3 Replies Latest reply on Dec 8, 2017 8:46 AM by tdanner

    Python Orion SDK : Create credentials set without adding a new node

    lore.phoenix

      Hello,

       

      I want to create a SNMPv2/SNMPv3 credential set on our NPM Orion when the credential doesn't yet exit in our Orion.Credentials table.

      I realize when adding a credential set requires to add entries into 2 different tables.

      I wonder if this is possible to do with the API using Python.

       

      ################## SCRIPT

      from __future__ import print_function

      import re

      import requests

      from orionsdk import SwisClient

      from pprint import pprint

       

      def main():

           # Init SWIS API

          npm_server = 'solarwinds-dev.example.com'

          username = 'scripting'

          password = 'somesecretpassword'

       

          # Dict with as key the SNMP names and as value if it exist

          # We initiate our values as False

           required_snmp =     { 'SNMPv3 readonly' :

                                      [ {

                                          'SNMP' : 3 ,

                                          'status' : False ,

                                          'username' : 'testuser',

                                          'auth_proto' : 'sha',

                                          'auth_pass' : 'mysecret123',

                                          'priv_proto' : 'aes',

                                          'priv_pass' : 'specialpass' } ] ,

                                  'SNMPv2 comstring' :

                                      [ {

                                          'SNMP' : 2 ,

                                          'status' : False,

                                          'community' : 'comstring' } ]

                              }

       

           verify = False

           if not verify:

                from requests.packages.urllib3.exceptions import InsecureRequestWarning

                requests.packages.urllib3.disable_warnings(InsecureRequestWarning)

       

           swis = SwisClient(npm_server, username, password)

           credentialdata = swis.query("SELECT Name FROM Orion.Credential WHERE CredentialType LIKE 'SolarWinds.Orion.Core.Models.Credentials.SnmpCredentialsV%'")

       

           if len(credentialdata['results']) < 1:

                # No records found

                print("No records found")

           else:

                # Loop through dict required_snmp

                for snmpname in required_snmp:

       

                # Loop through pollerdata to collect key names.

                for keys in credentialdata['results']:

                if snmpname == keys['Name']:

                     required_snmp[snmpname][0]['status'] = True             # Change status for this SNMP name to True

       

          '''

          Let's do a loop on our require_snmpnames dict

          Values with False needs to be added into our Orion Credential set.

          If the name starts with SNMPv2 then we need to define the community name

          If the name starts with SNMPv3 then we need to define:

              () username

              () authentication protocol

              () authentication password

              () privacy protocol

              () privacy passphrase

          '''

           for snmpname in required_snmp:

                if required_snmp[snmpname][0]['status'] is False and required_snmp[snmpname][0]['SNMP'] == 2:

                     # Add credential set

                       print("Added SNMPv2")

       

                if required_snmp[snmpname][0]['status'] is False and required_snmp[snmpname][0]['SNMP'] == 3:

                     # Add credential set

                          print("Added SNMPv3")

       

      ################## SCRIPT END

       

      ################## TABLES

      Table : <Orion.Credential>

      [ID], [Name], [Description],[CredentialType],[CredentialOwner]

        |

        |

      [CredentialID] , [Name], [Value], [Encrypted]

      Table : <Orion.CredentialProperty>

       

      For SNMPv2

      <Orion.CredentialProperty>.[Name]

      Community

       

      For SNMPv3

      <Orion.CredentialProperty>.[Name]

      UserName

      AuthenticaionType

      AuthenticationPassword

      AuthenticationKeyIsPassword

      PrivacyType

      PrivacyPassword

      PrivacyKeyIsPassword

        • Re: Python Orion SDK : Create credentials set without adding a new node
          tdanner

          An API for adding these credential sets was added in the most recent release, NPM 12.2. See https://github.com/solarwinds/OrionSDK/wiki/Credential-Management  for details.

          1 of 1 people found this helpful
            • Re: Python Orion SDK : Create credentials set without adding a new node
              lore.phoenix

              Many thanks.

              Based on your feedback I was able to finish up my Python script.

               

              tdanner
              Is there any way to delete existing SNMP credential sets?
              My issue is to figure out the uris to do a swis.delete.

               

               

              ####### For other users would like to know how

              if required_snmp[snmpname][0]['status'] is False and required_snmp[snmpname][0]['SNMP'] == 2:

                   # Add credential set

                   credentialID = swis.invoke('Orion.Credential', 'CreateSNMPCredentials', snmpname, required_snmp[snmpname][0]['community']  )

                   print("Added SNMPv2")

               

                   if required_snmp[snmpname][0]['status'] is False and required_snmp[snmpname][0]['SNMP'] == 3:

                  # Add credential set

                   credentialID = swis.invoke('Orion.Credential', 'CreateSNMPv3Credentials',

                                                          snmpname,

                                                          required_snmp[snmpname][0]['username'],

                                                          '',

                                                          required_snmp[snmpname][0]['auth_proto'],

                                                          required_snmp[snmpname][0]['auth_pass'],

                                                          'True',

                                                          required_snmp[snmpname][0]['priv_proto'],

                                                          required_snmp[snmpname][0]['priv_pass'],

                                                          'True' )

                          print("Added SNMPv3")