Backup HP ProCurve Switches via SSH, TFTP and PowerShell

15. February 2017

blog.feldmann.io

PowerShell Version: >4 
Modules: Posh-SSH

So, this is a pretty specific one! I have been tasked to backup old and new ProCurve Switches and of course I am using PowerShell for this 😉 I found a script about doing this via SFTP where you enable ip ssh filetransfer on the switches and get the files from there but unfortunately two of the 2610’s in the environment do a reboot on every sftp connection…so…that is not an option here 😉 The only good alternative I came up with was to SSH on the client and use TFTP to copy the configs where you want them. The tftp client is enabled on the ProCurve’s by default so what you need to do this is PowerShell with Posh-SSH, and a TFTP Server:

#import posh-ssh
Import-Module -name posh-ssh

# globals
$today = Get-Date -Format "ddMMyyy"
$month = Get-Date -Format MMMM
$year = Get-Date -Format "yyyy"
$tftp_server = "IP OF YOUR TFTP SERVER"

# create a folder for every year
Get-Item "C:\switch_backup\$year\" -ErrorAction SilentlyContinue
if (!$?)
    {
    New-Item "C:\switch_backup\$year\" -ItemType Directory
    }

# create a folder for every month
Get-Item "C:\switch_backup\$year\$month\" -ErrorAction SilentlyContinue
if (!$?)
    {
    New-Item "C:\switch_backup\$year\$month\" -ItemType Directory
    }

# create a folder for every day
Get-Item "C:\switch_backup\$year\$month\$today\" -ErrorAction SilentlyContinue
if (!$?)
    {
    New-Item "C:\switch_backup\$year\$month\$today\" -ItemType Directory
    }

# simple credential handling
$username = "manager"
$pwfile = "C:\tmp\cred.txt"
$Credentials=New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $username, (Get-Content $pwfile | ConvertTo-SecureString)

# put all the devices in this array
$switches_array = @()
$switches_array = "SWITCHIP","SWITCHIP","SWITCHIP"

foreach ($switch in $switches_array)
    {
    # create a folder for every device
    Get-Item "C:\switch_backup\$year\$month\$today\$switch" -ErrorAction SilentlyContinue
    if (!$?)
        {
        New-Item "C:\switch_backup\$year\$month\$today\$switch" -ItemType Directory
        }
    # start the SSH Session
    New-SSHSession -ComputerName $switch -Credential $Credentials -AcceptKey:$true
    $session = Get-SSHSession -Index 0
    # usual SSH won't work, we need a shell stream for the procurve
    $stream = $session.Session.CreateShellStream("dumb", 0, 0, 0, 0, 1000)
    # send a "space" for the "Press any key to continue" and wait before you issue the next command
    $stream.Write("`n")
    Sleep 5
    # copy startup-config and wait before you issue the next command
    $stream.Write("copy startup-config tftp $tftp_server \$year\$month\$today\$switch\startup-config`n")
    Sleep 10
    # copy running-config and wait before you issue the next command
    $stream.Write("copy running-config tftp $tftp_server \$year\$month\$today\$switch\running-config`n")
    Sleep 10
    # disconnect from host
    Remove-SSHSession -SessionId 0
    # compare running and startup config and remove running-config if equal
    $running_config = Get-Content C:\switch_backup\$year\$month\$today\$switch\running-config -ErrorAction SilentlyContinue
    $startup_config = Get-Content C:\switch_backup\$year\$month\$today\$switch\startup-config -ErrorAction SilentlyContinue
    $comparison = Compare-Object -ReferenceObject $startup_config -DifferenceObject $running_config
    if (!$comparison)
        {
        Remove-Item C:\switch_backup\$year\$month\$today\$switch\running-config -Force
        }
    }

As for the creds I chose a password file as secure-string – not the safest but fairly easy to work with:

Read-Host "Enter Password:" | ConvertTo-SecureString -AsPlainText -Force | ConvertFrom-SecureString | Out-File "C:\tmp\cred.txt"

 

Monitor scheduled Tasks using PowerShell and check_mk

2. February 2017

blog.feldmann.io

PowerShell Version: >1 
Modules: none

As I am focused on a new check_mk implementation there might be a lot of PowerShell/check_mk around here for a bit 😉 This time I wrote something to monitor the result of a scheduled task the oldschool way. With PowerShell >4 you can use the Get-ScheduledTask function as shown here but as I want this to run even on PowerShell v1 I used the old schtasks /query command line function:

#enter task name with path in scheduler
$name = "TEST"
#gather information
$scheduled_task = schtasks /query /TN $name /v /fo LIST
# EN - "Last Result" ; DE - "Letztes Ergebnis"
$scheduled_task_result = $scheduled_task | Select-String -Pattern "Last Result"
#fix name for check_mk
if ($name -like "*\*")
    {
    $name = $name -replace '.*\\',''
    }
#task errorstate 1
if ($scheduled_task_result -like "*1*")
    {
    echo `<`<`<local`>`>`>
    echo "2 $name $name=1 Scheduled Task not successful!"
    }
#task successful
elseif ($scheduled_task_result -like "*0*")
    {
    echo `<`<`<local`>`>`>
    echo "0 $name $name=0 Scheduled Task successful!"
    }
#task errorstate $?
else
    {
    echo `<`<`<local`>`>`>
    echo "1 $name $name=2 Status unclear!"
    }