def go(): ####CODE GOES BELOW HERE######### resp = cgx_session.get.tenants() if resp.cgx_status: tenant_name = resp.cgx_content.get("name", None) print("======== TENANT NAME", tenant_name, "========") else: logout() print("ERROR: API Call failure when enumerating TENANT Name! Exiting!") print(resp.cgx_status) sys.exit((vars(resp))) csvfilename = CLIARGS['csvfile'] csv_out_array = [] site_id_name_mapping = {} resp = cgx_session.get.sites() if resp.cgx_status: site_list = resp.cgx_content.get( "items", None) #EVENT_LIST contains an list of all returned events for site in site_list: site_id_name_mapping[site['id']] = site['name'] else: logout() print( "ERROR: API Call failure when enumerating SITES in tenant! Exiting!" ) sys.exit((jd(resp))) counter = 0 with open(csvfilename, 'w', newline='') as csvfile: csvwriter = csv.writer(csvfile, delimiter=',', quotechar='"', quoting=csv.QUOTE_MINIMAL) resp = cgx_session.get.elements() if resp.cgx_status: element_list = resp.cgx_content.get( "items", None) #EVENT_LIST contains an list of all returned events for element in element_list: counter += 1 csvwriter.writerow([ site_id_name_mapping[element['site_id']], element['name'], element['software_version'], element['model_name'] ]) else: logout() print( "ERROR: API Call failure when enumerating SITES in tenant! Exiting!" ) sys.exit((jd(resp))) print("Wrote to CSV File:", csvfilename, " - ", counter, 'rows')
def listALG(cgx, args, sites): """ list the alg objects for all IONs """ for element in cgx.get.elements().cgx_content["items"]: # check if element is a spoke if element["site_id"] in sites: log.info("Listin ALG for {element} at {site}".format( element=element["name"], site=sites[element["site_id"]])) for extension in cgx.get.element_extensions( element["site_id"], element["id"]).cgx_content["items"]: if extension["namespace"] == "algconfig": jd(extension)
def match_app(sdk, search_app): if not sdk.tenant_id: sys.exit("Error SDK not authenticated") search_ratio = 0 resp = sdk.get.appdefs() if resp.cgx_status: app_list = resp.cgx_content.get("items", None) for app in app_list: check_ratio = fuzz.ratio(search_app.lower(), app['display_name'].lower()) if (check_ratio > search_ratio): ###Find the "best" matching site name search_ratio = check_ratio app_dict = app else: logout() print( "ERROR: API Call failure when enumerating SITES in tenant! Exiting!" ) sys.exit((jd(resp))) print("Found APP ") print(" APP Name: ", app_dict['display_name']) print(" APP ID: ", app_dict['id']) print(" Description: ", app_dict["description"]) return app_dict
def go(sdk, CLIARGS): ####CODE GOES BELOW HERE######### resp = sdk.get.tenants() if resp.cgx_status: tenant_name = resp.cgx_content.get("name", None) print("======== TENANT NAME",tenant_name,"========") else: logout() print("ERROR: API Call failure when enumerating TENANT Name! Exiting!") print(resp.cgx_status) sys.exit((vars(resp))) site_count = 0 resp = sdk.get.sites() if resp.cgx_status: site_list = resp.cgx_content.get("items", None) #EVENT_LIST contains an list of all returned events for site in site_list: #Loop through each EVENT in the EVENT_LIST site_count += 1 print("site ","{:03d}".format(site_count)," ID:", site['id']) print(" ","{:03d}".format(site_count)," NAME:", site['name']) print("") else: logout() print("ERROR: API Call failure when enumerating SITES in tenant! Exiting!") sys.exit((jd(resp)))
def match_site(sdk, search_site): if not sdk.tenant_id: sys.exit("Error SDK not authenticated") search_ratio = 0 resp = sdk.get.sites() if resp.cgx_status: site_list = resp.cgx_content.get( "items", None) #site_list contains an list of all returned sites for site in site_list: #Loop through each site in the site_list check_ratio = fuzz.ratio(search_site.lower(), site['name'].lower()) if (check_ratio > search_ratio): ###Find the "best" matching site name search_ratio = check_ratio site_dict = site else: logout() print( "ERROR: API Call failure when enumerating SITES in tenant! Exiting!" ) sys.exit((jd(resp))) print("Found SITE ") print(" Site Name: ", site_dict['name']) print(" Site ID: ", site_dict['id']) print(" Description: ", site_dict["description"]) return site_dict
def match_site(): print_array = [] global CLIARGS, global_vars search_site = CLIARGS['site_name'] search_ratio = 0 resp = cgx_session.get.sites() if resp.cgx_status: tenant_name = resp.cgx_content.get("name", None) print("TENANT NAME:", tenant_name) site_list = resp.cgx_content.get( "items", None) #EVENT_LIST contains an list of all returned events for site in site_list: #Loop through each EVENT in the EVENT_LIST check_ratio = fuzz.ratio(search_site.lower(), site['name'].lower()) if (check_ratio > search_ratio): site_id = site['id'] site_name = site['name'] search_ratio = check_ratio site_dict = site else: logout() print( "ERROR: API Call failure when enumerating SITES in tenant! Exiting!" ) sys.exit((jd(resp))) print("Found SITE ") print(" Site Name: ", site_dict['name']) print(" Site ID: ", site_dict['id']) print(" Description: ", site_dict["description"]) global_vars['site_id'] = site_id global_vars['site_name'] = site_name global_vars['site_dict'] = site_dict
def do_acl(sdk, new_ipv4_list): """ Download, update ACL. :param sdk: Authenticated CloudGenix SDK :param new_ipv4_list: new ipv4 list to use. :return: Boolean status, old_ipv4_list """ tenant_template = pull_acl(sdk, whole_resp=True) old_ipv4_list = tenant_template.get('ipv4_list', []) # update template tenant_template['ipv4_list'] = new_ipv4_list # send the update resp = sdk.patch.tenants(tenant_template) cloudgenix.jd(tenant_template) if not resp.cgx_status: sdk.throw_error("Failed to PATCH tenant ACL", resp) return old_ipv4_list
def go(): global exclude_hub_sites bfdmode = CLIARGS['bfd_mode'] match_text = CLIARGS['matchtext'] change_lqm = CLIARGS['lqm'] change_bwm = CLIARGS['bwm'] ####CODE GOES BELOW HERE######### resp = cgx_session.get.tenants() if resp.cgx_status: tenant_name = resp.cgx_content.get("name", None) print("======== TENANT NAME",tenant_name,"========") else: logout() print("ERROR: API Call failure when enumerating TENANT Name! Exiting!") print(resp.cgx_status) sys.exit((vars(resp))) site_count = 0 matched_wan_labels = {} ##Generate WAN Interface Labels: wan_label_dict = {} wan_label_resp = cgx_session.get.waninterfacelabels() if wan_label_resp: wan_labels = wan_label_resp.cgx_content.get("items", None) for label in wan_labels: wan_label_dict[label['id']] = {} wan_label_dict[label['id']]["name"] = label['name'] wan_label_dict[label['id']]["label"] = label['label'] wan_label_dict[label['id']]["description"] = label['description'] resp = cgx_session.get.sites() if resp.cgx_status: site_list = resp.cgx_content.get("items", None) #EVENT_LIST contains an list of all returned events for site in site_list: #Loop through each EVENT in the EVENT_LIST site_count += 1 if (exclude_hub_sites and site['element_cluster_role'] != "HUB"): wan_int_resp = cgx_session.get.waninterfaces(site['id']) if wan_int_resp: wan_interfaces = wan_int_resp.cgx_content.get("items", None) for interface in wan_interfaces: if (match_on == "CIRCUIT_NAME"): if string_match(interface['name'],match_text): matched_wan_labels[interface['id']] = {} matched_wan_labels[interface['id']]['site_id'] = site['id'] matched_wan_labels[interface['id']]['data'] = interface print("Found Circuit Match at SITE:", site['name']) print(" Circuit Name :",interface['name']) print(" Circuit Category :",wan_label_dict[interface['label_id']]['name']) print(" Circuit Label :",wan_label_dict[interface['label_id']]['label']) print(" Circuit Description :",wan_label_dict[interface['label_id']]['description']) print(" Circuit BFD MODE :",interface['bfd_mode']) print(" Circuit LQM Enabled :",interface['lqm_enabled']) print(" Circuit BWM MODE :",interface['bw_config_mode']) print("") addended_prompt = "" if (change_lqm != "nochange"): addended_prompt += ", change LQM," if (change_bwm != "nochange"): addended_prompt += ", change BWM," if(verify_change("This will change all circuits found above to a BFD Mode of " + str(bfdmode) + addended_prompt +" are you sure")): print("Changing Sites:") print("") for waninterface in matched_wan_labels: print("Site ID:", matched_wan_labels[waninterface]['site_id'], "Current BFD Mode", matched_wan_labels[waninterface]['data']['bfd_mode'],"changing to",bfdmode) matched_wan_labels[waninterface]['data']['bfd_mode'] = str(bfdmode) site_id = matched_wan_labels[waninterface]['site_id'] waninterface_id = waninterface put_data = matched_wan_labels[waninterface]['data'] if (change_lqm == "on"): print(" Current LQM Mode", matched_wan_labels[waninterface]['data']['lqm_enabled'],"changing to",change_lqm) put_data['lqm_enabled'] = "true" if (change_lqm == "off"): print(" Current LQM Mode", matched_wan_labels[waninterface]['data']['lqm_enabled'],"changing to",change_lqm) put_data['lqm_enabled'] = "false" current_bwm_state = "unknown" if (matched_wan_labels[waninterface]['data']['bw_config_mode'] == "manual_bwm_disabled"): current_bwm_state = "Off" elif (matched_wan_labels[waninterface]['data']['bw_config_mode'] == "manual"): current_bwm_state = "On" if (change_bwm == "on"): if (current_bwm_state == "unknown"): print(" Ignoring BWM Mode change due to unknown state: ", matched_wan_labels[waninterface]['data']['bw_config_mode']) else: print(" Current BWM Mode", matched_wan_labels[waninterface]['data']['bw_config_mode'],"changing to",change_bwm) put_data['bw_config_mode'] = "manual" if (change_bwm == "off" and current_bwm_state != "unknown"): if (current_bwm_state == "unknown"): print(" Ignoring BWM Mode change due to unknown state: ", matched_wan_labels[waninterface]['data']['bw_config_mode']) else: print(" Current BWM Mode", matched_wan_labels[waninterface]['data']['bw_config_mode'],"changing to",change_bwm) put_data['bw_config_mode'] = "manual_bwm_disabled" change_wan_bfd_resp = cgx_session.put.waninterfaces(site_id, waninterface_id, put_data) if (change_wan_bfd_resp): print(" Success, BFD Mode now", bfdmode) else: print(" Failed to make change") print("") else: print("CHANGES ABORTED!") else: logout() print("ERROR: API Call failure when enumerating SITES in tenant! Exiting!") sys.exit((jd(resp)))
def go(): global exclude_hub_sites cost = CLIARGS['cost'] match_text = CLIARGS['matchtext'] ####CODE GOES BELOW HERE######### resp = cgx_session.get.tenants() if resp.cgx_status: tenant_name = resp.cgx_content.get("name", None) print("======== TENANT NAME", tenant_name, "========") else: logout() print("ERROR: API Call failure when enumerating TENANT Name! Exiting!") print(resp.cgx_status) sys.exit((vars(resp))) site_count = 0 matched_wan_labels = {} ##Generate WAN Interface Labels: wan_label_dict = {} wan_label_resp = cgx_session.get.waninterfacelabels() if wan_label_resp: wan_labels = wan_label_resp.cgx_content.get("items", None) for label in wan_labels: wan_label_dict[label['id']] = {} wan_label_dict[label['id']]["name"] = label['name'] wan_label_dict[label['id']]["label"] = label['label'] wan_label_dict[label['id']]["description"] = label['description'] resp = cgx_session.get.sites() if resp.cgx_status: site_list = resp.cgx_content.get( "items", None) #EVENT_LIST contains an list of all returned events for site in site_list: #Loop through each EVENT in the EVENT_LIST site_count += 1 if (exclude_hub_sites and site['element_cluster_role'] != "HUB"): wan_int_resp = cgx_session.get.waninterfaces(site['id']) if wan_int_resp: wan_interfaces = wan_int_resp.cgx_content.get( "items", None) for interface in wan_interfaces: if (match_on == "CIRCUIT_NAME"): if string_match(interface['name'], match_text): matched_wan_labels[interface['id']] = {} matched_wan_labels[ interface['id']]['site_id'] = site['id'] matched_wan_labels[ interface['id']]['data'] = interface print("Found Circuit Match at SITE:", site['name']) print(" Circuit Name :", interface['name']) print( " Circuit Category :", wan_label_dict[ interface['label_id']]['name']) print( " Circuit Label :", wan_label_dict[ interface['label_id']]['label']) print( " Circuit Description :", wan_label_dict[ interface['label_id']]['description']) print(" Circuit COST :", interface['cost']) print("") if (verify_change( "This will change all circuits found above to a cost of " + str(cost) + ", are you sure")): print("Changing Sites:") print("") for waninterface in matched_wan_labels: print("Site ID:", matched_wan_labels[waninterface]['site_id'], "Current COST", matched_wan_labels[waninterface]['data']['cost'], "changing to", cost) matched_wan_labels[waninterface]['data']['cost'] = cost site_id = matched_wan_labels[waninterface]['site_id'] waninterface_id = waninterface put_data = matched_wan_labels[waninterface]['data'] change_wan_cost_resp = cgx_session.put.waninterfaces( site_id, waninterface_id, put_data) if (change_wan_cost_resp): print(" Success, cost now", cost) else: print(" Failed to make change") print("") else: print("CHANGES ABORTED!") else: logout() print( "ERROR: API Call failure when enumerating SITES in tenant! Exiting!" ) sys.exit((jd(resp)))
import sys if __name__ == "__main__": sdk, args = cgxinit.go() # read lines from file prefixes = [prefix.strip() for prefix in args["list"].readlines()] # find the prefix prefix = None natprefixes = sdk.get.natglobalprefixes().cgx_content["items"] for natprefix in natprefixes: if natprefix['name'] == args['prefix']: prefix = natprefix if not prefix: print("Prefix wasn't found") sys.exit() # add to the existing ipv4 list prefix['ipv4_prefixes'].extend(prefixes) # make sure all the entries are unique prefix['ipv4_prefixes'] = list(set(prefix['ipv4_prefixes'])) resp = sdk.put.natglobalprefixes(prefix['id'], prefix) if not resp: print("Error. Couldn't update the global prefix list") jd(resp) else: print("Prefix updated succesfully")
if not s_interface: log.error( f"Couln't find source interface {args['s_interface']} of element {args['s_element']}" ) sys.exit(-1) s_interfaceid = s_interface["id"] # get existing device access policy for the source interface s_ext = getDeviceManagementExtensionByInterface(cgx, s_siteid, s_eid, s_interfaceid) if not s_ext: log.error("Source interface has no configurations") sys.exit(-1) if args["list"]: jd(s_ext) elif args["t_element"] and args["t_interface"]: # update a single target pasteDeviceManagementAccessToInterface(cgx, s_ext, args["t_element"], args["t_interface"]) elif args["interface_file"]: # read targets from file with open(args["interface_file"]) as f: interfaces = csv.reader(f) for interface in interfaces: # check if there are two and only two items in each line if len(interface) != 2: log.error( f"Invalid line. Should have 'element name,interfacename' but got {','.join(interface)}" ) sys.exit(-1)
# extract element ID element_id = logentry["request_uri"].split("/")[6] # the element might have been already unclaimed, so we dont' care if element_id in elements: # extract element information element_name= elements[element_id]["name"] element_site_id= elements[element_id]["site_id"] if element_site_id in ['1','0']: element_site = "NO SITE BOUND" else: element_site= sites[element_site_id]["name"] # get software image name image_id = json.loads(logentry["request_body"])["image_id"] if not image_id: jd(logentry) image_name=images[image_id] #extract time timestamp=time.strftime("%Y-%m-%d %H:%M:%S",time.gmtime(logentry["request_ts"]/1000)) #extract operator name if logentry["operator_id"] in operators: op_name=operators[logentry["operator_id"]] else: op_name = "OP no longer valid" print(f"{timestamp},{element_site},{element_name},{image_name},{op_name}") # check if we are at the end of the list if logs.cgx_content["count"] < 100: break page += 1
def go(): name_to_id = cloudgenix_idname.generate_id_name_map(cgx_session) ####CODE GOES BELOW HERE######### resp = cgx_session.get.tenants() if resp.cgx_status: tenant_name = resp.cgx_content.get("name", None) print("======== TENANT NAME", tenant_name, "========") else: logout() print("ERROR: API Call failure when enumerating TENANT Name! Exiting!") print(resp.cgx_status) sys.exit((vars(resp))) csvfilename = CLIARGS['csvfile'] counter = 0 with open(csvfilename, 'w', newline='') as csvfile: csvwriter = csv.writer(csvfile, delimiter=',', quotechar='"', quoting=csv.QUOTE_MINIMAL) resp = cgx_session.get.elements() if resp.cgx_status: element_list = resp.cgx_content.get("items", None) csvwriter.writerow([ "ION-Name", "ION-Interface", "Rule-Name", "Rule-Status", "Rule-Prefix", "Rule-App", "Rule-Action" ]) for element in element_list: result = cgx_session.get.element_extensions( element['site_id'], element['id']) if result.cgx_status: extension_list = result.cgx_content.get("items", None) for extension in extension_list: if ("namespace" in extension.keys() and extension['namespace'] == "devicemanagement/interface"): rule_device = name_to_id[element['id']] rule_interface = name_to_id[extension['entity_id']] rule_name = extension['name'] if (extension['disabled'] == False): rule_status = "Enabled" else: rule_status = "Disabled" for rule in extension['conf']['rules']: rule_prefix = rule['prefix'] rule_app = rule['app'] rule_action = rule['action'] counter += 1 csvwriter.writerow([ rule_device, rule_interface, rule_name, rule_status, rule_prefix, rule_app, rule_action ]) else: logout() print( "ERROR: API Call failure when enumerating SITES in tenant! Exiting!" ) sys.exit((jd(resp))) print("Wrote to CSV File:", csvfilename, " - ", counter, 'rows')
def go(): global CLIARGS, global_vars site_id = global_vars['site_id'] ####CODE GOES BELOW HERE######### resp = cgx_session.get.tenants() if resp.cgx_status: tenant_name = resp.cgx_content.get("name", None) else: logout() print("ERROR: API Call failure when enumerating TENANT Name! Exiting!") print(resp.cgx_status) sys.exit((vars(resp))) change_elem_array = [] element_count = 0 resp = cgx_session.get.elements() if resp.cgx_status: element_change_list = {} element_list = resp.cgx_content.get( "items", None) #EVENT_LIST contains an list of all returned events for element in element_list: #Loop through each EVENT in the EVENT_LIST if (element['site_id'] == site_id): element_count += 1 print("Found ION to add static route to: ", element['name']) change_elem_array.append(element) else: logout() print( "ERROR: API Call failure when enumerating SITES in tenant! Exiting!" ) sys.exit((jd(resp))) #get ip prefix ip_valid = False ip_prefix_str = CLIARGS['prefix'] while (ip_valid == False): try: ip_prefix = ipaddress.ip_network(ip_prefix_str, strict=False) ip_valid = True except: if (ip_prefix_str != ""): print("") print("Invalid IP Prefix Detected...") ip_valid = False ip_prefix_str = str( input("Please enter the DEST PREFIX (x.x.x.x/z): ")) #get ip address/next-hop ip_valid = False ip_next_hop_str = CLIARGS['next_hop'] while (ip_valid == False): try: ip_next_hop = ipaddress.ip_address(ip_next_hop_str) ip_valid = True except: if (ip_next_hop_str != ""): print("") print("Invalid IP Next-HOP Detected...") ip_valid = False ip_next_hop_str = str( input("Please enter the NEXTHOP IP (x.x.x.x): ")) #get METRIC ip_valid = False ip_metric_str = CLIARGS['admin_distance'] while (ip_valid == False): try: ip_metric = str(int(ip_metric_str)) ip_valid = True except: print("Invalid IP Admin Distance Detected...") ip_valid = False ip_metric_str = str( input("Please enter the ADMIN Distance (Default 1): ")) #post to site_id and elements in site json_request = '{"description":null,"tags":null,"destination_prefix":"' + str( ip_prefix) + '","nexthops":[{"nexthop_ip":"' + str( ip_next_hop ) + '","nexthop_interface_id":null,"admin_distance":"' + str( ip_metric ) + '","self":false}],"scope":"global","network_context_id":null}' for element in change_elem_array: user_input = "" while (user_input != "y" and user_input != "n"): user_input = str( input("Would you like to add the static route to " + str(element['name'] + " ?(y/n) "))) if (user_input == "y"): result = cgx_session.post.staticroutes(site_id, element['id'], json_request) if result.cgx_status: print("Route added Successfully") else: print( "ERROR: API Call failure when enumerating TENANT Name! Exiting!" ) print(result.cgx_status)