Host tracking on Cisco switch/routers using perl script

I am trying to set up a way to track the host on my network using a Perl script. I dont want to telnet in to the device using Net::Telnet::Cisco. I am thinking using Net::SNMP and the ro community string will be a bit more secure. Any one have any good pointers or experience doing this on CatOS and IOS devices?


Reply to
Loading thread data ...

What kind of host tracking did you want to do? I did some things up in a mix of perl and ksh to do the kinds of tracking that -I- needed, but different people have different ideas about what's important.

In some ways, the code is quite straight forward: send a probe, record the response in a data structure, repeat, and at the end interpret the data combinations into printable format.

On the other hand, the code isn't quite so straight forward, because of an important factor that you will seldom find documented:

SNMP agents lie. Repeatedly.

Thus it takes a non-trivial amount of experience with networks and SNMP to figure out what the agents are lying about, how to get around the lies, and how to best account for the inconsistancies that you will find in the data structures.

If you have more financial budget than time budget, I'd recommend obtaining a pre-written tool. You -can- write the tools "free", but the time investment required is fairly noticable -- not "huge" but not "just a couple of days" either.

You will likely find, by the way, that the best way to proceed is to fetch the OIDs and just record the responses, as quickly as you can (so that you get the most consistant view of what was happening at a particular time); and only after you have recorded the responses do you proceed to the parsing and data analysis phase. If you record the raw SNMP responses before analysis, then you will later be able to go back and do other kinds of analysis. For example, if you want a report on all the ports that are acting like trunk ports (darn user-installed switches!), and then you want a report on the VLAN setup of the switches, you don't want to have to have it go back and rescan all the switches: you want to be able to make use of anything you already happened to record. And when you are tracking wayword systems, you want to be able to track timing patterns to give you a better idea of who is using the system. And so on. Record once, analyze repeatedly.

Reply to
Walter Roberson

formatting link

Reply to
Danick Veenstra

What I am thinking to start is to use the OID on the router to pull the arp table from the core routers and then use the OID on the switch to pull the cam table. Once I have them I want to then mesh them ignoring the trunk ports for now to come up with a report that will show me an IP, MAC, Switch, Switch Port. I dont have the expenses to buy something and there are things that I want to later build upon it like pulling information out of our asset db to get machine names locations on the floor and stuff like that.

Any assistance or if someone would like to mentor a budding script writer I would greatly appreciate any assistance.


Reply to
PeperG Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.