def validate_apptrack_syslog(device=None,
negate=False,
message=None,
file="/var/log/messages",
**kwargs):
"""
To validate Apptrack Syslog messages
Example:
validate_apptrack_syslog(device=device_handle, message="CREATE", file="/tmp/abc.txt",
source_address="2001:1000:1111:2222:3333:4444:5555:6666", source_port="33606",
destination_address="2002:1000:1111:2222:3333:4444:5555:6666",
service_name="junos-http", application="HTTP", protocol_id="6", policy_name="1",
source_zone="untrust", destination_zone="trust", session_id="13071", encrypted="No")
ROBOT Example:
Validate Apptrack Syslog device=${device_handle} message=CREATE file=/tmp/abc.txt
source_address=2001:1000:1111:2222:3333:4444:5555:6666 source_port=33606
destination_address=2002:1000:1111:2222:3333:4444:5555:6666
service_name=junos-http application=HTTP protocol_id=6 policy_name=1
source_zone=untrust destination_zone=trust session_id=13071 encrypted=No
:param Device device:
**REQUIRED** Device handle of the syslog server.
:param bool negate:
*OPTIONAL* Argument to validate absence of a particular "message"
:param str message:
**REQUIRED** Apptrack log message which is expected
``Supported values``: "CREATE"
"VOL_UPDATE"
"CLOSE"
"ROUTE_UPDATE"
"APBR_ZONE_CHANGE"
:param str file:
*OPTIONAL* Syslog logging filename. Default is "/var/log/messages"
:param str source_address:
*OPTIONAL* Source IP address (Both IPv4 and IPv6 formats are supported)
:param str destination_address
*OPTIONAL* Destination IP address
:param str source_port:
*OPTIONAL* Source Port
:param str destination_port:
*OPTIONAL* Destination Port
:param str nat_source_address:
*OPTIONAL* Source NAT'ed IP address
:param str nat_destination_address:
*OPTIONAL* Destination NAT'ed IP address
:param str nat_source_port
*OPTIONAL* Source NAT'ed port
:param str nat_destination_port:
*OPTIONAL* Destination NAT'ed port
:param str service_name:
*OPTIONAL* Service name
:param str application:
` *OPTIONAL* Application name
:param str nested_application:
*OPTIONAL* Nested Application name
:param str src_nat_rule_name:
*OPTIONAL* Source NAT Rule name
:param str dst_nat_rule_name:
*OPTIONAL* Destination NAT Rule name
:param str protocol_id:
*OPTIONAL* Protocol ID
:param str policy_name:
*OPTIONAL* Policy name
:param str source_zone:
*OPTIONAL* Source/From zone
:param str destination_zone:
*OPTIONAL* Destination/To zone
:param str session_id:
*OPTIONAL* Session ID
:param str packets_from_client:
*OPTIONAL* No. of packets from client
:param str bytes_from_client:
*OPTIONAL* Bytes from Client
:param str packets_from_server:
*OPTIONAL* Packets from server
:param str bytes_from_server:
*OPTIONAL* bytes from server
:param str elapsed_time:
*OPTIONAL* Elapsed time
:param str username:
*OPTIONAL* Username
:param str roles:
*OPTIONAL* Roles
:param str encrypted:
*OPTIONAL* Encryption is there or not.
`Supported values``: "Yes"
"No"
:param str syslog_src_ip:
*OPTIONAL* IP address from where Syslog is generated.
:param str profile_name:
*OPTIONAL* Profile Name
:param str rule_name:
*OPTIONAL Rule Name
:param str action:
*OPTIONAL* Action taken
:param bool lsys:
*OPTIONAL* Pass True if LSYS mode is there. By default, it is False.
:param str category:
*OPTIONAL* Category in APPID
:param str subcategory:
*OPTIONAL* Sub Category in APPID
:param str destination_interface:
*OPTIONAL* Destination Interface
:param str routing_instance:
*OPTIONAL* Name of Routing Instance
:param str syslog_mode:
*OPTIONAL* Syslog mode in which logs are expected. Default is "event"
``Supported values``: "event" & "structured"
:param int count:
*OPTIONAL* No. of times the log is expected. If not given, it looks for 1 or more.
:param str reason:
*OPTIONAL* Reason mentioned in the syslog
:return: Boolean (True or False)
:rtype: bool
:param uplink_interface:
*OPTIONAL* Uplink interface name in close log
:param uplink_tx_bytes:
*OPTIONAL* Uplink Tx bytes in close log
:param uplink_rx_bytes:
*OPTIONAL* Uplink Rx bytes in close log
:param apbr_policy_name:
*OPTIONAL* sla policy name in close and route update log
:param wf_category:
*OPTIONAL* web filtering category in route update log
"""
if device is None:
raise ValueError("'device' is a mandatory argument")
if message is None:
device.log(level="ERROR", message="'message' is a mandatory argument")
raise ValueError("'message' is a mandatory argument")
source_address = kwargs.get('source_address', ".*")
destination_address = kwargs.get('destination_address', ".*")
source_port = kwargs.get('source_port', "[0-9]*")
destination_port = kwargs.get('destination_port', "[0-9]*")
nat_source_address = kwargs.get('nat_source_address', ".*")
nat_destination_address = kwargs.get('nat_destination_address', ".*")
nat_source_port = kwargs.get('nat_source_port', "[0-9]*")
nat_destination_port = kwargs.get('nat_destination_port', "[0-9]*")
service_name = kwargs.get('service_name', ".*")
application = kwargs.get('application', ".*")
nested_application = kwargs.get('nested_application', ".*")
src_nat_rule_name = kwargs.get('src_nat_rule_name', ".*")
dst_nat_rule_name = kwargs.get('dst_nat_rule_name', ".*")
protocol_id = kwargs.get('protocol_id', ".*")
policy_name = kwargs.get('policy_name', ".*")
source_zone = kwargs.get('source_zone', "untrust")
destination_zone = kwargs.get('destination_zone', "trust")
session_id = kwargs.get('session_id', "[0-9]*")
packets_from_client = kwargs.get('packets_from_client', "[0-9]*")
bytes_from_client = kwargs.get('bytes_from_client', "[0-9]*")
packets_from_server = kwargs.get('packets_from_server', "[0-9]*")
bytes_from_server = kwargs.get('bytes_from_server', "[0-9]*")
elapsed_time = kwargs.get('elapsed_time', "[0-9]*")
username = kwargs.get('username', ".*")
roles = kwargs.get('roles', ".*")
encrypted = kwargs.get('encrypted', ".*")
syslog_src_ip = kwargs.get('syslog_src_ip', None)
syslog_mode = kwargs.get('syslog_mode', "event")
count = kwargs.get('count', None)
reason = kwargs.get('reason', ".*")
destination_interface = kwargs.get('destination_interface', ".*")
category = kwargs.get('category', ".*")
subcategory = kwargs.get('subcategory', ".*")
lsys = kwargs.get('lsys', False)
action = kwargs.get('action', ".*")
profile_name = kwargs.get('profile_name', ".*")
rule_name = kwargs.get('rule_name', ".*")
routing_instance = kwargs.get('routing_instance', ".*")
uplink_interface = kwargs.get('uplink_interface', ".*")
uplink_tx_bytes = kwargs.get('uplink_tx_bytes', ".*")
uplink_rx_bytes = kwargs.get('uplink_rx_bytes', ".*")
apbr_policy_name = kwargs.get('apbr_policy_name', "N/A")
wf_category = kwargs.get('wf_category', "N/A")
bypass = kwargs.get('bypass', "N/A")
src_vrf_grp = kwargs.get('src_vrf_grp', "N/A")
dst_vrf_grp = kwargs.get('dst_vrf_grp', "N/A")
dscp_value = kwargs.get('dscp_value', ".*")
apbr_rule_type = kwargs.get('apbr_rule_type', ".*")
multipath_rule_name = kwargs.get('multipath_rule_name', ".*")
# Convert IPv6 compressed format
if source_address != ".*":
source_address = normalize_ipv6(source_address, compress_zero=True)
if destination_address != ".*":
destination_address = normalize_ipv6(destination_address,
compress_zero=True)
if nat_source_address != ".*":
nat_source_address = normalize_ipv6(nat_source_address,
compress_zero=True)
if nat_destination_address != ".*":
nat_destination_address = normalize_ipv6(nat_destination_address,
compress_zero=True)
if message != "APBR_ZONE_MISMATCH":
message = "APPTRACK_SESSION_" + message
if lsys is True and syslog_mode == "event":
message = message + "_LS" + ":\\s*" + ".*"
elif lsys is True and syslog_mode == "structured":
message = message + "_LS" + "\\s*" + ".*"
else:
message = message
resource_list = t.get_junos_resources()
dut_name = ''
for resource in resource_list:
if t['resources'][resource]['system']['primary'].get(
'uv-syslog-host', 'False') != 'False':
dut_name = resource
break
dut_handle = t.get_handle(resource=dut_name)
version = dut_handle.get_version()
if service_name == 'junos-https':
if application == 'HTTPS' and float(19.4) <= float(
version[:4]) or float(18.2) > float(version[:4]):
application = application.replace('HTTPS', 'HTTP')
else:
if application == 'HTTP' and float(18.2) <= float(
version[:4]) <= float(19.3):
application = application.replace('HTTP', 'HTTPS')
# Building pattern for Event Mode
if syslog_mode == "event":
message_suffix = ""
if "CLOSE" in message:
message_suffix = "AppTrack session closed"
elif "CREATE" in message:
message_suffix = "AppTrack session created"
elif "VOL_UPDATE" in message:
message_suffix = "AppTrack volume update"
elif "ROUTE_UPDATE" in message:
message_suffix = "AppTrack route update"
elif "APBR_ZONE_MISMATCH" in message:
message_suffix = "APBR zone mismatch"
else:
device.log(level="INFO", message="INVALID message value")
raise Exception("INVALID message value")
message_suffix = message_suffix + "\\s*" + reason
if "CREATE" not in message:
message_suffix = message_suffix + ":"
pattern = ".*" + message + ":\\s*" + message_suffix + "\\s*" + source_address + "/" + \
source_port + "->" + destination_address + "/" + destination_port + "\\s*" + service_name \
+ "\\s*" + application + "\\s*" + nested_application + "\\s*" + nat_source_address + \
"/" + nat_source_port + "->" + nat_destination_address + "/" + nat_destination_port + \
"\\s*" + src_nat_rule_name + "\\s*" + dst_nat_rule_name + "\\s*" + protocol_id + "\\s*" + \
policy_name + "\\s*" + source_zone + "\\s*" + destination_zone + "\\s*" + session_id + \
"\\s*"
if "VOL_UPDATE" in message or "CLOSE" in message:
pattern = pattern + packets_from_client + "(" + bytes_from_client + ")" + "\\s*" + \
packets_from_server + "(" + bytes_from_server + ")" + "\\s*" + elapsed_time + "\\s*"
pattern = pattern + username + "\\s*" + roles + "\\s*" + encrypted
if "ROUTE_UPDATE" in message or "ZONE_CHANGE" in message or "CLOSE" in message:
pattern = pattern + "\\s+" + profile_name + "\\s+" + rule_name + "\\s+" \
+ routing_instance
if 'destination_interface' in kwargs:
if "CLOSE" in message and 'uplink_interface' in kwargs:
pattern = pattern + "\\s+" + destination_interface + "\\s+" + uplink_interface + "\\s+" + uplink_tx_bytes + "\\s" + uplink_rx_bytes + "\\s*"
else:
pattern = pattern + "\\s+" + destination_interface + "\\s.*"
if "APBR_ZONE_MISMATCH" in message:
pattern = pattern + "\\s+" + action
if 'category' in kwargs or 'subcategory' in kwargs:
pattern = pattern + category + "\\s+" + subcategory
if "ROUTE_UPDATE" in message or "CLOSE" in message:
if 'apbr_policy_name' in kwargs or 'wf_category' in kwargs or 'bypass' in kwargs:
pattern = pattern + "\\s+" + apbr_policy_name
if ("ROUTE_UPDATE" in message and 'wf_category' in kwargs and
'bypass' in kwargs) or ("ROUTE_UPDATE" in message
and 'wf_category' not in kwargs
and 'bypass' in kwargs):
pattern = pattern + "\\s+" + wf_category + "\\s+" + bypass
elif "ROUTE_UPDATE" in message and 'wf_category' in kwargs and 'bypass' not in kwargs:
pattern = pattern + "\\s+" + wf_category
# Building pattern for Structured Mode
elif syslog_mode == "structured":
pattern = ".*" + message + "\\s*\\[.*"
if 'reason' in kwargs:
pattern = pattern + "reason=\"" + reason + "\""
pattern = pattern + "\\s*" + "source-address=\"" + source_address + "\"\\s*source-port=\"" \
+ source_port + "\"\\s*destination-address=\"" + destination_address + "\"\\s*" + \
"destination-port=\"" + destination_port + "\"\\s*service-name=\"" + service_name + \
"\"\\s*application=\"" + application + "\"\\s*nested-application=\"" + nested_application \
+ "\"\\s*nat-source-address=\"" + nat_source_address + "\"\\s*nat-source-port=\"" + \
nat_source_port + "\"\\s*nat-destination-address=\"" + nat_destination_address + "\"\\s*" \
+ "nat-destination-port=\"" + nat_destination_port + "\"\\s*src-nat-rule-name=\"" + \
src_nat_rule_name + "\"\\s*dst-nat-rule-name=\"" + dst_nat_rule_name + "\"\\s*protocol-id" \
+ "=\"" + protocol_id + "\"\\s*policy-name=\"" + policy_name + "\"\\s*source-zone-name=\"" \
+ source_zone + "\"\\s*destination-zone-name=\"" + destination_zone + "\"\\s*session-id-32" \
+ "=\"" + session_id + "\"\\s*"
if "VOL_UPDATE" in message or "CLOSE" in message:
pattern = pattern + "packets-from-client=\"" + packets_from_client + "\"\\s*" + \
"bytes-from-client=\"" + bytes_from_client + "\"\\s*packets-from-server=\"" + \
packets_from_server + "\"\\s*bytes-from-server=\"" + bytes_from_server + "\"\\s*" + \
"elapsed-time=\"" + elapsed_time + "\"\\s*"
pattern = pattern + "username=\"" + username + "\"\\s*roles=\"" + roles + "\"\\s*" + \
"encrypted=\"" + encrypted + "\""
if "ROUTE_UPDATE" in message or "APBR_ZONE_MISMATCH" in message or "CLOSE" in message:
pattern = pattern + "\\s*profile-name=\"" + profile_name + "\"\\s*rule-name=\"" + \
rule_name + "\"\\s*routing-instance=\"" + routing_instance + "\""
if 'destination_interface' in kwargs:
if "CLOSE" in message and 'uplink_interface' in kwargs:
pattern = pattern + "\\s*destination-interface-name=\"" + destination_interface + "\"\\s*uplink-incoming-interface-name=\"" + uplink_interface + "\"\\s*uplink-tx-bytes=\"" + uplink_tx_bytes + "\"\\s*uplink-rx-bytes=\"" + uplink_rx_bytes + "\\s*"
else:
pattern = pattern + "\\s*destination-interface-name=\"" + destination_interface + "\".*"
if "APBR_ZONE_MISMATCH" in message:
pattern = pattern + "\\s*action=\"" + action + "\""
if 'category' in kwargs or 'subcategory' in kwargs:
if float(version[:4]) >= 18.2:
subcategory_field = "sub-category"
else:
subcategory_field = "subcategory"
pattern = pattern + "category=\"" + category + "\"\\s*" + subcategory_field + "=\"" + subcategory + "\""
if "ROUTE_UPDATE" in message or "CLOSE" in message:
if 'apbr_policy_name' in kwargs or 'wf_category' in kwargs or 'bypass' in kwargs:
pattern = pattern + "\\s*apbr-policy-name=\"" + apbr_policy_name + "\""
if ("ROUTE_UPDATE" in message and 'wf_category' in kwargs and
'bypass' in kwargs) or ("ROUTE_UPDATE" in message
and 'wf_category' not in kwargs
and 'bypass' in kwargs):
pattern = pattern + "\\s*webfilter-category=\"" + wf_category + "\"" + "\\s*bypass-status=\"" + bypass + "\""
elif "ROUTE_UPDATE" in message and 'wf_category' in kwargs and 'bypass' not in kwargs:
pattern = pattern + "\\s*webfilter-category=\"" + wf_category + "\""
if "CLOSE" in message:
if 'multipath_rule_name' in kwargs:
pattern = pattern + "\\s*multipath-rule-name=\"" + multipath_rule_name + "\""
if 'dscp_value' in kwargs and 'apbr_rule_type' in kwargs:
pattern = pattern + "\\s*src-vrf-grp=\"" + src_vrf_grp + "\"\\s*dst-vrf-grp=\"" + dst_vrf_grp + "\"\\s*dscp-value=\"" + dscp_value + "\"\\s*apbr-rule-type=\"" + apbr_rule_type + "\""
# Invalid Mode Branch
else:
device.log(level="ERROR", message="INVALID syslog mode")
raise Exception("INVALID syslog mode")
return check_syslog(device=device,
pattern=pattern,
file=file,
syslog_src_ip=syslog_src_ip,
negate=negate,
count=count,
case_insensitive=True)
def test_normalize_ipv6_none_mask(self):
self.assertEqual(iputils.normalize_ipv6('2000::2', compress_zero=True),
'2000:0:0:0:0:0:0:2')
def test_normalize_ipv6_none_mask(self):
self.assertEqual(iputils.normalize_ipv6('2000::2'),
'2000:0000:0000:0000:0000:0000:0000:0002')
def test_normalize_ipv6(self):
self.assertEqual(iputils.normalize_ipv6('2000::2/64'),
'2000:0000:0000:0000:0000:0000:0000:0002/64')
def validate_appqoe_apptrack_syslog(device=None, negate=False, message=None, file="/var/log/messages", **kwargs):
"""
To validate AppQoE Apptrack Syslog messages
Example:
validate_appqoe_apptrack_syslog(device=device_handle, message="CREATE", file="/tmp/abc.txt",
source_address="2001:1000:1111:2222:3333:4444:5555:6666", source_port="33606",
destination_address="2002:1000:1111:2222:3333:4444:5555:6666",
service_name="junos-http", application="HTTP", protocol_id="6", policy_name="1",
source_zone="untrust1", destination_zone="trust", session_id="13071", encrypted="No")
ROBOT Example:
Validate AppQoE Apptrack Syslog device=${device_handle} message=CREATE file=/tmp/abc.txt
source_address=2001:1000:1111:2222:3333:4444:5555:6666 source_port=33606
destination_address=2002:1000:1111:2222:3333:4444:5555:6666
service_name=junos-http application=HTTP protocol_id=6 policy_name=1
source_zone=untrust1 destination_zone=trust session_id=13071 encrypted=No
:param Device device:
**REQUIRED** Device handle of the syslog server.
:param bool negate:
*OPTIONAL* Argument to validate absence of a particular "message"
:param str message:
**REQUIRED** Apptrack log message which is expected
``Supported values``: "CREATE"
"VOL_UPDATE"
"CLOSE"
"ROUTE_UPDATE"
"APBR_ZONE_CHANGE"
:param str file:
*OPTIONAL* Syslog logging filename. Default is "/var/log/messages"
:param str source_address:
*OPTIONAL* Source IP address (Both IPv4 and IPv6 formats are supported)
:param str destination_address
*OPTIONAL* Destination IP address
:param str source_port:
*OPTIONAL* Source Port
:param str destination_port:
*OPTIONAL* Destination Port
:param str nat_source_address:
*OPTIONAL* Source NAT'ed IP address
:param str nat_destination_address:
*OPTIONAL* Destination NAT'ed IP address
:param str nat_source_port
*OPTIONAL* Source NAT'ed port
:param str nat_destination_port:
*OPTIONAL* Destination NAT'ed port
:param str service_name:
*OPTIONAL* Service name
:param str application:
` *OPTIONAL* Application name
:param str nested_application:
*OPTIONAL* Nested Application name
:param str src_nat_rule_name:
*OPTIONAL* Source NAT Rule name
:param str dst_nat_rule_name:
*OPTIONAL* Destination NAT Rule name
:param str protocol_id:
*OPTIONAL* Protocol ID
:param str policy_name:
*OPTIONAL* Policy name
:param str source_zone:
*OPTIONAL* Source/From zone
:param str destination_zone:
*OPTIONAL* Destination/To zone
:param str session_id:
*OPTIONAL* Session ID
:param str packets_from_client:
*OPTIONAL* No. of packets from client
:param str bytes_from_client:
*OPTIONAL* Bytes from Client
:param str packets_from_server:
*OPTIONAL* Packets from server
:param str bytes_from_server:
*OPTIONAL* bytes from server
:param str elapsed_time:
*OPTIONAL* Elapsed time
:param str username:
*OPTIONAL* Username
:param str roles:
*OPTIONAL* Roles
:param str encrypted:
*OPTIONAL* Encryption is there or not.
`Supported values``: "Yes"
"No"
:param str syslog_src_ip:
*OPTIONAL* IP address from where Syslog is generated.
:param str profile_name:
*OPTIONAL* Profile Name
:param str rule_name:
*OPTIONAL Rule Name
:param str action:
*OPTIONAL* Action taken
:param bool lsys:
*OPTIONAL* Pass True if LSYS mode is there. By default, it is False.
:param str category:
*OPTIONAL* Category in APPID
:param str subcategory:
*OPTIONAL* Sub Category in APPID
:param str destination_interface:
*OPTIONAL* Destination Interface
:param str routing_instance:
*OPTIONAL* Name of Routing Instance
:param str syslog_mode:
*OPTIONAL* Syslog mode in which logs are expected. Default is "event"
``Supported values``: "event" & "structured"
:param int count:
*OPTIONAL* No. of times the log is expected. If not given, it looks for 1 or more.
:param str reason:
*OPTIONAL* Reason mentioned in the syslog
:return: Boolean (True or False)
:rtype: bool
"""
if device is None:
raise ValueError("'device' is a mandatory argument")
if message is None:
device.log(level="ERROR", message="'message' is a mandatory argument")
raise ValueError("'message' is a mandatory argument")
source_address = kwargs.get('source_address', ".*")
destination_address = kwargs.get('destination_address', ".*")
source_port = kwargs.get('source_port', "[0-9]*")
destination_port = kwargs.get('destination_port', "[0-9]*")
nat_source_address = kwargs.get('nat_source_address', ".*")
nat_destination_address = kwargs.get('nat_destination_address', ".*")
nat_source_port = kwargs.get('nat_source_port', "[0-9]*")
nat_destination_port = kwargs.get('nat_destination_port', "[0-9]*")
service_name = kwargs.get('service_name', ".*")
application = kwargs.get('application', ".*")
nested_application = kwargs.get('nested_application', ".*")
src_nat_rule_name = kwargs.get('src_nat_rule_name', ".*")
dst_nat_rule_name = kwargs.get('dst_nat_rule_name', ".*")
protocol_id = kwargs.get('protocol_id', ".*")
policy_name = kwargs.get('policy_name', ".*")
source_zone = kwargs.get('source_zone', ".*")
destination_zone = kwargs.get('destination_zone', ".*")
session_id = kwargs.get('session_id', "[0-9]*")
packets_from_client = kwargs.get('packets_from_client', "[0-9]*")
bytes_from_client = kwargs.get('bytes_from_client', "[0-9]*")
packets_from_server = kwargs.get('packets_from_server', "[0-9]*")
bytes_from_server = kwargs.get('bytes_from_server', "[0-9]*")
elapsed_time = kwargs.get('elapsed_time', "[0-9]*")
username = kwargs.get('username', ".*")
roles = kwargs.get('roles', ".*")
encrypted = kwargs.get('encrypted', ".*")
syslog_src_ip = kwargs.get('syslog_src_ip', None)
syslog_mode = kwargs.get('syslog_mode', "event")
count = kwargs.get('count', None)
reason = kwargs.get('reason', ".*")
destination_interface = kwargs.get('destination_interface', ".*")
category = kwargs.get('category', ".*")
subcategory = kwargs.get('subcategory', ".*")
lsys = kwargs.get('lsys', False)
action = kwargs.get('action', ".*")
profile_name = kwargs.get('profile_name', ".*")
rule_name = kwargs.get('rule_name', ".*")
routing_instance = kwargs.get('routing_instance', ".*")
get = int(kwargs.get('get', 0))
# Convert IPv6 compressed format
if source_address != ".*":
source_address = normalize_ipv6(source_address, compress_zero=True)
if destination_address != ".*":
destination_address = normalize_ipv6(destination_address, compress_zero=True)
if nat_source_address != ".*":
nat_source_address = normalize_ipv6(nat_source_address, compress_zero=True)
if nat_destination_address != ".*":
nat_destination_address = normalize_ipv6(nat_destination_address, compress_zero=True)
if message != "APBR_ZONE_MISMATCH":
message = "APPTRACK_SESSION_" + message
if lsys is True:
message = message + "_LS"+ ":\\s*" + ".*"
# Building pattern for Event Mode
if syslog_mode == "event":
message_suffix = ""
if "CLOSE" in message:
message_suffix = "AppTrack session closed"
elif "CREATE" in message:
message_suffix = "AppTrack session created"
elif "VOL_UPDATE" in message:
message_suffix = "AppTrack volume update"
elif "ROUTE_UPDATE" in message:
message_suffix = "AppTrack route update"
elif "APBR_ZONE_MISMATCH" in message:
message_suffix = "APBR zone mismatch"
else:
device.log(level="INFO", message="INVALID message value")
raise Exception("INVALID message value")
message_suffix = message_suffix + "\\s*" + reason
if "CREATE" not in message:
message_suffix = message_suffix + ":"
pattern = ".*" + message + ":\\s*" + message_suffix + "\\s*" + source_address + "/" + \
source_port + "->" + destination_address + "/" + destination_port + "\\s*" + service_name \
+ "\\s*" + application + "\\s*" + nested_application + "\\s*" + nat_source_address + \
"/" + nat_source_port + "->" + nat_destination_address + "/" + nat_destination_port + \
"\\s*" + src_nat_rule_name + "\\s*" + dst_nat_rule_name + "\\s*" + protocol_id + "\\s*" + \
policy_name + "\\s*" + source_zone + "\\s*" + destination_zone + "\\s*" + session_id + \
"\\s*"
if "VOL_UPDATE" in message or "CLOSE" in message:
pattern = pattern + packets_from_client + "(" + bytes_from_client + ")" + "\\s*" + \
packets_from_server + "(" + bytes_from_server + ")" + "\\s*" + elapsed_time + "\\s*"
pattern = pattern + username + "\\s*" + roles + "\\s*" + encrypted
if "ROUTE_UPDATE" in message or "ZONE_CHANGE" in message or "CLOSE" in message:
pattern = pattern + "\\s+" + profile_name + "\\s+" + rule_name + "\\s+" \
+ routing_instance
if 'destination_interface' in kwargs:
pattern = pattern + "\\s+" + destination_interface
if "APBR_ZONE_MISMATCH" in message:
pattern = pattern + "\\s+" + action
if 'category' in kwargs or 'subcategory' in kwargs:
pattern = pattern + "\\s+" + category + "\\s+" + subcategory
# Building pattern for Structured Mode
elif syslog_mode == "structured":
pattern = ".*" + message + "[^\s]*\\[.*"
pattern = pattern + "[^\\s]*" + "source-address=\"" + source_address + "\"[^\\s]*source-port=\"" \
+ source_port + "\"[^\\s]*destination-address=\"" + destination_address + "\"[^\\s]*" + \
"destination-port=\"" + destination_port + "\"[^\\s]*service-name=\"" + service_name + \
"\"[^\\s]*application=\"" + application + "\"[^\\s]*nested-application=\"" + nested_application \
+ "\"[^\\s]*nat-source-address=\"" + nat_source_address + "\"[^\\s]*nat-source-port=\"" + \
nat_source_port + "\"[^\\s]*nat-destination-address=\"" + nat_destination_address + "\"[^\\s]*" \
+ "nat-destination-port=\"" + nat_destination_port + "\"[^\\s]*src-nat-rule-name=\"" + \
src_nat_rule_name + "\"[^\\s]*dst-nat-rule-name=\"" + dst_nat_rule_name + "\"[^\\s]*protocol-id" \
+ "=\"" + protocol_id + "\"[^\\s]*policy-name=\"" + policy_name + "\"[^\\s]*source-zone-name=\"" \
+ source_zone + "\"[^\\s]*destination-zone-name=\"" + destination_zone + "\"[^\\s]*session-id-32" \
+ "=\"" + session_id + "\"[^\\s]*"
if "VOL_UPDATE" in message or "CLOSE" in message:
pattern = pattern + "packets-from-client=\"" + packets_from_client + "\"[^\\s]*" + \
"bytes-from-client=\"" + bytes_from_client + "\"[^\\s]*packets-from-server=\"" + \
packets_from_server + "\"[^\\s]*bytes-from-server=\"" + bytes_from_server + "\"[^\\s]*" + \
"elapsed-time=\"" + elapsed_time + "\"[^\\s]*"
pattern = pattern + "username=\"" + username + "\"[^\\s]*roles=\"" + roles + "\"[^\\s]*" + \
"encrypted=\"" + encrypted + "\""
if "ROUTE_UPDATE" in message or "APBR_ZONE_MISMATCH" in message or "CLOSE" in message:
pattern = pattern + "[^\\s]*profile-name=\"" + profile_name + "\"[^\\s]*rule-name=\"" + \
rule_name + "\"[^\\s]*routing-instance=\"" + routing_instance + "\""
if 'destination_interface' in kwargs:
pattern = pattern + "[^\\s]*destination-interface-name=\"" + destination_interface + "\""
if "APBR_ZONE_MISMATCH" in message:
pattern = pattern + "[^\\s]*action=\"" + action + "\""
if 'category' in kwargs or 'subcategory' in kwargs:
pattern = pattern + "[^\\s]*category=\"" + category + "\"[^\\s]*subcategory=\"" \
+ subcategory + "\""
# Invalid Mode Branch
else:
device.log(level="ERROR", message="INVALID syslog mode")
raise Exception("INVALID syslog mode")
if get:
device.log(level="INFO", message="In GET state")
return get_syslog_close(device=device, pattern=pattern)
else:
device.log(level="INFO", message="In Verify state")
return check_syslog(device=device, pattern=pattern, file=file, syslog_src_ip=syslog_src_ip, negate=negate,
count=count, case_insensitive=True)
def get_pcp_mappings(self):
"""Return PCP mappings as dictionary
PCP mappings output is parsed and dictionary is returned.
An exception will be raised if there's no output.
:return: Dictionary containing the PCP mappings data
:rtype: dict
Example::
Python:
pcp.get_pcp_mappings()
Robot:
pcp.Get PCP Mappings
"""
self.fn_checkin("Retrieving PCP mappings")
output = self.dh.cli(command="show services nat mappings pcp")
if len(output.splitlines()) < 2:
self.fn_checkout(False, "No valid output found")
mapping = {}
(spic, sset, nat_pool, pcp_ip, pcp_lifetime) = (None, None, None, None,
None)
self.data['pcp_maps'] = data = self.dd()
for line in output.splitlines():
if len(line) <= 2:
continue
match = re.search(r'Interface:\s*(.*), Service set:\s*(.*)', line,
re.IGNORECASE)
if match:
spic, sset = match.group(1), match.group(2)
self.log('INFO',
'Service pics:{} Service set:{}'.format(spic, sset))
pcp_ip = None
continue
match = re.search(r'NAT pool:\s*(.*)', line, re.IGNORECASE)
if match:
nat_pool = match.group(1)
continue
match = re.search(r'PCP Client\s*:\s*(' + utils.get_regex_ip() + \
r')\s*PCP lifetime\s*:\s*(\d+)', line, re.IGNORECASE)
if match:
pcp_ip = match.group(1)
if iputils.is_ip_ipv6(pcp_ip):
pcp_ip = iputils.normalize_ipv6(pcp_ip)
pcp_lifetime = match.group(1)
continue
match = re.search(r'Mapping\s*:\s*(' + utils.get_regex_ip() + \
r')\s*:\s*(\d+)\s*-->\s*(' + utils.get_regex_ip() + \
r')\s*:\s*(\d+)', line, re.IGNORECASE)
if match:
int_ip, int_port = match.group(1), match.group(2)
if pcp_ip is not None:
mapping = data[spic][sset][nat_pool][pcp_ip][int_ip][
int_port] = {}
mapping['pcp_lifetime'] = pcp_lifetime
else:
mapping = data[spic][sset][nat_pool][int_ip][int_port] = {}
if iputils.is_ip_ipv6(int_ip):
int_ip = iputils.normalize_ipv6(int_ip)
mapping['nat_ip'] = match.group(3)
mapping['nat_port'] = match.group(4)
continue
match = re.search(r'Session Count\s*:\s*(\d+)', line,
re.IGNORECASE)
if match:
mapping['sess_cnt'] = match.group(1)
continue
match = re.search(r'Mapping State\s*:\s+(\w+)', line,
re.IGNORECASE)
if match:
mapping['state'] = match.group(1).lower()
continue
match = re.search(
r'B4 Address\s+:\s+(' + utils.get_regex_ip() + ')', line,
re.IGNORECASE)
if match:
mapping['b4_ip'] = iputils.normalize_ipv6(match.group(1))
continue
self.log('INFO', 'PCP Mappings dump : {}'.format(data))
self.fn_checkout()
return data