How to automate port shut down not used for more than 30 days

I've heard UDT users would like to somehow automate port shut down for non-used ports. This is a great functionality for UDT but it will take some time to bring it in OOTB. However I don't see a reason why to not provide decent workaround you may find useful.

What we need in order to accomplish this trick:

  1. UDT
  2. Latest version of Orion SDK installed on the UDT server.
  3. Access to Windows PowerShell (could be applied on Python, Perl or VBScript as well)
  4. User and Password into UDT
  5. Ten minutes of your time :-)

Install and configure your UDT

Simple start, install and configure your UDT. It must contain at least one Node with ports.

Install your Orion SDK

Orion SDK will provide API access to UDT database via secure methods. I don't expect any single problem during install process (link for download). My recommendation is to install as local Administrator.

If you run into any problem, please speak up in this forum on Thwack.

Load customized SWIS Schema for UDT Non-Used ports

Copy this file:UDT_Unused_Ports.xml into \Program Files (x86)\SolarWinds\Orion\Information Service\3.0\Schemas\

This is customized SWIS entity that allow us to read data from database safely via Information Service (not directly from SQL).

Open your PowerShell window

And now the real fun begins. Run your PowerShell Window and make sure that Orion SDK was successfully registered:

Type this command: Get-PSSnapin | where {$_.Name -eq "SwisSnapin"}) and hit enter key.

The result should looks like this:

pastedImage_9.png

If you didn't get this, simple type following command (will add PowerShell snappin from SDK)

Add-PSSnapin "SwisSnapin"


Now you have to setup connection to your database/UDT.

Type in following commands and change your $hostname to domain name or IP address of your UDT, $username to the username you want to use for connection and $password to your password (like $password = "solarwinds"). If you are using Eval of UDT and running the script from the same machine, keep it as it is below.


$hostname = "localhost"

$username = "admin"

$password = New-Object System.Security.SecureString  

$cred = New-Object -typename System.Management.Automation.PSCredential -argumentlist $username, $password

$swis = Connect-Swis -host $hostname -cred $cred

OK, so we set up the connection, and now we can call an API method and get information about ports which hasn't been used for 30 days or more. Type in the command below and hit enter key:

$ports = Get-SwisData $swis 'SELECT Caption, Name, DaysUnused, PortID,NodeID FROM Orion.UDT.Custom

.UnunsedPorts WHERE (CASE WHEN DaysUnused=''Never'' THEN 31 ELSE DaysUnused END) > 30'


If you want to see what ports and where it will shut down (before the real action), run this command:


foreach ($port in $ports) {

write-hosts "Port to shut down:" $port.Name" on Node:"$port.Caption " not used for:"$port.DaysUnused" days"

}

pastedImage_5.png

Now if you're really sure about shutting those port down use this syntax:

foreach ($port in $ports) {

write-hosts "Shutting down:" $port.Name" on Node:"$port.Caption " not used for:"$port.DaysUnused" days"

Invoke-SwisVerb $swis Orion.UDT.Port AdministrativeShutdown @($port.NodeID, $port.PortID)

}


And this is really all you need. For the full automation, you can execute this script from Windows Scheduler every month.

*warning - this is customization which is not fully supported by SolarWinds support. However if something doesn't work, let us know via the comment section below and we will do our best to help you.


  • I bet there is ton of improvements of the scripts, so anybody who has an idea, don't be hesitant to propose its better version.

  • When you run it first time, You could get lot of records and shutting down all of them could take a long time as this involves a SNMP request to the device and updates to the database. When you run it first time, I would caution to first run the query in SWQL studio to get the number of ports the query returns and play with the 30 days number so that you don't run a long loop. Also Use this Script so that it does not bring the same unused ports records over and over again.

    Add-PSSnapin "SwisSnapin"

    $hostname = "localhost";
    $username = "admin";
    $password = New-Object System.Security.SecureString;

    $cred = New-Object -typename System.Management.Automation.PSCredential -argumentlist $username, $password;
    $swis = Connect-Swis -host $hostname -cred $cred;

    $ports = Get-SwisData $swis 'SELECT DISTINCT a.Caption, a.Name, a.DaysUnused, a.PortID,a.NodeID FROM Orion.UDT.Custom.UnunsedPorts a INNER JOIN Orion.UDT.Port b on ( a.PortID = b.PortID and b.AdministrativeStatus <> 2) WHERE (CASE WHEN a.DaysUnused=''Never'' THEN 31 ELSE a.DaysUnused END) > 30'

    foreach($port in $ports) {

    write-host "Port to shut down:" $port.Name" on Node:"$port.Caption " not used for:"$port.DaysUnused" days"

    Invoke-SwisVerb $swis Orion.UDT.Port AdministrativeShutdown @($port.NodeID, $port.PortID)
    }

    Here is the query you would run from SWQL Studio

    SELECT DISTINCT a.Caption, a.Name, a.DaysUnused, a.PortID,a.NodeID FROM Orion.UDT.Custom.UnunsedPorts a INNER JOIN Orion.UDT.Port b on ( a.PortID = b.PortID and b.AdministrativeStatus <> 2) WHERE (CASE WHEN a.DaysUnused='Never' THEN 31 ELSE a.DaysUnused END) > 30

  • This is how Thwack rocks.  Solid ideas, open source sharing, folks helping folks.  Thanks!

  • It would be awesome if this could spawn a Service-Now change ticket X days before it shut a port. Using any automated shuts in our ITIL environment requires automated change tickets.

  • Awesome work! Would it also be possible to use this as a base and shutdown a port on a switch when a Rogue device is detected by passing the MAC variable? Any help would be greatly appreciated!

  • Hi Michal,

    I know it has been years since this post but I have a question hope you have the answer for me.

    I followed your instruction and have UDT/Orion SDK installed. UDT installed with one node added.

    As I ran your PowerShell script, I encountered the following error: 

    Get-SwisData : Source entity [Orion.UDT.Custom.UnunsedPorts] not found in catalog
    At line:1 char:10
    + $ports = Get-SwisData $swis 'SELECT DISTINCT a.Caption, a.Name, a.Day ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : InvalidOperation: (:) [Get-SwisData], FaultException`1
    + FullyQualifiedErrorId : SwisError,SwisPowerShell.GetSwisData

    I also ran Vijay's SWQL query but got the same error. I tried to look around to see if I can add Orion.UDT.Custom.UnunsedPorts to the catalog but couldn't  find anything.

    I would really appreciate if you can help me with this.

    Thanks,

    D.Nguyen

  • The XML file UDT_Unused_Ports.xml copied to \Program Files (x86)\SolarWinds\Orion\Information Service\3.0\Schemas\ indicates that Orion.UDT.Custom.UnunsedPorts is there.