topic Re: Script to restart management server process on firewalls in Automation/API Discussions

Script to restart management server process on firewalls

hyadavalli — Fri, 03 Oct 2014 18:35:29 GMT

Hello All,

I have a hot case(248797) where customer has upgraded panorama from 5.1.x to 6.0.x where in log forwarding process has stopped from firewalls after upgrade.

After some troubleshooting I did notice that firewalls show as connected but below command for log-collector status show as No

>debug management-server log-collector-agent-status

whereas on panorama device show as connected.

For this I had to restart management-server process on one firewall and that started log forwarding process.

debug software restart management-server

Since customer has around 200 firewalls he won't login to all the firewalls and do the above step and he is looking for an automated way or script to run such that management server process can be restarted without login into firewalls.

Regards,

Hari Yadavalli

Re: Script to restart management server process on firewalls

mmmccorkle — Fri, 03 Oct 2014 19:47:26 GMT

Hyadavalli,

Wouldn't we need to have root access in order to run scripts?

I don't believe there can be an easy way to automate this, if there is at all..

I'm open to all ideas though, but as far as I understand, I don't see a way to do this.

Any one else?

Re: Script to restart management server process on firewalls

bspilde — Fri, 03 Oct 2014 20:15:53 GMT

You should be able to script that quite easily with a network configuration manager like ManageEngine, Solarwinds Orion NCM, or HP Network Automation. You could have them download a demo of Solarwinds Orion NCM although there might be easier ways even with some expect scripting from a Linux or Mac calling a list of firewall IP addresses. I am not skilled in expect scripting but there are tools to assist in making device drivers for network configuration managers. I developed some for HP NA but the Solarwinds NCM option is easier and they have a community on thwack.com for more assistance. I've used tools like this to do mass changes to QoS policies, schedule reboots, detect and change default passwords, modify SNMP strings, create accounts, etc. for many years.

It wouldn't be too difficult really @hyadavalli. Network Configuration & Change Management Software

Re: Script to restart management server process on firewalls

bspilde — Fri, 03 Oct 2014 21:18:06 GMT

Here is a good example of how to perform this with just a Linux box using expect scripting and a list of system IP's.

Expect script which can execute commands on multiple servers via SSH | Security-Portal.cz | Bezpečnost • Hacking • Komun…

Here is how to install Expect:

Install expect

Expect comes with special pre installed script called multixterm expect. If you are using Debian Linux then use apt-get as follows :

# apt-get install expect # apt-get install expectk

If you are using Red hat Linux then use up2date command as follows:

# up2date -i expect

Fedora core (RHEL 5) / CentOS Linux user can use yum:

# yum install expect expectk

You can use ports to install expect under FreeBSD or use following command:

# pkg_add -v -r expect

Please note you can download expect from offical web site.