutions, Inc. - Since 1995 > We Appreciate Your Business and Referrals > > This message (and any associated files) is intended only for the use of the individual or entity to which it is addressed and may contain information that is confidential, subject to copyright or constitutes a trade secret. If you are not the intended recipient you are hereby notified that any dissemination, copying or distribution of this message, or files associated with this message, is strictly prohibited. If you have received this message in error, please notify us immediately by replying to the message and deleting it from your computer. Messages sent to and from us may be monitored. > > Internet communications cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. Therefore, we do not accept responsibility for any errors or omissions that are present in this message, or any attachment, that have arisen as a result of e-mail transmission. If verification is required, please request a hard-copy version. Any views or opinions presented are solely those of the author and do not necessarily represent those of the company. > > > ------------------------------------------------------------------------------ > Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA > -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise > -Strategies to boost innovation and cut costs with open source participation > -Receive a $600 discount off the registration fee with the source code: SFAD > http://p.sf.net/sfu/XcvMzF8H > _______________________________________________ > Please read the OpenNMS Mailing List FAQ: > http://www.opennms.org/index.php/Mailing_List_FAQ > > opennms-discuss mailing list > > To *unsubscribe* or change your subscription options, see the bottom of this page: > https://lists.sourceforge.net/lists/listinfo/opennms-discuss > > |