The Extreme Management Center Command Script tool lets you execute a sequence of CLI commands (a
script) on a set of devices. This can be useful for many purposes, such as
modifying a number of device configurations at one time. The Command Script tool
uses either SSH or Telnet to connect to a device, depending on the connection
type configured in the device's CLI credentials. If the connection type is SSH,
be sure that SSH access is enabled on the selected
device.
Instructions on:
- Launching the Command Script Tool
- Creating and Executing a Command Script
- Authentication
- User Capabilities
- Device Menu Integration
- Example Command Scripts
Launching the Command Script Tool
The Command Script tool can be launched from the device tree in Management Center Console or Inventory Manager. You can have multiple Command Script windows open at the same time.
From Console:
Right-click on any number of devices or device groups in the left-panel device
tree, and select Execute Command Script from the menu.
From Inventory Manager:
Right-click on a single device or device group in the left-panel device tree,
and select Execute Command Script from the menu. You can also select a device or
device group and then select Execute Command Script from the Tools menu.
The Command Script Tool window opens with the selected devices displayed in the
Devices list in the lower left. Use the Devices toolbar buttons
to add and delete
devices to and from the list, if desired.
Creating and Executing a Command Script
Once you have launched the Command Script Tool, you can enter a sequence of commands into the Commands text box.
-
- Load Script from File - Lets you load a script from a local file or a file on the Management Center
Server. Scripts on the Management Center Server must be stored in the
<install directory>/appdata/CommandScriptTool/ directory in order to be accessed from this Load Script From File button.
-
- Save Script to File - Once you have created your script, you can save it to a local file.
When creating a command script, it is important to keep the following instructions in mind:
- Begin each script with a command that turns off paged output. Paged output requires that you repeatedly respond to a "more" prompt when a command generates many lines of output. Since the size of the output can vary or may not be known, it is impossible to include responses to "more" prompts in a reliable way. Turning off paged output means that you do not have to include responses to the "more" prompts in your script. The command to turn off paged output varies with different device types. The screenshot above shows a command script for an N-Series device that includes the command "set length 0" to turn off paged output.
- Include commands that persist changes, if necessary. For example, to append or otherwise change a device's configuration, the script will need to include the commands to change mode and the commands to persist the new configuration.
- Make sure the command script cleanly logs out of the device before terminating to properly free device resources. A script that does not cleanly log out might fail to free all resources in the device when the SSH connection is terminated. Repeatedly executing such scripts might eventually tie up resources to the point where SSH connections to the device can no longer be made.
Once the commands are ready, click the Execute button to execute the commands on the selected devices. A Results window opens and displays the progress and results of the commands on each device. At the top of the Results window is a table showing the script execution status of each device. The bottom of the window displays the command output for the device selected in the status table above. Use the Save Results button to save the results for all the devices to a text file.
If there are errors connecting to or logging into a device, or if the device returns an error to any command, an error message will be displayed in the output area of the results window.
Script Variables
The Command Script tool supports
the use of variables within scripts. The variable must appear in the script bracketed by percentage signs, for example,
There are two kinds of variables: system variables and user
variables.
The following table lists the differences between system and user variables:
| System Variables | User Variable |
|---|---|
| System-defined variable names. | User-defined variable names. |
| System-defined variable values. | User-defined variable values. |
| Values differ on each device. | Values are the same on each device. |
Management Center provides five system-defined variables:
%DEVICEIP% - The IP address of the currently selected device.
%LOGINUSER% - The login username configured in the Profile of the selected
device.
%LOGINPSWD% - The login password configured in the Profile of the selected
device.
%ENABLEPSWD% -The enable password configured in the Profile of the selected
device.
%CONFIGPSWD% - The config password configured in the Profile for the selected
device.
You can create user-defined variables two ways using the toolbar buttons for the Script Variables table in the lower right portion of the Command Script window. You can add a variable to the table using the Add Variable button, and then use the Use Variable button to insert the variable into the script at the cursor. Or, you can manually enter a variable into the script, and then use the Refresh Variables button to add the variable to the variables table.
-
- Use Variable in Script - Inserts the selected variable into the script at the current cursor location.
-
- Refresh Variables from Script - Scans the script for variables, adding new variables and removing unused user variables from the variables list.
-
- Add Variable - Lets you add a user variable to the variables list.
-
- Edit Variable - Lets you modify a user variable value.
-
- Delete Variable - Lets you delete the selected user variable from the variables list.
-
- Load Variables from File - Lets you load in user variables from a local file or a file on the Management Center
Server. Variables on the Management Center Server must be stored in the
<install directory>/appdata/CommandScriptTool/ directory in order to be accessed from this Load Variables from File button.
-
- Save Variables to File - Lets you save the user variables into a local file.
Meta Commands
Meta-Commands are commands that are executed by the Command Script tool, not by the device:
- @KEY [ c | %xx] - Enters a single character c, or a single character ASCII xx (hexadecimal) with no end -of-line characters.
- @SLEEP n - Pauses (does nothing) for n seconds.
- @RECEIVE n - Receives device output for n seconds.
- @ENDOFLINE [ CR | CRLF | LF ] - Specifies the end-of-line characters sent to the device after each command. This meta command affects all subsequent commands.
- @COMMANDDONE n - The script will wait for n seconds for command output before a command is considered done. This meta command affects all subsequent commands. n is an integer between 1 and 86400 seconds.
For example:
@key m - equivalent to a user pressing the M key
@key %20 - equivalent to a user pressing the space bar.
If there are errors processing meta-commands, an error message will be displayed in the output area of the Results window at the point where the command was executed.
Authentication
The Management Center Authorization/Device Access tool (accessed from the application's Tools menu) is used to configure the profiles and credentials that provide access your network devices. Each device is assigned a profile and that profile designates the CLI credentials to use for that device.
CLI credentials include the following information:
- User name
- Login Password
- Enable Password
- Configuration Password
- Connection Type - SSH or Telnet
The Command Script tool uses the connection type (SSH or Telnet), user name, and login password specified in the CLI credentials when establishing a connection to the device. If these are not set up correctly, the connection cannot be created. You can view the user name and connection type (protocol) that was used by the Command Script tool in the Results window.
CLI credentials are also available as system-defined variables that can be used in scripts. These variables are useful to satisfy prompts that may occur while the script is executing, as shown below.
User Capabilities
You must be assigned the appropriate user capability to execute command scripts. Capabilities are assigned via a user's authorization group, which is configured using the Authorization/Device Access tool. The capability is NetSight (Management Center) Suite > Devices > Execute Command Scripts.
Device Menu Integration
You can add a command script as a menu item to the device right-click menu by creating a menu definition in the ThirdPartyMenu.xml configuration file located in the NetSight\appData\System\Shared directory. Instructions for creating these definitions can be found in that file. You must restart the Management Center Server before the modified version of this file will be deployed to connecting clients.
In the configuration file, command script menu items are defined with a <menu> element that contains a <commandscript> element. A <commandscript> element can only be used with a <menu> element with type="device-menu" as shown below.
<menu id="version" name="Show Version"
icon="script.png"type="device-menu">
<commandscript name="Show Version">
<command>show version</command>
<command>exit</command>
</commandscript>
</menu>
The <commandscript> element defines a command script and assigns it a name. The <command> elements contained within the <commandscript> element provide each line of the script. Note that because the commands are contained in an XML document, special characters such as "<", ">", and "&" need to be escaped as entity references: <, >, and &, respectively.
The menu item will appear in the right-click popup menu in the Console device tree, but only if a single device is selected. If that menu item is selected, the command script will be executed immediately on the selected device.
A command script provided in the third-party menu definitions can use both system-defined and user variables. If user variables are included in the command script (as shown below), you will be prompted for values before the command executes.
<menu id="version" name="Show Interface" icon="script.png" type="device-menu">
<commandscript name="Show Interface">
<command>show interface %IFNAME%</command>
<command>exit</command>
</commandscript>
</menu>
You can configure command script menu items to be displayed only for certain devices by having the <commandscript> element include qualifying elements that identify those device types. The two qualifying elements are <devicetype> and <sysoid>, as shown below. If no qualifying elements are used, the menu item will appear on all devices.
<menu id="config" name="Show Configuration" icon="script.png" type="device-menu">
<commandscript name="N-Series Show Configuration">
<devicetype pattern="Matrix N\d.*"/>
<command>set length 0</command>
<command>show running -config</command>
<command>exit</command>
</commandscript>
<commandscript name="XSR Show Configuration">
<sysoid prefix="1.3.6.1.4.1.5624.2.1.32">
<sysoid prefix="1.3.6.1.4.1.5624.2.1.45">
<command>terminal length 0</command>
<command>enable</command>
<command>show running -config</command>
<command>disable</command>
<command>exit</command>
</commandscript>
</menu>
A <devicetype> element matches devices by using a regex pattern to match a device's displayed device type. For example, <devicetype pattern="Matrix N\d.*"/> will match any Matrix N1 Platinum device, any Matrix N3 Platinum device, and so on.
A <sysoid> element matches devices by a full or partial match on the device's system object identifier. For example, <sysoid prefix="1.3.6.1.4.1.5624.2.1.45"/> will match any XSR-1850.
If there are several qualifying elements within a <commandscript> element, the menu item will be displayed on any device that matches any qualifying element.
Additionally, multiple <commandscript> elements can be configured for the same menu item. When the menu item is selected, the command script that matches the device will be launched. In this way, one menu item can be configured to launch different scripts for different devices.
Example Command Scripts
Following are examples of different ways to use command scripts:
To collect data from a range of devices:
set length 0
show igmp counters
exit
To make duplicate modifications to a range of devices:
set banner motd
In case of problems, contact Joe Smith x1234
END
To modify and save the running configuration on a device:
router
config
set vlan create 3
set vlan name 3 green
write file
exit
exit
exit
To display system settings:
set length 0
show system
To enable SNMPv2 according to existing SNMPv1 settings on all devices:
set snmp group NetOpRO user ebinu security-model v2c
set snmp access NetOpRO security-model v2c privacy exact read All
notify All
set snmp group NetOpRW user fbnet1991 security-model v2c
set snmp access NetOpRW security-model v2c privacy exact read All
notify All
To roll out SNMPv3 on all N-Series, Stackable, and Standalone devices:
set snmp user netopro auth md5 ebinu#netro priv D1PwfdVvSbR0
set snmp user netoprw auth md5 ebinu#netrw priv D2PwfdVvSbRW
set snmp group NetOpRO user netopro security-model usm
set snmp group NetOpRW user netoprw security-model usm
set snmp access NetOpRO security-model usm privacy exact read All
notify All
set snmp access NetOpRW security-model usm privacy exact read All write All
notify All
To configure SNTP on all N-Series, Stackable, and Standalone devices of a specific area:
#sntp
set sntp client unicast
set sntp server 130.92.9.51
# timezone
set timezone CET 2 0
- How to Configure Profile/Device Mapping
- How to Configure Profiles and Credentials
- How to Manage Users and Groups
