DX NetOps

@We successfully wrote a script to capture the running configuration of a Juniper Netscreen in Spectrum.  Has anyone had any experience in writing a script that allows Specturm to upload a script to the running config of a Juniper Netscreen?  This would allow us to either roll back a configuration change or use the "repair" feature if a device is not compliant with a configuration policy.

It's the same situation with the capture script. Get an existing one and modify it to match your needs. It should work.

Would you be willing to advise on that capture script? I have one that logs in and seems to work, but does not grab the configuration. The issue appears to be on the most important line:

      while( my $line = $ssh->read_line() )
      {
          # get configuration content

          if( $line !~
              /sh show configuration | no more ^\s*$/ )
          {
              push @config, $line;
          }
      }

I've also tried with "display set" in the command, but it comes back empty.

Merci d'avance,

Joe Poutre

BNP Paribas

Hi Joe

I did not write our script but I'll copy it below for our reference. Hope it helps you.  I'm still looking for a way to write a config.

#!/opt/SPECTRUM/bin/perl -w

# This script will capture the running configuration of a

# Juniper OS device and print it to STDOUT.

#

# Error Codes:

#   0   = Success

#   255 = Usage error

#   254 = Invalid timeout value

#   252 = Connection error

#   251 = Login error

#   249 = Enable error

#   244 = Error retrieving configuration

#   253 = Unexpected output

#

use strict;

use warnings;

use Net::Telnet;

### Main ###

if( $#ARGV != 2 && $#ARGV != 3 )

{

print STDERR "Usage:  capture_running.pl <deviceIP> <user> <pass> <enable_pass> $ARGV[5]\n";

exit 255;

}

else

{

    my $errorCode = 1;

    my @data;

    my $errorString = "\nHost $ARGV[0]:  \n";

    ($errorCode,@data) = GetConfig( $ARGV[0], $ARGV[1], $ARGV[2], $ARGV[3] );

    if( $errorCode == 0 )

    {

        # Success.  The running configuration

        # content is in the data variable

        for( @data ) { print }; # print the configuration to STDOUT

        exit 0;

    }

    else

    {

        print STDERR $errorString;

        if( $errorCode == 253 )

        {

            print STDERR join " ", @data, "\nEnable password may be invalid\n";

        }

        else

        {

            print STDERR join " ", @data, "\n";

        }

        exit $errorCode;

    }

}

exit 0;

sub GetConfig

{

    my $deviceIP=shift;

    my $user=shift;

    my $pass=shift;

    my $epass=shift;

    my @config;

    my $msg;

    my $telnet=new Net::Telnet();

    $telnet->errmode('return');

    $telnet->prompt('/[\$#>]/');

    $telnet->open( $deviceIP );

    if( $telnet->errmsg )

    {

        $msg = "Error connecting to device:  ".$telnet->errmsg;

        $telnet->close;

        return( 252, $msg );

    }

    #first try login without username and just password

    $telnet->waitfor( Match => '/Password:/');

    if( $telnet->errmsg )

    {

        $telnet->login($user, $pass);

        if( $telnet->errmsg )

        {

            $msg = $telnet->errmsg;

            $telnet->close;

            return( 251, $msg );

        }

    }

    else

    {

        $telnet->cmd( $pass );

      if( $telnet->errmsg )

        {

            # can't use errmsg as it will give command timed-out

            # and we should really indicate bad password

            $msg = "login failed: bad password";

            $telnet->close;

            return( 251, $msg );

        }

    }

   $telnet->print( "set console page 0" );

   $telnet->print( "get config" );

    if( $telnet->errmsg )

    {

        $msg = "Device did not accept 'get config' command:  ".$telnet->errmsg;

        $telnet->close( );

        return( 244, $msg );

    }

    while( my $line = $telnet->getline() )

    {

        # get configuration content

        if( $line !~

            /get config/ )

        {

            push @config, $line;

        }

    }

    $telnet->waitfor(Match => '/[\$#>]/');

    $telnet->print( "set console page 60" );

    if( $telnet->errmsg )

    {

        $msg = "No prompt after 'get config':  ".$telnet->errmsg;

        $telnet->close( );

        return( 244, $msg );

    }

    if( @config <= 0 )

    {

        $msg = "No data retrieved, the capture timeout may be too low.";

        $telnet->close();

        return( 244, $msg );

    }

    if( scalar grep {$_ =~ /^%/} @_ )

    {

        # Ensure get config actually returned the config and not an error message containing '%'

        return( 253, @config);

    }

    return( 0, @config); # everything was okay, return the captured data

}

Hi,

do you maybe have similar script which uses SSH to communicate with devices?

sorry, we do not have an SSH script.

Modify the existing one for Cisco. There is a reference from Cisco SSH (Cisco NX OS Capture_Running_Script). It uses SSH for connecting.