Aegis Automation Workflows in 5 Minutes - Backup Running Configuration from Cisco IOS Network Devices

The "Aegis Automation Workflows in 5 Minutes" cool-tool blog series shows examples of Aegis workflows which deliver value in as little as 5 minutes development time - all using out of the box activities! Aegis workflows can be forever evolving, and while these workflows fulfill a purpose, you may for example want to extend a workflow from being a simple notification workflow to one which goes further to remediate a problem.

This 5 minute workflow will connect to all your Cisco Network Devices and save their running configuration to disk. This could be done on a schedule, before upgrades or just to verify the configuration hasn't changed automatically. The workflow will use a list of known devices and connect to each one in turn, saving their current configuration to a backup location.

This is what the workflow looks like...


The workflow has uses a stored array of ip addresses for the list of Network Devices which are processed in sequence using the 'For Each' loop activity. It then establishes connections to the devices using Telnet (Arrgh Security! - check the Next steps below... I don't have SSH capable IOS version). The Telnet activity issues a number of commands to output the running configuration ...


Next it uses a regular expression to remove the unwanted text from the telnet session output including the logging in etc. and then saves the regex output to file.


And you are done ... hopefully in 5 minutes!

The workflow is attached if you want to compare results. There are some workitem attributes which need updating to work in your environment, the password attribute stores the Cisco password (I use the same for login and running enable command), networkDeviceList stores the address's of the Devices to connect to and outputfilePath is where to store the config files . Everything else is generic. The workflow requires Aegis 3.2 and Cisco IOS devices.

Next Steps - yes you've guessed it, there are loads of possibilities to extend this workflow! Here are some examples...

  1. A must - add some error handling and notification! If there are any failures (for example is a Cisco Network Device is unreachable) the workflow will silently fail apart from an error in console.

  • Substitute the Telnet Activity with the SSH activity if you have SSH capable IOS version. Add decision support if you have a mix of Telnet / SSH devices.

  • The workflow has a static list of device addresses - you can read the list dynamically from another source so the workflow always picks the current device list. Reading from File / Database etc.

  • The same technique can be used to verify IOS versions, update passwords etc.

  • Could you perform a restore of a configuration?

  • Verify if there are any changes since the previous backup - notification if there is ?

  • Add a scheduled trigger, so the workflow runs automatically on a schedule of your choosing.


How To-Best Practice
Comment List