Juniper SNMP Migrations For Python

Overview

Juniper SNMP Migrations

This example will show how to use the PyEZ plugin for Nornir to

  1. build a NETCONF connection to a remote device
  2. validate that SNMPv3 is not running
  3. configure SNMPv3 parameters
  4. close the connection

πŸš€ Workflow

We have provided a Poetry lock file to make life simple when managing Python packages and virtual environments. Within the virtual vironment, there will be a package called Invoke that will help us run our script with a simple command.

The workflow will look like this:

  1. Install Poetry (one-time operation)
  2. Have Poetry install your Python packages in a virtual environment (one-time operation)
  3. Activate your new virtual environment with Poetry
  4. Run locally or within a container using the Invoke package

🐍 Create and Activate your Python environment (one time operation)

  1. install poetry package to manage our Python virtual environment
curl -sSL https://raw.githubusercontent.com/python-poetry/poetry/master/get-poetry.py | python -
  1. install our Python dependencies
poetry install
  1. activate your Python virtual environment
poetry shell

Executing the script

  1. run your Nornir script locally
cd files/nornir
python app.py

Using Docker

  1. build the container image with
invoke build
  1. run the Nornir script within the container
invoke nornir

βš™οΈ How it works

Let's take a second to do a nice John Madden play-by-play on this script:

Importing the functionality of PyEZ and Nornir into our script

from nornir_pyez.plugins.tasks import pyez_rpc
from nornir import InitNornir
from rich import print
import os
  • We need to import the pyez_rpc method from Nornir's PyEZ plugin into our script
  • InitNornir will import the core functionality of Nornir
  • rich will make things pretty when we print the output
  • import os is just to allow us to shortcut the path of your directory

Defining parameters

script_dir = os.path.dirname(os.path.realpath(__file__))

nr = InitNornir(config_file=f"{script_dir}/config.yaml")

firewall = nr.filter(name="juniper-srx-garage0")

extras = {
    "less-than": "1"
}
  • create an object called script_dir and set it to our local directory
  • nr is created by instantiation the InitNornir class and passing our config file into it
  • we filter out a single device with the nr.filter method and passing a hostname
  • any extra parameters for our RPC call will be defined here in a key/value structure

Sending our API call

response = firewall.run(
    task=pyez_rpc, func='get-security-policies-hit-count', extras=extras
)
  • create a new object called response and setting it equal to the response of our API call
  • the run function was imported when we created an object firewall based on the InitNornir class
  • within run, we pass the task as a pyez_rpc, our RPC API call, and extra parameters

Print

for dev in response:
    print(response[dev].result)

Loop over the response object, which is an AggregatedResult that behaves like a list. There is a response object for each device in inventory

πŸ“Έ Screenshot

app.py

πŸ“ Additional Notes

🐍 Python

You are strongly recommended to using a Python Virtual Environment any and everywhere possible. You can really mess up your machine if you're too lazy and say "ehh, that seems like it's not important". It is. If it sounds like I'm speaking from experience, I'll never admit to it.

If you're interested in learning more about setting up Virtual Environments, I encourage you to read a few blogs on the topic. A personal recommendation would be

🐳 Docker

If you are unsure if Docker is installed on your computer, then it's probably safe to suggest that it's not. If you're interested in learning more about the product, I encourage you to read a few blogs on the topic. A personal recommendation would be Digital Ocean

Some of the goodies placed in the docker folder are not relevant to our use case with Python. Feel free to delete them as you see fit, I simply wanted to share with you my Docker build process for all Juniper automation projects (including those based on Ansible). The world is your oyster and I won't judge you on whatever direction you take.

πŸ“ Dependencies

Refer to the file located at files/docker/requirements.txt

Owner
Calvin Remsburg
Calvin Remsburg
A TrueCharts automatic and bulk update utility

trueupdate A TrueCharts automatic and bulk update utility How to install run pip install trueupdate Please be aware you will need to reinstall after e

TrueCharts 125 Jan 04, 2023
JF⚑can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate report.

Description Killing features Perform a large-scale scans using Nmap! Allows you to use Masscan to scan targets and execute Nmap on detected ports with

377 Jan 03, 2023
A light-weight open-source project CLI utility for showing services running on ports in a host

Portable Port Scanner (ppscanner) Portable Port Scanner (ppscanner) is a light-weight open-source CLI utility that leverages on nmap to make quick and

1 Oct 30, 2021
With Py-Autocrack you can crack WPA2 networks in no time.

With Py-Autocrack you can crack WPA2 networks in no time. All based on Aircrack-ng and Crunch.

Paul - FloatDesign 1 Dec 10, 2021
Python 3 tool for finding unclaimed groups on Roblox. Supports multi-threading, multi-processing and HTTP proxies.

roblox-group-scanner Python 3 tool for finding unclaimed groups on Roblox. Supports multi-threading, multi-processing and HTTP proxies. Usage usage: s

h0nda 43 May 11, 2022
An improved version of the original AutoDD

AutoDD = Automatically does the "due diligence" for you. If you want to know what stocks people are talking about on reddit, this little program might help you.

Steven Zhu 169 Oct 05, 2022
RollerScanner β€” Fast Port Scanner Written On Python

RollerScanner RollerScanner β€” Fast Port Scanner Written On Python Installation You should clone this repository using: git clone https://github.com/Ma

68 Nov 09, 2022
Ip-Tracker: a script written in python for tracking Someone using targets ip-Tracker address

πŸ”° 𝕀𝕑-π•‹π•£π•’π•”π•œπ•–π•£ πŸ”° Ip-Tracker is a script written in python for tracking Someone using targets ip-Tracker address It was made by Spider Anongre

Spider Anongreyhat 15 Dec 02, 2022
A simple Tor switcher script switches tor nodes in interval of time

Tor_Switcher A simple Tor switcher script switches tor nodes in interval of time This script will switch tor nodes in every interval of time that you

d4rk sh4d0w 2 Nov 15, 2021
Simple Port Scanner script written in Python, plans is to expand upon this script to turn it into a GUI based pen testing suite

PortScanner Simple Port Scanner script written in Python, plans is to expand upon this script to turn it into a GUI based pen testing suite. #IMPORTAN

1 Oct 23, 2021
Program can control your server via discord bot

GTPS Controller Program can control your server via discord bot Require Python How To Use Download This Source Extract The Zip File Paste gtps.py to y

Lamp 2 Mar 15, 2022
Way find out if DNS is down or your instance

DNS-PING Way to find out if DNS is down or your instance Problem: At times it happens that DNS provider services of a website URL is down and so to re

Giten Mitra 4 Nov 18, 2022
An opensource library to use SNMP get/bulk/set/walk in Python

SNMP-UTILS An opensource library to use SNMP get/bulk/set/walk in Python Features Work with OIDS json list [Find Here](#OIDS List) GET command SET com

Alexandre Gossard 3 Aug 03, 2022
Simple client for the Sirah Matisse Commander TCP server.

Simple client for the Sirah Matisse Commander TCP server.

Nelson Darkwah Oppong 1 Nov 02, 2021
Lets you remove all friends, leave GCs, and leave servers, in an instant!

anonymity Lets you remove all friends, leave GCs, and leave servers, in an instant! You can also do each of them by themselves. First, you need to get

1 Dec 07, 2021
A great python/java dynamic DNS service for NameSilo, with log, email reminder...

English NameSilo DDNS is a DDNS service for NameSilo domain names for home broadband , it can automatically detect IP changes in home broadband

云牧青 77 Dec 28, 2022
Typhon is a macOS specific payload aimed at targetting Jamf managed devices.

Typhon is a macOS specific payload aimed at targetting Jamf managed devices. This payload can be used to manipulate macOS devices into communicating with a Mythic instance, which acts as a Jamf serve

Mythic Agents 29 Dec 23, 2022
A Project to resolve hostname and receive IP

hostname-resolver A Project to resolve hostname and receive IP Installation git clone https://github.com/ihapiw/hostname-resolver.git Head into the ho

iHapiW 5 Sep 12, 2022
Dos attack a Bluetooth connection!

Bluetooth Denial of service Script made for attacking Bluetooth Devices By Samrat Katwal. Warning This project was created only for fun purposes and p

Samrat 1 Oct 29, 2021
Network monitoring tool

netmeter If you are looking for a tool to monitor your network interfaces, here you are. See netmeter-exporter to export Prometheus metrics. Installat

Saeid Bostandoust 97 Dec 03, 2022