This project leverages Genie/pyATS framework, WebEx Messenger and python logging module to check access into network devices by displaying, sending the result to WebEx Messenger Space and triggering logs to Syslog server for information and maintenance purposes. This project exploits the simplicity of Genie/pyATS framework with its connect() method in order to check the access by simply handling ConnectionError exception. Keep in mind that this project is not to test connectivity, it allows to check access and can be used in many ways :
- Check access routinely
- Deployed separately or integrated in projects such as : before each provisioning or retrieving data form devices or CI/CD pipeline process to priore check accessibility
Here is the topology used in this project:
GNS3 was used with Cisco routers and a Linux machine as Admin since the framework Genie/PyATS works only on Linux or Mac OSX. However, you can use the Windows Subsystem for Linux (WSL), as the case of this project represented here by the Admin host as shown in the topology. You can also test this project using your own emulator or the DevNet Sandbox Cisco Modeling Labs (CML). You just need to modify the parameters concerning the information about the devices used in the connex.yml file (IP addresses, users, IOS type, ...).
The best practice is to leverage Python Virtual Environments (env). Please follow these steps to clone the Git repository and create and active the virtual environment:
git clone https://github.com/cherifimehdi/Check_Access.git
cd Check_Access
python3 -m venv venv
source venv/bin/activate
pip3 install -r requirements.txt
As the packages used are found in requirements.txt file, alternatively, you can install the packages as follows:
pip3 install pyats[full]
pip3 install requests
pip3 install requests-toolbelt
pip3 install prettytable
pip3 install python-dotenv
Please consider to:
- Modify the parameters in connex.yml file according to your devices configuration and types (IOS, ip, credentials,...)
- Create a WebEx Messenger Space to send to it the result as a text file
- Update the Token variable in the .env file, the roomId and the address of your Syslog Server in check_access.py script
- Choose and install your Syslog server. For this project I used the open source Tftpd32 software by Ph. Jounin
Once the dependenties are installed and parameters are taken into account for connex.yml, .env files and check_access.py script, you can run the script check_access.py.
This project allows :
- Check access for each device in the testbed file connex.yml
- Trigger log message for each device and send the result to the Syslog server
- Generate the final result as table to print and send as text file to the WebEx Messenger space
Here we run check_access.py script from the Admin host:
(Check_Access) [mehdi@Check_Access]$ python check_access.py
+--------------------+
| Access Check |
+--------+-----------+
| Device | Status |
+--------+-----------+
| R1 | Access Ok |
| R2 | Access Ok |
| R3 | Access Ok |
+--------+-----------+Here the result sent to the Syslog Server:
Here the result sent as a text file to our Webex Space:
Now, we can download the Result.txt file and consult the check access result for the network devices as shown below:
Now we will deactivate the management interface of the router R2
Now we run the check_access.py script from the Admin host:
(Check_Access) [mehdi@Check_Access]$ python check_access.py
+--------------------+
| Access Check |
+--------+-----------+
| Device | Status |
+--------+-----------+
| R1 | Access Ok |
| R2 | No Access |
| R3 | Access Ok |
+--------+-----------+As expected, the Syslog server received the logs:
The Result.txt file is now available for download and viewing from WebEx Messenger Space
As it shows from the console, the Syslog server and the Result.txt file, we have an access issue with the Router R2.
PhD in Electronics and an active Cisco CCAI Instructor and Network Engineering Trainer. Part of Cisco DevNet Class 2020. Cisco DevNet Code Exchange and Automation Exchange Contributor. I am interesting in all about NetDevOps, Networking programmability and automation. I am a Cisco contents fan.