Hi there ,
I'm currently trying to something to get every switch port configuration and every LLDP / CDP device on every switch port.
The issue I'm looking at , is that I have to do a call for every device we have.
ex:
GET /networks/[networkId]/devices/[serial]/lldp_cdp
and :
GET /devices/[serial]/switchPorts
I have to identify every single AP that is misconfigured ( like an AP seen on access port.
We have over 2500 device so I really need to script that.
Anyone done something similar ?
Thanks a lot.
Solved! Go to solution.
Not unless you're using multithreading or some other concurrent processing method. Meraki API calls take 2-5 seconds to return usually. One script running sequentially will never be able to exceed the 5calls/second limit.
I would probably attack this using the Org Inventory call, and then iterate though those results to get LLDP/CDP and switchport info for every device whose model starts with MS
So something like this in pseudocode:
devices = get /organizations/[id]/inventory for dev in devices if dev[model] starts with "MS" cdp-lldp = get /networks/dev[networkId]/devices/dev[serial]/lldp_cdp lastport = dev[model[6:] #slice the model number to get number of ports for portnumber in range(0 to lastport) switchport[portnumber] = get /devices/[serial]/switchPorts/[portnumber] print cdp-lldp print switchport
Thanks for the pseudo code. I'm almost done , but I have one last concern.
Since I will have to retrieve info from over 2500 devices , it looks like I'm going to be bottlenecked by the 5 calls / sec limit , ain't that right ?
- Raphael
Not unless you're using multithreading or some other concurrent processing method. Meraki API calls take 2-5 seconds to return usually. One script running sequentially will never be able to exceed the 5calls/second limit.
Since I will have to retrieve info from over 2500 devices , it looks like I'm going to be bottlenecked by the 5 calls / sec limit , ain't that right ?
Correct. But even if you only do 1 device a second you'll be done in an hour - so no big deal. Even if it takes 8 hours you can just leave it running over night and you'll have your answers in the morning when you come into work.
So I'm done with my script ! I can now identify any device via LLDP that as AP in it's name and identify if it's port is either in access or trunk. If it is in access , it is flagged as misconfigured.
If you guys need it I can share my code ( only have to adapt your key ,orgID, and the output messages ( currently in french )
Last question : I'm looking for the equivalent of :
GET /devices/[serial]/switchPorts
but for MX ( not MS ). I don't see anything. I would like to be able to identify misused ports on MX.
Going to make a wish if this feature is not already there.
Thanks a lot
Sure !
Here it is
import json
from meraki import meraki
apikey = "" #YOUR KEY
orgid = "" #YOUR ORG ID
Inventaire = meraki.getorginventory(apikey,orgid)
for switch in Inventaire:
if switch['networkId'] is not None:
lldp = meraki.getlldplldp(apikey, switch['networkId'] , switch['serial'])
try:
for portID in lldp['ports']:
try:
if "AP" in lldp['ports'][portID]['lldp']['systemName']:
#checking if AP is in the lldp info , we named our AP like that
portdetail = meraki.getswitchportdetail(apikey, switch['serial'] , portID)
if portdetail['type'] == "access":
config = "Port {} de la switch {} est mal configuré pour la borne {}.\n".format(portID, switch['name'], lldp['ports'][portID]['lldp']['systemName'] )
f = open("OP_portAP.txt", "a")
f.write(config)
f.close()
except:
erreur = "no ports"
except:
erreur = "no lldp"
You might want to adjust some parts in the script , but the logic is there,
I've been working on an easy way to pull CDP info, esp since the API seems like the only way to get it out of an MX. My goal was to be able to pick an org, pull its network list, then granularly work network->device category->device (or whole hog) to get specific info.
Take a look here, you may find some code to build your own solution:
https://developer.cisco.com/codeexchange/github/repo/routetonull/getMerakiNeighbor