Skip to content

Commit

Permalink
Added sample for getting Cisco device interface description and posting
Browse files Browse the repository at this point in the history 
to slack
  • Loading branch information
@claytondukes
claytondukes committed Nov 8, 2017
1 parent 26410fe commit 482c866
Show file tree
Hide file tree
Showing 2 changed files with 222 additions and 0 deletions.
38 changes: 38 additions & 0 deletions automations/cisco-interface-UpDown/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
# Cisco Interface Up/Down to Slack
- Match on `LINK-3-UPDOWN`
- SSH to device and get the interface Description
- Reports results to Slack channel
- Interface Down will come into slack as Red
- Interface Up as green


# Log Sample
```
%LINK-3-UPDOWN: Interface GigabitEthernet1/0/10, changed state to down
```


# Script Type: Perl

```
#-----------------------------------------------------------------------------
# BEGIN: REQUIRED PACKAGES/MODULES
#-----------------------------------------------------------------------------
# Ubuntu:
# apt install libnet-ssh2-perl libcrypt-ssleay-perl cpanminus
#
# PERL:
# cpanm Net::SSH2::Cisco HTTP::Request::Common LWP::UserAgent JSON
#-----------------------------------------------------------------------------
# END: REQUIRED PACKAGES/MODULES
#-----------------------------------------------------------------------------
```

# Slack Webhook
You will need to obtain your webhook URL from the slack admin interface

Once you have that, modify the script and set the correct webhook url:

my $posturl = https://hooks.slack.com/services/STRING/STRING/STRING';
184 changes: 184 additions & 0 deletions automations/cisco-interface-UpDown/cisco-intUpDown-to-slack
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,184 @@
#!/usr/bin/env perl

#-----------------------------------------------------------------------------
# BEGIN: REQUIRED PACKAGES/MODULES
#-----------------------------------------------------------------------------

# Ubuntu:
# apt install libnet-ssh2-perl libcrypt-ssleay-perl cpanminus
#
# PERL:
# cpanm Net::SSH2::Cisco HTTP::Request::Common LWP::UserAgent JSON

#-----------------------------------------------------------------------------
# END: REQUIRED PACKAGES/MODULES
#-----------------------------------------------------------------------------

use Net::SSH2::Cisco;
use HTTP::Request::Common qw(POST);
use LWP::UserAgent;
use JSON;
use File::Basename;

#-----------------------------------------------------------------------------
# LogZilla (>5.70.3) passes the following environment variables:
#-----------------------------------------------------------------------------
# EVENT_CISCO_MNEMONIC = <string>
# EVENT_COUNTER = <integer>
# EVENT_FACILITY = <integer>
# EVENT_FIRST_OCCURRENCE = <float>
# EVENT_HOST = <string>
# EVENT_ID = <int>
# EVENT_LAST_OCCURRENCE = <float>
# EVENT_MESSAGE = <string>
# EVENT_PROGRAM = <string>
# EVENT_SEVERITY = <integer>
# EVENT_STATUS = <integer>
# EVENT_TRIGGER_AUTHOR = <string>
# EVENT_TRIGGER_AUTHOR_EMAIL = <string>
# EVENT_TRIGGER_ID = <integer>
# EVENT_USER_TAGS = <integer>
# TRIGGER_HITS_COUNT = <integer>


#-----------------------------------------------------------------------------
# DEBUG Testing, disable in production
# This will dump all info to /tmp/$0.log
# ($0 is the name of this script)
#-----------------------------------------------------------------------------

#------------
# If you want to test from the command line
# set $cmdLineDebug = 1
# This way, you don't have to specifically generate events to LogZilla
#------------
my $cmdLineDebug = 0;
if ( $cmdLineDebug > 0 ) {
$ENV{'EVENT_CISCO_MNEMONIC'} = 'LINK-3-UPDOWN';
$ENV{'EVENT_COUNTER'} = '2';
$ENV{'EVENT_FACILITY'} = '23';
$ENV{'EVENT_FIRST_OCCURRENCE'} = '1510154564.41';
$ENV{'EVENT_HOST'} = '192.168.28.254';
$ENV{'EVENT_ID'} = '1583511832100864';
$ENV{'EVENT_LAST_OCCURRENCE'} = '1510154775.25';
$ENV{'EVENT_MESSAGE'} = '%LINK-3-UPDOWN: Interface GigabitEthernet1/0/10, changed state to down';
$ENV{'EVENT_PROGRAM'} = 'Cisco';
$ENV{'EVENT_SEVERITY'} = '3';
$ENV{'EVENT_STATUS'} = '0';
$ENV{'EVENT_TRIGGER_AUTHOR'} = 'admin';
$ENV{'EVENT_TRIGGER_AUTHOR_EMAIL'} = 'admin_user@localhost';
$ENV{'EVENT_TRIGGER_ID'} = '449';
$ENV{'EVENT_USER_TAGS'} = '';
$ENV{'TRIGGER_HITS_COUNT'} = '1';
}
my $debug = 0;
my $msg;
my $filename = "/tmp/" . basename("$0.log");
foreach my $key (sort keys(%ENV)) {
next if $key !~ /^EVENT|^TRIGGER/;
$msg .= "$key = $ENV{$key}\n";
}
open(my $fh, '>>', $filename) or die "Could not open file '$filename' $!" if $debug > 0;
chmod 0666, $filename if $debug > 0;
print $fh "$msg\n" if $debug > 0;
#-----------------------------------------------------------------------------
# END DEBUG Testing, disable in production
#-----------------------------------------------------------------------------

#-----------------------------------------------------------------------------
# BEGIN: Set Device Login and Slack Webhook URL
#-----------------------------------------------------------------------------
my $ciscoUsername = "cisco";
my $ciscoPassword = "cisco";
my $posturl = 'https://hooks.slack.com/services/XXX/XXX/XXX';
#-----------------------------------------------------------------------------
# BEGIN: Set your device login name/password
#-----------------------------------------------------------------------------


printf $fh "Connecting to %s\n", $ENV{'EVENT_HOST'} if $debug > 0;

my $session = Net::SSH2::Cisco->new(host => $ENV{'EVENT_HOST'});
$session->login($ciscoUsername, $ciscoPassword);

# Extract the config for the offending interface
my ($interface, $intState) = ($1,$2) if $ENV{'EVENT_MESSAGE'} =~ /Interface (\S+), changed state to (\S+)/;
if ( $interface =~ //) {
open(my $fd, ">>/var/log/logzilla/logzilla.log");
print $fd "ERROR: $0 - unable to obtain interface name from $ENV{'EVENT_MESSAGE'}";
exit;
}
my @desc = $session->cmd("sh run interface $interface | inc desc");
my $intDesc = $desc[0];
chomp($intDesc);
$intDesc =~ s/description (.+)/$1/gi;
$intDesc =~ s/^\s+//g;

print $fh "\n--CMD Output:\nsh run interface $interface | include description:\n$intDesc\n---\n" if $debug > 0;

#-----------------------------------------------------------------------------
# Post to Slack
#-----------------------------------------------------------------------------
my $default_channel = '#datacenter';
my $slack_user = 'logzilla-staging';
my $mnemonic = $ENV{'EVENT_CISCO_MNEMONIC'};

my ($color, $pretext);
if ($intState eq "down") {
$color = '#9C1A22';
$pretext = "ERROR: Interface $intState on $ENV{'EVENT_HOST'}";
} else {
$color = '#008000';
$pretext = "RECOVERED: Interface $intState on $ENV{'EVENT_HOST'}";
}
my $payload = {
username => $slack_user,
channel => $default_channel,
icon_url => "http://www.logzilla.net/images/logo_orange_png_cropped_40x40.png",
attachments => [{
fallback => "Interface Description: $intDesc",
title => "Interface Description: $intDesc",
color => "$color",
pretext => "$pretext",
author_name => "$ENV{'EVENT_TRIGGER_AUTHOR'}",
author_link => "mailto:$ENV{'EVENT_TRIGGER_AUTHOR_EMAIL'}",
author_icon => "http://www.logzilla.net/images/log_file_icon_25x25.png",
fields => [{
title => 'Program',
value => "$ENV{'EVENT_PROGRAM'}",
short => 'true',
}, {
title => 'Severity',
value => "$ENV{'EVENT_SEVERITY'}",
short => 'true',
}, {
title => "URL Reference",
value => "<https://search.cisco.com/search?query=%25$mnemonic:&locale=enUS&cat=&mode=text&clktyp=enter&autosuggest=false|$mnemonic>",
short => 'true',
}],
mrkdwn_in => ["text", "fields"],
text => "```$ENV{'EVENT_MESSAGE'}```",
thumb_url => "http://www.logzilla.net/images/icon_warning_25x25.png",
}]
};

my $ua = LWP::UserAgent->new(
ssl_opts => { verify_hostname => 0 },
);
$ua->timeout(5);

my $req = POST("${posturl}", ['payload' => encode_json($payload)]);
print $fh encode_json($payload) if $debug > 0;


my $resp = $ua->request($req);

if ($resp->is_success) {
#print $resp->decoded_content;
}
else {
die $resp->status_line;
}

close $fh if $debug > 0;
$session->close;

0 comments on commit 482c866

Please sign in to comment.