-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathplaybook_generate_audit_report.yml
122 lines (100 loc) · 4.15 KB
/
playbook_generate_audit_report.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
---
- name: Delete previous reports and create audit directories
hosts: localhost
gather_facts: false
tags:
- clean
tasks:
- name: delete the audit directory
file:
path: "{{save_dir}}/audit"
state: absent
- name: make sure the audit directories exist
file:
path: "{{save_dir}}/audit/fragments"
state: directory
- name: collect data on EOS devices and generate an audit report file for each device
hosts: eos
connection: httpapi
gather_facts: false
tasks:
- name: collect devices details
eos_command:
commands: "show version | json"
register: registered_version
- name: collect power supplies status
eos_command:
commands: "show environment power | json"
register: registered_power
- name: collect fan status
eos_command:
commands: "show environment cooling | json"
register: registered_fan
- name: validate temperature
eos_command:
commands: "show environment temperature | json"
register: registered_temperature
- name: collect interfaces details
eos_command:
commands: "show interfaces {{item.interface}} description | json"
loop: "{{topology}}"
when: (item.interface is defined) and ((ansible_version['major'] == 2 and ansible_version['minor']|int >= 9))
register: registered_interfaces
- name: collect LLDP details
eos_command:
commands: "show lldp neighbors {{item.interface}} | json"
loop: "{{topology}}"
when: (item.interface is defined) and (item.lldp_neighbor is defined) and ((ansible_version['major'] == 2 and ansible_version['minor']|int >= 9))
register: registered_lldp
- name: run ping to EBGP peers (directly connected)
eos_command:
commands: "ping {{ item.ebgp_peer_ip }} source {{ item.ip }} repeat 1"
loop: "{{topology}}"
register: registered_icmp_ebgp
- name: collect BGP details
eos_command:
commands: "show ip bgp neighbors {{item.ebgp_peer_ip}} | json"
loop: "{{topology}}"
when: (item.ebgp_peer_ip is defined) and ((ansible_version['major'] == 2 and ansible_version['minor']|int >= 9))
register: registered_bgp
- name: collect routing table for EBGP peers loopback
eos_command:
commands: "show ip route {{ item.ebgp_peer_loopback + ('/32') }} | json"
loop: "{{topology}}"
when: (item.ebgp_peer_loopback is defined) and ((ansible_version['major'] == 2 and ansible_version['minor']|int >= 9))
register: registered_routing
- name: run ping from a local interface to EBGP peers loopback
eos_command:
commands: "ping {{ item.ebgp_peer_loopback }} source {{ item.ip }} repeat 1 "
loop: "{{topology}}"
when: (item.ebgp_peer_loopback is defined) and (item.ip is defined)
register: registered_icmp_from_local_to_ebgp_loopback
- name: run ping from local loopback to EBGP peers loopback
eos_command:
commands: "ping {{ item.ebgp_peer_loopback }} source {{ loopback }} repeat 1 "
loop: "{{topology}}"
when: (item.ebgp_peer_loopback is defined)
register: registered_icmp_from_loopback_to_ebgp_loopback
- name: generate report files from a template for each device
template:
src: "{{playbook_dir}}/templates/audit_report.j2"
dest: "{{save_dir}}/audit/fragments/{{inventory_hostname}}.md"
lstrip_blocks: yes
- name: assemble all reports
hosts: localhost
gather_facts: false
tasks:
- name: generate report file structure from a template
template:
src: "{{playbook_dir}}/templates/audit_report_structure.j2"
dest: "{{save_dir}}/audit/fragments/_audit_report_structure.md"
- name: Assembling all reports
assemble:
src: "{{save_dir}}/audit/fragments"
dest: "{{save_dir}}/audit/report.md"
delimiter: '***************************************************'
- name: include timestamp at beginning of report file
lineinfile:
path: "{{save_dir}}/audit/report.md"
line: "Report generated with Ansible ({{ lookup('pipe','date') }})\n"
insertbefore: BOF