Juniper SNMP Migrations For Python

Overview

Juniper SNMP Migrations

This example will show how to use the PyEZ plugin for Nornir to

  1. build a NETCONF connection to a remote device
  2. validate that SNMPv3 is not running
  3. configure SNMPv3 parameters
  4. close the connection

🚀 Workflow

We have provided a Poetry lock file to make life simple when managing Python packages and virtual environments. Within the virtual vironment, there will be a package called Invoke that will help us run our script with a simple command.

The workflow will look like this:

  1. Install Poetry (one-time operation)
  2. Have Poetry install your Python packages in a virtual environment (one-time operation)
  3. Activate your new virtual environment with Poetry
  4. Run locally or within a container using the Invoke package

🐍 Create and Activate your Python environment (one time operation)

  1. install poetry package to manage our Python virtual environment
curl -sSL https://raw.githubusercontent.com/python-poetry/poetry/master/get-poetry.py | python -
  1. install our Python dependencies
poetry install
  1. activate your Python virtual environment
poetry shell

Executing the script

  1. run your Nornir script locally
cd files/nornir
python app.py

Using Docker

  1. build the container image with
invoke build
  1. run the Nornir script within the container
invoke nornir

⚙️ How it works

Let's take a second to do a nice John Madden play-by-play on this script:

Importing the functionality of PyEZ and Nornir into our script

from nornir_pyez.plugins.tasks import pyez_rpc
from nornir import InitNornir
from rich import print
import os
  • We need to import the pyez_rpc method from Nornir's PyEZ plugin into our script
  • InitNornir will import the core functionality of Nornir
  • rich will make things pretty when we print the output
  • import os is just to allow us to shortcut the path of your directory

Defining parameters

script_dir = os.path.dirname(os.path.realpath(__file__))

nr = InitNornir(config_file=f"{script_dir}/config.yaml")

firewall = nr.filter(name="juniper-srx-garage0")

extras = {
    "less-than": "1"
}
  • create an object called script_dir and set it to our local directory
  • nr is created by instantiation the InitNornir class and passing our config file into it
  • we filter out a single device with the nr.filter method and passing a hostname
  • any extra parameters for our RPC call will be defined here in a key/value structure

Sending our API call

response = firewall.run(
    task=pyez_rpc, func='get-security-policies-hit-count', extras=extras
)
  • create a new object called response and setting it equal to the response of our API call
  • the run function was imported when we created an object firewall based on the InitNornir class
  • within run, we pass the task as a pyez_rpc, our RPC API call, and extra parameters

Print

for dev in response:
    print(response[dev].result)

Loop over the response object, which is an AggregatedResult that behaves like a list. There is a response object for each device in inventory

📸 Screenshot

app.py

📝 Additional Notes

🐍 Python

You are strongly recommended to using a Python Virtual Environment any and everywhere possible. You can really mess up your machine if you're too lazy and say "ehh, that seems like it's not important". It is. If it sounds like I'm speaking from experience, I'll never admit to it.

If you're interested in learning more about setting up Virtual Environments, I encourage you to read a few blogs on the topic. A personal recommendation would be

🐳 Docker

If you are unsure if Docker is installed on your computer, then it's probably safe to suggest that it's not. If you're interested in learning more about the product, I encourage you to read a few blogs on the topic. A personal recommendation would be Digital Ocean

Some of the goodies placed in the docker folder are not relevant to our use case with Python. Feel free to delete them as you see fit, I simply wanted to share with you my Docker build process for all Juniper automation projects (including those based on Ansible). The world is your oyster and I won't judge you on whatever direction you take.

📝 Dependencies

Refer to the file located at files/docker/requirements.txt

Owner
Calvin Remsburg
Calvin Remsburg
Interact remotely with the computer using Python and MQTT protocol 💻

Comandos_Remotos Interagir remotamento com o computador através do Python e protocolo MQTT. 💻 Status: em desenvolvimento 🚦 Objetivo: Interagir com o

Guilherme_Donizetti 6 May 10, 2022
This tool is for finding more detailed information of an IP Address.

This tool is for finding more detailed information of an IP Address.

3 Oct 08, 2021
A simple and lightweight server that allows clients to connect and launch a shell remotely through a browser.

carrotsh A simple and lightweight server that allows clients to connect and launch a shell remotely through a browser. Uses xterm.js for the frontend

V9 31 Dec 27, 2022
A TCP Chatroom built with python and TCP/IP sockets, consisting of a server and multiple clients which can connect with the server and chat with each other.

A TCP Chatroom built with python and TCP/IP sockets, consisting of a server and multiple clients which can connect with the server and chat with each other. It also provides an Admin role with featur

3 May 22, 2022
A simple python script to send cute messages to my boyfriend.

Morning Messages A simple python script to send cute messages to my boyfriend. It gives him the weather and news currently. Installation git clone htt

Sabrina Medwinter 3 Oct 12, 2022
This tools just for education only - Layer-7 or HTTP FLOODER

Layer-7-Flooder This tools just for education only - Layer-7 or HTTP FLOODER Require Col1 Before You Run this tools How To Use Download This Source Ex

NumeX 7 Oct 30, 2022
A non-custodial oracle and escrow system for the lightning network. Make LN contracts more expressive.

Hodl contracts A non-custodial oracle and escrow system for the lightning network. Make LN contracts more expressive. If you fire it up, be aware: (1)

31 Nov 30, 2022
syncio: asyncio, without await

syncio: asyncio, without await asyncio can look very intimidating to newcomers, because of the async/await syntax. Even experienced programmers can ge

David Brochart 10 Nov 21, 2022
An opensource library to use SNMP get/bulk/set/walk in Python

SNMP-UTILS An opensource library to use SNMP get/bulk/set/walk in Python Features Work with OIDS json list [Find Here](#OIDS List) GET command SET com

Alexandre Gossard 3 Aug 03, 2022
Proxlist - Retrieve proxy servers.

Finding and storing a list of proxies can be taxing - especially ones that are free and may not work only minutes from now. proxlist will validate the proxy and return a rotating random proxy to you

Justin Hammond 2 Mar 17, 2022
Out-of-box Python RPC framework

typed-jsonrpc Out-of-box Python RPC framework. WIP. Make LSP easy for everyone. The conception of final usage: from typed_jsonrpc import * ls = Langu

Taine Zhao 4 Dec 28, 2021
基于多线程快速端口扫描脚本,支持目标批量导入、结果导出。

JWS_portscan 基于多线程快速端口扫描脚本,支持目标批量导入、结果导出。如果扫描公网资产,为了提升扫描的精准性,建议放到服务器运行。 用法 依赖安装:pip3 install -r requriement.txt 支持参数:python3 JWS_portscan.py --help 脚本

jammny 5 Apr 12, 2022
Light, simple RPC framework for Python

Agileutil是一个Python3 RPC框架。基于微服务架构,封装了rpc/http/orm/log等常用组件,提供了简洁的API,开发者可以很快上手,快速进行业务开发。

16 Nov 22, 2022
A simple tool to get information about IP

IP Info Tool Just a simple tool to get IP's information, it uses requests module to gather information about IP, if you dont have much knowledge about

0 Dec 01, 2021
msgspec is a fast and friendly implementation of the MessagePack protocol for Python 3.8+

msgspec msgspec is a fast and friendly implementation of the MessagePack protocol for Python 3.8+. In addition to serialization/deserializat

Jim Crist-Harif 414 Jan 06, 2023
Tool for quickly gathering information from Shodan.io about the number of IPs which satisfy large number of different queries

TriOp Tool for quickly gathering information from Shodan.io about the number of IPs which satisfy large number of different queries For furt

Jan Kopriva 27 Nov 03, 2022
A Python based command line ARP Spoofer utility, which takes input as arguments for the exact target IP and gateway IP for which you wish to Spoof ARP request

A Python based command line ARP Spoofer utility, which takes input as arguments for the exact target IP and gateway IP for which you wish to Spoof ARP request

Abhinandan Khurana 1 Feb 10, 2022
Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation

Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation

Mariusz B. 715 Dec 25, 2022
An HTML interface for finetuning the sync map output from aeneas

finetuneas 3.0 finetuneas is a simple HTML interface for fine tuning sync maps output by aeneas Version 3.0 Easier adjusting time: following cells wil

Firat Özdemir 50 Mar 12, 2022
Very simple FTP client, sync folder to FTP server, use python, opensource

ftp-sync-python Opensource, A way to safe your data, avoid lost data by Virus, Randsomware Some functions: Upload a folder automatically to FTP server

4 Sep 13, 2022