Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6270
Views
25
Helpful
8
Replies

My Python script to query FMC API for list of sensor names and IPs

matty-boy
Level 1
Level 1

‎11-01-2018 08:04 AM - edited ‎02-21-2020 08:25 AM

Hi all,

 

I thought it was about time I gave something back to the community so here goes....

 

I've been playing with the REST API to try and get data out of the Firepower FMC using the API explorer (https://<YOUR_FMC_IP_ADDRESS>/api/api-explorer).

 

The natural progression is to try and script it. I chose Python rather Perl cos snakes are way cooler than jewels! :-)

 

I've attached my script. It's not pretty. I'm not a programmer so please don't ridicule me! The bulk of the script was generated by the FMC API explorer, I just added a few bits 'n' bobs so that it would return the fields I was interested in.

 

Line 59 can be edited to change which JSON list entries are returned - for me, just the name and IP (called hostName weirdly) was enough for now but returning each device UUID would enable you to use this to make further queries against the devices for things like interface IPs and so on.

 

If like me you are just starting out in the world of Python you'll need to install the Python interpreter (https://www.python.org/downloads/windows/) and to run my script you may need to install some of the libraries (I can't remember which are pre-installed and which aren't. I'm using json, sys, requests and getpass). A google will show you how to install libraries.

 

BE CAREFUL WITH TABS IF EDITING!!!!!!!

I spent ages trying to figure out why certain changes to the script caused it to fail. Apparently Python is very strict on indentation so you might need to change your text editor to insert 4x space characters rather than an actual tab. That worked for me in Notepad++.

 

You can compile the script into a .exe file so that other users can run it who don't have the python environment installed. This was easy to do with a bit of googling and didn't take long.

 

Change the .txt to .py to execute the script. I had to change to .txt to be able to upload to this forum. The script was created using Python version 3.7.1. I think it should work in any 3.x but it won't work in 2.x.

 

I hope this helps some people cos I was up all freakin' night trying to get it working!! :-)

 

Enjoy,

Matt.

2 people had this problem
Preview file
3 KB
8 Replies 8

Marvin Rhoads
Hall of Fame
Hall of Fame

‎11-03-2018 07:38 AM - edited ‎11-03-2018 07:39 AM

Thanks for giving back Matt! Great attitude.

 

I am trying it out on a Linux box in my lab. It already had Python but not the Python package installer. So i added it: 

apt install python-pip

Then I had to add the requests module as my Python didn't have that:

python -m pip install requests

(others may need to add other modules as you noted)

 

With that, the script is now executing in Python. But...

 

...it doesn't seem to like the input for my server address (either using FQDN or IP address):

 

root@eve-ng:~# python get_ftd_name_ip.py
###############################################
###                                         ###
### MATT'S AWESOME FIREPOWER SCRIPTY THINGY ###
###                                         ###
###############################################

Ensure this file is running from a location you have read/write access to
When the script completes, look for a file called output.txt

Enter the IP or FQDN of your FMC: https://172.31.1.10
Traceback (most recent call last):
  File "get_ftd_name_ip.py", line 15, in <module>
    server_main = input('Enter the IP or FQDN of your FMC: https://')
  File "<string>", line 1
    172.31.1.10
           ^
SyntaxError: invalid syntax

  I'm not sure what's up with that. Any ideas?

0 Helpful

matty-boy
Level 1
Level 1
In response to Marvin Rhoads

‎11-03-2018 08:29 AM

Hi Marvin,

Do you know what version of Python your server is running? The formatting of the output is all a bit weird so I wonder if you have an older Python version that works a bit differently? Can you try installing the latest version of Python?

Cheers,
Matt.

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to matty-boy

‎11-03-2018 08:49 AM - edited ‎11-03-2018 08:53 AM

That was the key Matt - I have both Python2 and Python3 on that host. Running your script by invoking Python3 (3.5.1 in my case - I believe 3.7.1 is currently the latest) worked like a charm.

 

root@eve-ng:~# python3 get_ftd_name_ip.py
###############################################
###                                         ###
### MATT'S AWESOME FIREPOWER SCRIPTY THINGY ###
###                                         ###
###############################################

Ensure this file is running from a location you have read/write access to
When the script completes, look for a file called output.txt

Enter the IP or FQDN of your FMC: https://172.31.1.10
Username: adm-marvin
Password: 

Querying the FMC API, please wait....


/usr/lib/python3/dist-packages/urllib3/connectionpool.py:794: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html
  InsecureRequestWarning)



Finished. Look for a file called output.txt in the same directory this script executed from.

Press <Enter> to close this window.
root@eve-ng:~# more output.txt
FTDv 172.31.1.24
root@eve-ng:~#

 

0 Helpful

matty-boy
Level 1
Level 1
In response to Marvin Rhoads

‎11-03-2018 09:43 AM

That's great, thanks for confirming it's working for you now!

 

As it stands, it's not massively useful (although one of the customers we support have over 100 FTDs on their FMCs so it's a quick and easy way of listing all the hostnames and IPs) but it's a start. I want to progress onto working with objects and NATs as this is something that has the potential for saving a lot of time.

 

I'm surprised there is no repository of scripts for doing common useful tasks. Maybe we can start that here?

 

I've updated the script a little to add the option of displaying the native JSON output. This will help figure out what changes can be made to the script to get other info out of the FMC. I'll upload the updated version shortly.

 

Cheers,

Matt.

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to matty-boy

‎11-03-2018 09:46 AM - edited ‎11-03-2018 09:47 AM

You're welcome.

 

Cisco promises a lot more API functionality with 6.3 - including providing example scripts. FDM and CDO both use the API natively under the covers to do their thing.

 

I might suggest putting on a GitHub repository. If you don't have one yet, it's a great place to start.

0 Helpful

matty-boy
Level 1
Level 1
In response to Marvin Rhoads

‎11-03-2018 10:53 AM

I think a GitHub repository sounds like a great idea! Never used it myself but there's a first time for everything....

0 Helpful

matty-boy
Level 1
Level 1
In response to matty-boy

‎11-03-2018 12:16 PM

Updated script attached (remember to change the suffix from .txt to .py to execute).

 

Cheers,

Matt.

Preview file
3 KB

babiojd01
Level 1
Level 1
In response to matty-boy

‎11-05-2018 05:50 AM

I use powershell if you want some skeleton code.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card