cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post
Level 12

Execute CLI script via API

While browsing Swagger UI I came across this gem:

ExecuteCLI.JPG

I found it to be a far more quicker and cleaner alternative to the method described here NCM Config Transfer · solarwinds/OrionSDK Wiki · GitHub. Execution time in my case is somewhere between 4 and 8 seconds per device and you can even string multiple commands together. 

This endpoint was probably developed for ASA firewalls, but it works perfectly for other Cisco devices. If the account that you are using has a higher privilege level configured (so that enable password is not required) you can omit the "enablePassword" parameter from the request body.  

You can use it via REST (useful for displaying commands outputs directly in a Custom HTML widget with a little JS magic) or via your programming/scripting language of choice. 

As a bonus, here is the PowerShell function that I wrote as part of my SolarWinds API utilities module: 

 

 

 

Function Execute-CLICommand
{
  <#
        .SYNOPSIS
            Run CLI commands on Cisco devices via the SolarWinds API.

            Parameters - SWIS Connection
                       - IP or FQDN
                       - API Username
                       - Password
                       - Script - multiple lines can be run, sepparated by `n

        .PARAMETER SWISConnection
        
        SWIS Connection

       .PARAMETER Device

        Device IP or FQDN

        .PARAMETER UserName
    
        API username

        .PARAMETER Pawword

        Password for the API Username

        .PARAMETER Script

        CLI Script; multiple lines can be run, sepparated by `n

    #>

param
(
$SWISConnection,
[string] $Device,
[string] $UserName,
[string] $Password,
[string] $Script

)

$out = Invoke-SwisVerb $swis Orion.ASA.Node ExecuteCliCommand @($device,$UserName,$Password,$script)
return $out.'#text'

}

 

 

 

Labels (2)
4 Replies

@stuartd , since this is a function, being on part of his entire script, I think he may have defined his $swis/$Swisconnection var elsewhere.

Try running this command first, which should pop up a login box for you to enter your Orion/API login creds.

$swis = Connect-Swis -Hostname orion.hostname.here

 

Afterwards, if you want to get a quick test in, to see the functionality, you'll need to either save this as its own function, or just dump it into PowerShell ISE (for now) and run it. That should load it up, then you just need to call it by typing "Execute-CLICommand".

That, alone, won't likely do much, so you should add your device, along with the login creds, and also a simple little script/command to run on the device. It should look something like this.

Execute-CLICommand -Device 1.2.3.4 -UserName deviceUsernameHere -password devicePasswordHere -Script "show run"

 

 

If your device requires the enable prompt/password, then you'll need to add a line to the param part, as well as to the $out line too.

param
(
$SWISConnection,
[string] $Device,
[string] $UserName,
[string] $Password,
[string] $Script,
[string] $enablePassword

)

$out = Invoke-SwisVerb $swis Orion.ASA.Node ExecuteCliCommand @($device,$UserName,$Password,$script,$enablePassword)
return $out.'#text'

 

Now your command will also need the newly added $enablePassword value as well.

Execute-CLICommand -Device 1.2.3.4 -UserName deviceUsernameHere -password devicePasswordHere -Script "show run" -enablePassword deviceEnablePasswordHere

 

 

Again, I'm not 100% on how everything sticks together, as I'm learning too, just the same as you. But, this is my understanding of how this works... I think.

 

 

Thank you,

 

-Will

Hey Will,

Thanks for that. I'd completely forgotten I had asked this question but since then I have progressed a little with my PowerShell understanding. Sadly I haven't had any real time to dedicate to it so it is very much fledgling knowledge.

That said, my learning, along with your explanations make this much clearer and gives me an immediate idea or two on how i could incorporate this into our automation at this end.

Diolch.

0 Kudos
Level 12

Can you walk a very novice (as in I'm just getting started with Powershell) user, through this please?

I can see a benefit of using this to script stuff, but not sure what I'd edit or add where to actually use it. So, for example:

"[string] $Device," I'm not getting where does the IP / FQDN go in this? I've tried on my own test bed and what/where ever I use, I just get errors so am plainly missing the key part.

and

The script states: "multiple lines can be run, sepparated by `n" - is that literally this type of thing: line 1 text `n line 2 text `n line 3 etc `n?

Thanks.

0 Kudos

Nice find, @ioan_bucsa. I'm going to pass this on to my network engineers. Thanks for sharing.

0 Kudos