Detect rogue in Cisco switches with Python

With this Python script, we will compare statically defined MAC address list with MAC addresses of selected Cisco switches for special VlanID. Statically defined MAC address list you must write in the “StaticMacs” file. If script couldn’t find statically defined “StaticMacs” file it will print you how you can prepare this with “createstaticmacs.py” script. “switchnotificator.py” script needs 3 arguments (switchusername, switchpassword and vlanID). If you execute script without needed arguments it will prompt information about this.

Script connects to selected switches and get MAC address list. If script cannot find one of MAC addresses from Cisco switches in the statically defined MAC address list file, it will send email immediately to the Network engineer.

Script reads “iplist” file to get IP address of Cisco switches. That is why you must write IP address list of Cisco switches to this file.

To configure gmail settings just edit frommail, fromemailpass, tomail variables in the lib/varsfuncs.py file.

Execute the following commands to download and use code files:

# git clone https://github.com/jamalshahverdiev/python-general-codes.git
# cd python-general-codes/switch-notificator
# ./switchnotificator.py switchusername 'switch_long_password' vlanID

If you want use this script automatically every minute, just add the following line to your crontab file:

* * * * * /root/switch-notificator/switchnotificator.py switchusername 'switch_long_password' vlanID
Advertisements

2 thoughts on “Detect rogue in Cisco switches with Python

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s