diff --git a/.gitignore b/.gitignore index ec974af..cbdfffd 100644 --- a/.gitignore +++ b/.gitignore @@ -106,3 +106,9 @@ venv.bak/ # trash .vscode/ +scans/* +logs/* + +test_api.py + +samples/custom-nmap-scan.sh diff --git a/nbs/__init__.py b/nbs/__init__.py index 38e18a9..ee79cc3 100644 --- a/nbs/__init__.py +++ b/nbs/__init__.py @@ -1,4 +1,5 @@ import logging +import requests from pynetbox import api @@ -6,16 +7,31 @@ from pynetbox import api class NetBoxScanner(object): def __init__(self, address, token, tls_verify, tag, cleanup): - self.netbox = api(address, token, ssl_verify=tls_verify) - self.tag = tag - self.cleanup = cleanup - self.stats = { - 'unchanged': 0, - 'created': 0, - 'updated': 0, - 'deleted': 0, - 'errors': 0 - } + if (tls_verify == 'no'): + session = requests.Session() + session.verify = False + self.netbox = api(address, token) + self.netbox.http_session = session + self.tag = tag + self.cleanup = cleanup + self.stats = { + 'unchanged': 0, + 'created': 0, + 'updated': 0, + 'deleted': 0, + 'errors': 0 + } + else: + self.netbox = api(address, token) + self.tag = tag + self.cleanup = cleanup + self.stats = { + 'unchanged': 0, + 'created': 0, + 'updated': 0, + 'deleted': 0, + 'errors': 0 + } def sync_host(self, host): '''Syncs a single host to NetBox @@ -36,18 +52,20 @@ class NetBoxScanner(object): aux = nbhost.description nbhost.description = host[1] nbhost.save() - logging.info(f'updated: {host[0]}/32 "{aux}" -> "{host[1]}"') + logging.info( + f'updated: {host[0]}/32 "{aux}" -> "{host[1]}"') self.stats['updated'] += 1 else: logging.info(f'unchanged: {host[0]}/32 "{host[1]}"') self.stats['unchanged'] += 1 else: - logging.info(f'unchanged: {host[0]}/32 "{host[1]}"') - self.stats['unchanged'] += 1 + logging.info(f'unchanged: {host[0]}/32 "{host[1]}"') + self.stats['unchanged'] += 1 else: self.netbox.ipam.ip_addresses.create( address=host[0], - # tags=[self.tag], + tags=[{"name": self.tag}], + # dns_name=host[1], description=host[1] ) logging.info(f'created: {host[0]}/32 "{host[1]}"') diff --git a/nbs/nmap.py b/nbs/nmap.py index 0d7d413..e1615bb 100644 --- a/nbs/nmap.py +++ b/nbs/nmap.py @@ -28,4 +28,3 @@ class Nmap(object): host.find('address').attrib['addr'], self.unknown )) - \ No newline at end of file diff --git a/netbox-scanner.conf b/netbox-scanner.conf index e99918f..e36825f 100644 --- a/netbox-scanner.conf +++ b/netbox-scanner.conf @@ -1,29 +1,29 @@ [NETBOX] -address = https://netbox.domain -token = +address = +token = +logs = logs/ +# use lowercase no if you want to skip ssl verification. +# any other value will verify the server ssl certificate. tls_verify = no -logs = . [NMAP] -path = /opt/netbox-scanner/samples/nmap +path = ./ unknown = autodiscovered:netbox-scanner tag = nmap -cleanup = yes +cleanup = no [NETXMS] address = https://netxms.domain -username = +username = password = -tls_verify = no unknown = autodiscovered:netbox-scanner tag = netxms cleanup = yes [PRIME] address = https://prime.domain/webacs/api/v4 -username = -password = -tls_verify = no +username = +password = unknown = autodiscovered:netbox-scanner tag = prime cleanup = yes diff --git a/netbox-scanner.py b/netbox-scanner.py index 70aa3a3..1815c07 100644 --- a/netbox-scanner.py +++ b/netbox-scanner.py @@ -1,6 +1,7 @@ #!/usr/bin/env python3 import logging +import sys from configparser import ConfigParser from argparse import ArgumentParser @@ -10,9 +11,15 @@ from urllib3 import disable_warnings from urllib3.exceptions import InsecureRequestWarning from nbs import NetBoxScanner -from nbs.nmap import Nmap -from nbs.netxms import NetXMS -from nbs.prime import Prime + +argument = str(sys.argv[1]) + +if argument == 'nmap': + from nbs.nmap import Nmap +if argument == 'netxms': + from nbs.netxms import NetXMS +if argument == 'prime': + from nbs.prime import Prime local_config = expanduser('~/.netbox-scanner.conf') @@ -27,16 +34,22 @@ else: raise FileNotFoundError('Configuration file was not found.') netbox = config['NETBOX'] -nmap = config['NMAP'] -netxms = config['NETXMS'] -prime = config['PRIME'] +if argument == 'nmap': + nmap = config['NMAP'] +if argument == 'netxms': + netxms = config['NETXMS'] +if argument == 'prime': + prime = config['PRIME'] parser = ArgumentParser(description='netbox-scanner') subparsers = parser.add_subparsers(title='Commands', dest='command') subparsers.required = True -argsp = subparsers.add_parser('nmap', help='Nmap module') -argsp = subparsers.add_parser('netxms', help='NetXMS module') -argsp = subparsers.add_parser('prime', help='Cisco Prime module') +if argument == 'nmap': + argsp = subparsers.add_parser('nmap', help='Nmap module') +if argument == 'netxms': + argsp = subparsers.add_parser('netxms', help='NetXMS module') +if argument == 'prime': + argsp = subparsers.add_parser('prime', help='Cisco Prime module') args = parser.parse_args() logfile = '{}/netbox-scanner-{}.log'.format( @@ -44,12 +57,13 @@ logfile = '{}/netbox-scanner-{}.log'.format( datetime.now().isoformat() ) logging.basicConfig( - filename=logfile, - level=logging.INFO, + filename=logfile, + level=logging.INFO, format='%(asctime)s\tnetbox-scanner\t%(levelname)s\t%(message)s' ) logging.getLogger().addHandler(logging.StreamHandler()) +# useful if you have tls_verify set to no disable_warnings(InsecureRequestWarning) @@ -58,6 +72,7 @@ def cmd_nmap(s): # nmap handler h.run() s.sync(h.hosts) + def cmd_netxms(s): # netxms handler h = NetXMS( netxms['address'], @@ -69,12 +84,13 @@ def cmd_netxms(s): # netxms handler h.run() s.sync(h.hosts) + def cmd_prime(s): # prime handler h = Prime( prime['address'], prime['username'], prime['password'], - prime.getboolean('tls_verify'), + prime.getboolean('tls_verify'), prime['unknown'] ) h.run() # set access_point=True to process APs @@ -85,8 +101,8 @@ if __name__ == '__main__': scanner = NetBoxScanner( netbox['address'], netbox['token'], - netbox.getboolean('tls_verify'), - nmap['tag'], + netbox['tls_verify'], + nmap['tag'], nmap.getboolean('cleanup') ) diff --git a/samples/networks.txt b/samples/networks.txt new file mode 100644 index 0000000..2718a04 --- /dev/null +++ b/samples/networks.txt @@ -0,0 +1,5 @@ +192.168.0.0/24 +192.168.1.0/24 +192.168.2.0/24 +192.168.3.0/24 +172.16.0.0/24 diff --git a/samples/nmap-1.xml b/samples/nmap-1.xml deleted file mode 100644 index df7ecb0..0000000 --- a/samples/nmap-1.xml +++ /dev/null @@ -1,72 +0,0 @@ - - - - - - - - - -
- - - - - - - - - - - - cpe:/a:openbsd:openssh:5.3p1 - cpe:/o:linux:kernel - -