Networking Devices

Networking devices have a two-step process for getting results into Xylok. First, the system administrator must run certain commands on the device, then the resulting session log needs to be wrapped for import into Xylok.

This process has more friction than the general data collections scripts, but is generalized to work with most system rules and requirements. If your systems allow for more automation–i.e., a script would be permitted to SSH into a switch–, contact us at support@xylok.io about other options.

Step 1: Collecting Data

To begin network data collection, download the “script” for the network device under test. See Downloading Scripts for more details. A network device’s script folder generally contains files like this:

Networking directory listing

Once you have the script for the device, open the README.txt file (on Windows, this file may display best in Wordpad, not Notepad). This file gives the most up-to-date high level instructions on collecting the network data. The most important step is to run the commands exactly as shown in this document without using shortcuts and matching any spacing exactly. To make Step 2 simpler, it’s ideal to avoid using Tab to autocomplete commands and to not backspace during a command.

Small addenda to this ReadMe include:

Logging in PuTTY

In the Configuration, choose Logging from the left-side menu and select “Printable Output.” Ensure you know where the Log File Output location is on the system.

Logging in SSH on Linux/Cygwin/Unix

Run everything through the “tee” or “script” command. If your usual SSH command to connect to the switch/router would be ssh user@10.10.10.10, run ssh user@10.10.10.10 | tee log.txt instead.

Alternatively, run script log.txt. Script will start a new prompt which will log everything done inside it, so log in to your device as usual. When you’re done, run exit one final time and you’ll fine a log.txt file sitting in your current directory.

Step 2: Wrapping

The Readme in the folder will then ask the user to run the “wrap-log” script appropriate for their current operating system. Specifically:

Operating System	Script
Windows 10, Windows Server 2016+	`wrap-log-<name>.ps1`
Older Windows	`wrap-log-<name>.bat`
Red Hat, Solaris, OS X, other *nix flavors	`wrap-log-<name>.sh`

Running these scripts against a log file is easiest when they are in the same directory. Unlike other data collection scripts, the user does not need to be an administrator.

Assuming the network device was named “Switch” in Xylok, the most reliable process for wrapping is:

Copy log file to directory with wrap scripts
Run wrap script with the log file as the first argument on the command line. Based on OS, this will be:

a. Windows 10+: wrap-log-Switch.ps1 log.txt b. Other Windows: wrap-log-Switch.bat log.txt c. Linux: bash wrap-log-Switch.sh log.txt
The wrapper script will look for each command in the log. If it does not report “found” for each command a command may not have been run or you may need to manually edit the log file to make the command match what the wrapper script outputs. A few examples of “manual editing needed” log files are displayed below. Repeat 2-3 until the script produces a successful result.

Manual correction

Given the following session log file (snipped for brevity) as a start, there are a few manual corrections that may be needed.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37


Trying 172.16.20.1...
Connected to 172.16.20.1.
Escape character is '^]'.


User Access Verification

Username: iatester
Password:
Switch_Core#terminal length 0
Switch_Core#show version
Cisco IOS Software, C3750 Software (C3750-IPSERVICESK9-M), Version 12.2(55)SE, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010
Compiled Sat 07-Aug-10 22:45 by prod_rel_team
...
Configuration register is 0xF

Switch_Core#sh rn al^H^H^H^H^Hun all
Building configuration...

Current configuration with default configurations exposed : 53002 bytes
!
version 12.2
...
end

Switch_Core#sh run
Building configuration...

Current configuration : 9630 bytes
!
version 12.2
...
end

Switch_Core#show archive-config diff

Command run using shortcuts: Line #19: in the example, the user ran “sh run all” rather than the desired “show running-config all.” To correct this, edit the text to show the example command in README.txt and/or the wrapper script’s output.
Command contains control characters: Line #19: Depending on the logging method used, commands may display control characters. Simply edit the command to exactly what is shown in README.txt and/or the wrapper script output.
Extra commands run: Line #28: Xylok will ignore extra commands like bullet #2 in the session log. There is no need to manually remove these.
Command not run and not desired: If a command does not work on your device or you do not want to run it, you can add the command to the log file manually. In the log file above, if the command “show archive config diff” was supposed to be run, it could be faked by adding these lines at the end of the file:
```
Switch_Core# show archive config diff
Not run
```
This is the device command prompt “Switch_Core#” (as seen by #1 and #2 in the example session) followed by the missing command. When Xylok imports the data, the results for this particular command will simply show the the “Not run” entered in the log file.

Step 3: Upload to Xylok

Once the wrapper script succeeds, a standard .xylok results file will be produced in the same directory as the scripts. Uploading and Importing Data then works like any other data in Xylok.

It is still possible that Xylok will report an error with commands at this stage. The wrapper scripts do a simple text compare and can incorrectly believe a command was run when it was not. If there are errors during upload, the message should make it clear which command needs to be fixed to continue.