[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2337
  • Last Modified:

I am in need of a script that will do many functions

Hello, all

I am in need  of a script that will do many functions.

1. I have a list of subnets called subnets.txt
the contents of subnet.txt look like this

10.2.0.0/16
10.2.92.0/24
10.3.0.0/16

2. I need to run a cli that points to each of the contents in subnet.txt and run it one subnet at a time, like so

getzoneprof -u Xxx -p Xxx -a $subnet -o Orig

Once you run this I get lots of stuff, but I am only interested in on a few parameters which start from the first 4 lines of the output.

This is what it looks like:

getzoneprof -u qipman -p qipman -a 10.0.0.0/16 -o Orig

Zone=10.0.0.0/16
ParentAddress=10.0.0.0/8
NetworkAddress=10.0.0.0
dnsServers=richm01.cmmc.sark.com P 0,hhyt.sark.com 0,6cnscuyt1.netdevice.richsark.com S 0

What I need to do from here is a bit fun, ssh into each server thats under dnsServers= ( The P and the S means primary and secondary dns servers) using my userid of richsark and password of 12345


When I ssh, there are a few prompts that I need to overcome in the script, see below attempt to ssh to a server

$ ssh richsark@richm01.cmmc.sark.com
Could not create directory '/home/richsark/.ssh'.
The authenticity of host 'richm01.cmmc.sark.com (199.199.2.1)' can't be established.
RSA key fingerprint is g98:t6:a8:31:7f:57:bd:b2:13:c9:0a:6a:5v:ac:73:55.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/home/richsark/.ssh/known_hosts).
richsarks Password:
Total users logged in (via BoKS): 14475 (1 on this host)
Last Login 04/16/09 08:58:09 (sarkisrns.svr.us.sark.net:pts/1)

$ ( I am one)


Once I am on, I need to see if there are any files that are *.jnl in directory /opt/rich/sark

If it is, maintain a report Y/N and move on the next server

So the report ( reportcard.txt)  should look something like:

From Zone 10.0.0.0/16 containting dnsserver "richm01.cmmc.sark.com" found =yes/no presence of "jnl" files

The list should continue to the next dnsserver= hhyt.sark.com and do the same. We should keep the report seperated for each subnet

Thanks
1
richsark
Asked:
richsark
  • 40
  • 21
1 Solution
 
Adam314Commented:

#!/usr/bin/perl
use strict;
use warnings;
use Net::SSH::Expect;
 
open(my $out, "log.txt") or die "Could not open log: $!\n";
 
##### Step 1, read subnet.txt
open(my $in, "<subnet.txt") or die "Could not open subnet.txt: $!\n";
while(<$in>) {
	chomp;
	
	##### Step 2: run getzoneprof, and keep first 4 lines only
	my @getzoneprof = `getzoneprof -u Xxx -p Xxx -a $_ -o Orig`;
	@getzoneprof = @getzoneprof[0..3];
	
	##### Find server name
	warn "Server not found for $_\n",next unless $getzoneprof[-1] =~ /dnsServers=(\S+)/;
	my $dns = $1;
	
	##### ssh to server
	my $ssh = Net::SSH::Expect->new (
	  host => $dns,
	  password=> '12345',
	  user => 'richsark',
	  );
	
	my $login_output = $ssh->login();
	unless($login_output =~ /Last Login/) {
		warn "Login has failed. Login output was $login_output";
		next;
	}
	
	##### run ls to look for files
	my $ls = $ssh->exec("ls /opt/rich/sark/*.jnl");
	$found='no';
	$found='yes' if $ls =~ m|/opt/rich/sark/|;
	print $out "From zone $_ containing dnsserver \"$dns\" found=$found of presense of \"jnl\" files\n";
	
	$ssh->close;
}
 
close($out);

Open in new window

0
 
richsarkAuthor Commented:
Hi Adam, WOW !
I will try it now
0
 
ghostdog74Commented:
how convenient. someone has done your work for you.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
richsarkAuthor Commented:
Hi Adam
Can I overcome this error:

Can't locate warnings.pm in @INC (@INC contains: /usr/perl5/5.00503/sun4-solaris /usr/perl5/5.00503 /usr/perl5/site_perl/5.005/sun4-solaris /usr/perl5/site_perl/5.005 .) at ./ssh-pull.pl line 3.
BEGIN failed--compilation aborted at ./ssh-pull.pl line 3.
0
 
richsarkAuthor Commented:
HI Adam, I know what your going to say "Upgrade you dang Perl!"
 
0
 
richsarkAuthor Commented:
Hi Adam. ok I have upgraded to per V5.8.9
But its complaining on:
Can't locate Net/SSH/Expect.pm in @INC (@INC contains: /usr/bin/perl2/site/lib /usr/bin/perl2/lib .) at ssh-pull.sh line 4.
Can I full path ssh?  I know where it is /usr/rich/ssh, or we can set in in the enviroment?
 
0
 
Adam314Commented:
You need to install that module.  As root:
    cpan Net::SSH::Expect
0
 
richsarkAuthor Commented:
Hi Adam, I install the necessary packages, but I get this error when I run it

Global symbol "$found" requires explicit package name at test.pl line 37.
Global symbol "$found" requires explicit package name at test.pl line 38.
Global symbol "$found" requires explicit package name at test.pl line 39.
Execution of test.pl aborted due to compilation errors.

Thanks
0
 
richsarkAuthor Commented:
HI Adam., I corrected that error with

$found='no';

to

my $found='no';

no I get this error:

Can't locate object method "new" via package "Net::SSH::Expect" (perhaps you forgot to load "Net::SSH::Expect"?) at test.pl line 24, <$in> line 1.

0
 
Adam314Commented:
Did you copy the code exactly as it is posted?  Especially, do you have the line:
   use Net::SSH::Expect;
0
 
richsarkAuthor Commented:
Yes Adam,

#!/perl
use strict;
use warnings;
use Net::SSH::Expect;




0
 
Adam314Commented:
What is your output from running this on the command line
perl -MNet::SSH::Expect -e 'print "$Net::SSH::Expect::VERSION\n"'

Open in new window

0
 
richsarkAuthor Commented:
HI Adam,

I ran it once more the cpan Net::SSH::Expect, and installed it. I guess I did it a different way before. The results are below:

Administrator@sarkie /cygdrive/e/-rich/cli
$ perl -MNet::SSH::Expect -e 'print "$Net::SSH::Expect::VERSION\n"'
1.09

I still have an issue

$ perl test.pl
SSHProcessError The ssh process was terminated. at test.pl line 29
0
 
richsarkAuthor Commented:
Hi Adam, Do you an idea on my error on Line 29

SSHProcessError The ssh process was terminated. at test.pl line 29

Thanks
0
 
richsarkAuthor Commented:

Hi Adam, Looks like its sorta working,
when I run it, I get this on the screen for 5 secs
richsark's Password:  at /usr/lib/perl5/site_perl/5.10/Expect.pm line 828

Then I back to my command prompt

I also want to confrim that when it ssh's it does richsark@server_name

Were almost there !
0
 
richsarkAuthor Commented:

Hi,
After looking further, I see this right after my perl excution

$ perl test.pl
SSHAuthenticationError Login timed out. The input stream currently has the contents bellow:
*** IT IS AN OFFENSE TO CONTINUE WITHOUT THE CORRECT AUTHORIZATION ***
Individuals using this computer system with or without proper.....

Thanks!
0
 
richsarkAuthor Commented:
Hi, I have been hammering this, ut I hope to get a response soon,
I added some print statements and I can confirm that the ssh connection is working following the ls for *.jnl files

See below:

$ ls /opt/qip/named/*.jnl
/opt/rich/sark/db.101.69.169.in-addr.arpa.jnl
/opt/rich/sark//db.107.69.169.in-addr.arpa.jnl
/opt/rich/sark/db.108.168.192.in-addr.arpa.jnl

But I dont get any logs or report as it goes,

All I get is $ yesFilehandle $out opened only for input at test.pl line 40, <$in> line 2

Also please note, that the dnsServers= has many servers, seems like its only doing the first set (richm01.cmmc.sark.com ) and not the rest.

dnsServers=richm01.cmmc.sark.com P 0,hhyt.sark.com 0,6cnscuyt1.netdevice.richsark.com S 0
0
 
Adam314Commented:
Try this... what output do you get:

Also, try installing the Net::SSH::Perl module, using (as root):
    cpan Net::SSH::Perl

If that works, we can try that module instead.
#!/usr/bin/perl
use strict;
use warnings;
use Net::SSH::Expect;
 
#NOTE: Update host, user, and password as needed
my $ssh = Net::SSH::Expect->new (
    host => 'some_host_here',
    password=> '12345',
    user => 'richsark',
);
 
my $login_output = $ssh->login();
unless($login_output =~ /Last Login/) {
    die "Login has failed. Login output was $login_output";
}
 
##### run ls to look for files
my $ls = $ssh->exec("ls /opt/rich/sark/*.jnl");
print "***** ls=\n$ls\n";
 
 
$ssh->close;

Open in new window

0
 
richsarkAuthor Commented:

Hi All, seems like I am the only one here today :)

I got the report to work by adding the > to the log.txt line ( open(my $out, ">log.txt") or die "Could not open log: $!\n";

I am still having 2 minor issues that I hope I can get a response.
Seems like my dnsServers= line is only pulling 1 DNS server from that line, In some cases I have 20 of them.  looks like it only grabbing the first server from that line

Issue 2: In some cases, the ssh does not login, I have to run the script 2x and it will go, but when I get to a new server, it stops. If I run it agian, I get to the same point, as soon as it does a net set, It dies. Something has to be wrong with a string its expecting??

Please advice


I added \ism to the end of this line thinking it would work:
 
print warn "Server not found for $_\n",next unless $getzoneprof[-1] =~ /dnsServers=(\S+)/ism;

Open in new window

0
 
richsarkAuthor Commented:
Hi Adam, thanks for your reply,
Before I use your code above, the log.txt looks like
From zone 10.0.0.0/8
 containing dnsserver "ridrnssm01.rich.sark.com" found=yes of presense of "jnl" files
But, its not going to the next server under the dnsServers=  it looks like its seeing just one server. Also, can we make it so if a dnsServer= line is repeated, then there is no need to ssh to it.
In reference to your code above you want me to paste as is and try it using manauly entries, also I dont see have all of the code. where is the dnsServers= and getzoneprof.exe stuff?
Thanks
0
 
richsarkAuthor Commented:
Hi,

I am having a rough time trying to install that module you indicated above.

Is there a way we can work with the original cpan tool? I will give it another shot.

All I see to my issues are:

1. the script is only seeing 1 dns server from dnsServers=

2. If a dns server is repeated, there is not need to ssh to it.

3. when I ssh, the sessions remain open, so after 4 logins, I cant login anymore, but I think that can be fixed if we can solve issue 2.

What do you think?
0
 
richsarkAuthor Commented:
Hi Adam, I ran you latest code, I get the same results.
I had to run it twice to make it work ( just like your first code). It logs in and  I see the contents of the directory with *.jnl files
Do  you think we can resolve my issues above today? not sure if t he delay is the because its difficult?
Thanks !
 
0
 
richsarkAuthor Commented:
HELP !
0
 
Adam314Commented:
So if this is the line:
    dnsServers=richm01.cmmc.sark.com P 0,hhyt.sark.com 0,6cnscuyt1.netdevice.richsark.com S 0
The servers are:
    richm01.cmmc.sark.com
    hhyt.sark.com
    6cnscuyt1.netdevice.richsark.com
Is this correct?


As to why it doesn't work the first time, but does the second... I don't know.  That's why I was asking you to install the other module - I wanted to see if it worked any better.

The code has an $ssh->close, so that should close the connection.  I'm not sure why the connection is staying open.  Maybe one of the other problems is what is really causing it.
0
 
richsarkAuthor Commented:
Hi Adam,
The servers are:
    richm01.cmmc.sark.com
    hhyt.sark.com
    6cnscuyt1.netdevice.richsark.com
Is this correct?
 YES, there maybe at times more then these and different names
I did install and run the other module, and I got t he same thing. I think it has something to do with the prompt on ssh, If I never logged in, it wont say last login, Maybe we can make it more open or wildcard it so it does not matter what it says??
I think if the code is adjusted to login to each dns server ( like your above question) and only login once if its repeated, since the results will be the same, we will be ok
 I wait your reply
0
 
Adam314Commented:
I had the script look for "Last Login" because that is what appeared on the example you posted.  If that isn't always there, then that is what is causing the problem.

Is there some string that will always be displayed, by all servers, regardless of whether you've logged in before or not?  Is the string "Total users logged" always displayed?  If so, that could be used.


This updates processes all dns servers, and skip duplicates.
#!/usr/bin/perl
use strict;
use warnings;
use Net::SSH::Expect;
 
open(my $out, "log.txt") or die "Could not open log: $!\n";
 
my %Processed;
 
##### Step 1, read subnet.txt
open(my $in, "<subnet.txt") or die "Could not open subnet.txt: $!\n";
while(<$in>) {
        chomp;
        
        ##### Step 2: run getzoneprof, and keep first 4 lines only
        my @getzoneprof = `getzoneprof -u Xxx -p Xxx -a $_ -o Orig`;
        @getzoneprof = @getzoneprof[0..3];
        
        ##### Find server name
        warn "Server not found for $_\n",next unless $getzoneprof[-1] =~ /dnsServers=(.+)/;
        my $dns_line = $1;
        my @dns = grep {length($_)>1} split(/[\s,]+/, $dns_line);
        
        foreach my $dns (@dns) {
          next if $Processed{$dns};
          Processed{$dns} = 1;
          
          ##### ssh to server
          my $ssh = Net::SSH::Expect->new (
            host => $dns,
            password=> '12345',
            user => 'richsark',
            );
          
          my $login_output = $ssh->login();
          unless($login_output =~ /Last Login/) {
                  warn "Login has failed. Login output was $login_output";
                  next;
          }
          
          ##### run ls to look for files
          my $ls = $ssh->exec("ls /opt/rich/sark/*.jnl");
          $found='no';
          $found='yes' if $ls =~ m|/opt/rich/sark/|;
          print $out "From zone $_ containing dnsserver \"$dns\" found=$found of presense of \"jnl\" files\n";
          
          $ssh->close;
        }
}
 
close($out);

Open in new window

0
 
richsarkAuthor Commented:
Hi Adam,
Looks like this is what I get when I log in

*** IT IS AN OFFENSE TO CONTINUE WITHOUT THE CORRECT AUTHORIZATION ***
Individuals using this computer system with or without proper authority are subject to having all of their activities monitored and recorded and should have no expectation of privacy unless local law, regulation or contract provides otherwise.
I am trying your code now.
Thanks Man!
0
 
richsarkAuthor Commented:
HI,
I ran your updated code, I get an error:
Can't locate object method "Processed" via package "richm01.cmmc.sark.com" (perhaps you forgot to load "richm01.cmmc.sark.com"?) at test1.pl line 26, <$in> line 1.
0
 
Adam314Commented:
Missing $ at the beginning of the line.  This:
    Processed{$dns} = 1;
should be this:
    $Processed{$dns} = 1;
0
 
richsarkAuthor Commented:
ok fixed, but still cant login right;
 Sometimes I get:

$ perl test1.pl
Filehandle $out opened only for input at test1.pl line 45, <$in> line 1.
Filehandle $out opened only for input at test1.pl line 45, <$in> line 1.
Filehandle $out opened only for input at test1.pl line 45, <$in> line 1.
SSHAuthenticationError Login timed out. The input stream currently has the contents bellow:
*** IT IS AN OFFENSE TO CONTINUE WITHOUT THE CORRECT AUTHORIZATION ***
Individuals using this computer system with or without proper authority are subject to having all of their activities monitored and recorded and shoul
d have no expectation of privacy unless local law, regulation or contract provides otherwise.
if I run it agian, I get
$ perl test1.pl
SSHAuthenticationError Login timed out. The input stream currently has the contents bellow:
*** IT IS AN OFFENSE TO CONTINUE WITHOUT THE CORRECT AUTHORIZATION ***
Individuals using this computer system with or without proper authority are subject to having all of their activities monitored and recorded and shoul
d have no expectation of privacy unless local law, regulation or contract provides otherwise.
richsark's Password:  at /usr/lib/perl5/site_perl/5.10/Expect.pm line 828
0
 
Adam314Commented:
Line 6 has a typo... it is missing the format.  This line:
    open(my $out, "log.txt") or die "Could not open log: $!\n";
should be:
    open(my $out, ">log.txt") or die "Could not open log: $!\n";
Or, if you want to append the log.txt instead of replace it:
    open(my $out, ">>log.txt") or die "Could not open log: $!\n";

For what to search for, change line 36 from:
    unless($login_output =~ /Last Login/) {
To:
    unless($login_output =~ /IT IS AN OFFENSE TO CONTINUE/) {

0
 
richsarkAuthor Commented:
Ok, Done ! Thanks for your fast replys !
Ok, it logins in now, but cant seem to get past 3 logins, not sure if the actualy ssh is fully closed, but I imagin that the connection is closed then it ssh's agian to the next dns server in sequence right, But I need help to explain why It wont go through the list.
Is this a possiable reason:
SSHAuthenticationError Login timed out. The input stream currently has the contents bellow:
 From the log.txt
From zone 10.0.0.0/8
 containing dnsserver "vidrnssm01.cmmc.sark.com" found=yes of presense of "jnl" files
From zone 10.0.0.0/8
 containing dnsserver "dn5sm.sark.com" found=yes of presense of "jnl" files
From zone 10.0.0.0/8
 containing dnsserver "dns2l.sark.com" found=yes of presense of "jnl" files
 
0
 
richsarkAuthor Commented:
Adam, I have an Idea, perhaps if I cant login to a dns server, rather then dieing, go to the next and log the one I got not login to. That way I can see which server is not allowing me in.
I think that is the issue. I manually tried to login to the 4th server, but it did not like my password, so the script died.
Is that a good idea to incorperate that in your script?
0
 
Adam314Commented:
It doesn't die if the login fails, it gives a warning, and goes to the next.  
0
 
richsarkAuthor Commented:
HI, well, from my viewing the screen, it dies since it wont jump to the next server. Since I did try the one that fails manuley I can confirm the password is not good.
Let me know, I am ready to solve this !
Thanks Adam
0
 
Adam314Commented:
Try this test code on the server that fails (replace 'SomeHostHere' with the host name)... what is the output.  

print "Connecting...\n";
my $ssh = Net::SSH::Expect->new (
    host => 'SomeHostHere',
    password=> '12345',
    user => 'richsark',
);
print "Connected.\n";
 
 
print "Logging in...\n";
my $login_output = $ssh->login();
unless($login_output =~ /IT IS AN OFFENSE TO CONTINUE/) {
    warn "Login has failed. Login output was $login_output";
    die;
}
print "Logged in.\n";
 
print "Closing...\n";
$ssh->close;
print "Closed.\n";

Open in new window

0
 
richsarkAuthor Commented:
Hi Adam, I will try this in the morning as I left the office. I will let you know early Wed morning so we can continue

Thanks
0
 
richsarkAuthor Commented:
Hi Adam,
I ran two tests, the first was I used a sevrer that I could not logon to, the second test was a server that I COULD logon too.

Test 1: This test is a server where I dont have access to, I tested this mannually via regurlar ssh as well.

$ perl adm-test.pl
Connecting...
Connected.
Logging in...
SSHAuthenticationError Login timed out. The input stream currently has the contents bellow: richsark's Password:  at /usr/lib/perl5/site_perl/5.10/Expect.pm line 828


Test 2: The servers where I can logon, Sometimes the script takes two attempts to logon, very weird
$ perl adm-test.pl
Connecting...
Connected.
Logging in...
SSHAuthenticationError Login timed out. The input stream currently has the contents bellow:

*** IT IS AN OFFENSE TO CONTINUE WITHOUT THE CORRECT AUTHORIZATION ***

Individuals using this computer system with or without proper authority are subject to having all of their activities monitored and recorded and should have no expectation of privacy unless local law, regulation or contract provides otherwise.

Anyone using this system expressly consents to such monitoring and to all appropriate disclosure of any evidence of criminal activity to law enforcement officials, as well as appropriate disclosure of any evidence of violation of the firm's rules, policies, procedures or standards of conduct to management.

Individuals using this computer system have a legal obligation to treat all information on the system as strictly confidential and not to disclose or allow such information to be disclosed to any third party.  

 at /usr/lib/perl5/site_perl/5.10/Expect.pm line 828

Test 3: Same server as test 2, but ran the script a second time, and it connects.
$ perl adm-test.pl
Connecting...
Connected.
Logging in...
Logged in.
Closing...
Closed.

Test 4: Ran the same script agian, and it does not connect once more:

$ perl adm-test.pl
Connecting...
Connected.
Logging in...
SSHAuthenticationError Login timed out. The input stream currently has the contents bellow:
*** IT IS AN OFFENSE TO CONTINUE WITHOUT THE CORRECT AUTHORIZATION ***

Individuals using this computer system with or without proper authority are subject to having all of their activities monitored and recorded and shoul
d have no expectation of privacy unless local law, regulation or contract provides otherwise.

Anyone using this system expressly consents to such monitoring and to all appropriate disclosure of any evidence of criminal activity to law enforcement officials, as well as appropriate disclosure of any evidence of violation of the firm's rules, policies, procedures or standards of conduct to management.

Individuals using this computer system have a legal obligation to treat all information on the system as strictly confidential and not to disclose or allow such information to be disclosed to any third party.  

richsark's Password:  at /usr/lib/perl5/site_perl/5.10/Expect.pm line 828

I waited for 5 min and run the same script on the same server and it works:

$ perl adm-test.pl
Connecting...
Connected.
Logging in...
Logged in.
Closing...
Closed.

FYI.. when it does not work, it hangs on richsark's Password:  at /usr/lib/perl5/site_perl/5.10/Expect.pm line 828 for about 10 seconds then drops to my command prompt.

Do you think that this message "SSHAuthenticationError Login timed out. The input stream currently has the contents bellow:" has something to do with it?

Thanks
0
 
richsarkAuthor Commented:
Hi Adam, I think I stumbled on something that worked. I added these two entries (raw_pty => 1,
timeout => 5
under
#### ssh to server
my $ssh = Net::SSH::Expect->new (
host => $dns,
password=> '12345',
user => 'richsark',
raw_pty => 1,
timeout => 5
 And I dont get those connect problems.
But... I am concerened on a few things to insure I dont miss a server.
Can we somehow show how many DNS Servers there are as well has how many was successfully logged in to, and out of that show the ones that failed to login at the bottom of th report.
I think this will insure nothing is missed and the ones that have failed will get special attention.
What do you think?
0
 
Adam314Commented:
I'm not sure... it might be a buffering problem.  Did you get Net::SSH::Perl installed?

The code could be modified to try each server a few times, hoping it'll work at least once, but that doesn't sound like a very good solution.  
0
 
richsarkAuthor Commented:
Hi, I needed to keep moving on this project and I have encountered a few things to the addition to my previous request.
There is a script issue when I have never logged into a server, I get this message:
Could not create directory '/home/richsark/.ssh'.
The authenticity of host 'srspdns111b.ny.sarkcom (11.21.696)' can't be established
RSA key fingerprint is a0:12:70:5c:52:8f:27:67:3e:90:29:74:7f:48:25:e4.

I get this prompt when I do it manally, so we need to have the script get around this:
Are you sure you want to continue connecting (yes/no)? yes
 
Then,  I get a few of these during the script run:

Use of uninitialized value $ls in pattern match (m//) at test1.pl line 47, <$in> line 1.

I get to about 8 of the 300 subnets.txt file and the script dies with:
SSH Connection aborted on tkp-dns-02.tk.jp.sark.com
It looks like the *.jnl files could also located in another sub-directory "/opt/rich/sark/secondary/
 
Sorry to hit you with all this, but with your expertise I think we can solve all these.
I am hopeful that you will come back online soon :)

 
Below is the latest code I am using.  Let use this as a baseline.
Thanks

#!perl
use strict;
use warnings;
use Net::SSH::Expect;
 
open(my $out, ">log.txt") or die "Could not open log: $!\n";
 
my %Processed;
 
##### Step 1, read subnet.txt
open(my $in, "<subnet.txt") or die "Could not open subnet.txt: $!\n";
while(<$in>) {
        chomp;
        
        ##### Step 2: run getzoneprof, and keep first 4 lines only
print        my @getzoneprof = `./getzoneprof.exe -u Xxx -p Xxx -a $_ -o Orig-ID`;
        @getzoneprof = @getzoneprof[0..3];
        
        ##### Find server name
        warn "Server not found for $_\n",next unless $getzoneprof[-1] =~ /dnsServers=(.+)/;
        my $dns_line = $1;
        my @dns = grep {length($_)>1} split(/[\s,]+/, $dns_line);
        
        foreach my $dns (@dns) {
          next if $Processed{$dns};
          $Processed{$dns} = 1;
          
          ##### ssh to server
          my $ssh = Net::SSH::Expect->new (
            host => $dns,
            password=> '123456',
            user => 'richsark',
	    raw_pty => 1,
	    timeout => 11
 
            );
          
 print         my $login_output = $ssh->login();
          unless($login_output =~ /IT IS AN OFFENSE TO CONTINUE/) {
                warn "Login has failed. Login output was $login_output";
		print $out "Login has failed on Server $dns\n\n"; 
	        next;
          }
          
          ##### run ls to look for files
print          my $ls = $ssh->exec("ls /opt/richsark/named/*.jnl");
         my $found='no';
print          $found='yes' if $ls =~ m|/opt/richsark/named/|;
          print $out "From zone $_ containing dnsserver \"$dns\" found=$found of presense of \"jnl\" files\n\n";
          
          $ssh->close;
        }
}
 
close($out);

Open in new window

0
 
Adam314Commented:
I think what you are asking for is starting to get to be more than for what EE is designed.  It is designed for users to ask for help on specific things - not for users to provide a list of requirements, and have code written.

I helped originally because the program looked small.  To help you going forward:
1) The dieing might be cuased by Net::SSH::Expect dieing if it can't connect.  Using Net::SSH::Perl might solve this problem.  You could also put the connect in an eval {}; block, and check $@ for success.

2) It appears that the Net::SSH::Expect object will cause your program to die if the login fails.  To get around this, put the login inside an eval {}; block, and check $@ to see if the login was successful.

3) The error about $ls not being defined could be caused by ls not returning anything.  I would expect it to return "No such file or directory" when nothing is found, but different implementation may do something different.  If this is the case, you can solve that problem with:
    $found='yes' if($ls and $ls =~ m|/opt/richsark/named/|);
0
 
richsarkAuthor Commented:
HI Adam, thanks for your input, I understand where your coming at and I admit I am not at your level (yet). By me asking for tasks and learning form your reponses and others for that matter helps me get a better understanding.
Your input has been vary helpful and I appericate you taking the time.
I relay on the expertise here since this forum provides such means. I thank you for wrting things for me, but If I could do it, I would belive me.
Can you help me with items 1 and 2 please, I am not understanding where to put it an or how I should re-write it.
  When you said, use "Using Net::SSH::Perl" do I just put that variable in place of  use Net::SSH::Expect
Thanks
0
 
Adam314Commented:
Using Net::SSH::Perl, you would have to change a few lines.  There is documentation here:
    http://search.cpan.org/~turnstep/Net-SSH-Perl-1.34/lib/Net/SSH/Perl.pm
I suggest you create a sample script only a few lines long (copy/paste from the "Synopsis" section of the documentation).

Try it on several servers, ones that work, and ones that don't.  If that module appears more reliable for connecting, then you'd replace lines 29 - 46 in the existing script with code similar to what is in the synopsis section of the Net::SSH::Perl documentation.

If you continue with Net::SSH::Expect, you'd use something like:
  my $login_output;
  eval {$login_output = $ssh->login;};
  if($@) {
      #There was a problem with login, check $@ to see the details
      #Either try again, or go to next server
  }
  unless($login_output =~ /IT IS AN OFFENSE TO CONTINUE/) {
      #login was apparently successful, but you did not get the text you expected
      #you can probably continue, but maybe not
  }

0
 
richsarkAuthor Commented:
HI, I made a few changes like you said, looks like I am not dying anymore, the script is running through, way past were it died before.
But the report is comming back, with all reponses saying "no jnl files found"
From zone 168.6.0.0/24
 containing dnsserver "srs-dhns1.bk.richsark.com" found=no of presense of "jnl" files
 
I looked at the code, but Its not jumping out to me as to why?
Thanks

#!perl
use strict;
use warnings;
use Net::SSH::Expect;
 
open(my $out, ">log.txt") or die "Could not open log: $!\n";
 
my %Processed;
 
##### Step 1, read subnet.txt
open(my $in, "<subnet.txt") or die "Could not open subnet.txt: $!\n";
while(<$in>) {
        chomp;
        
        ##### Step 2: run getzoneprof, and keep first 4 lines only
print        my @getzoneprof = `./getzoneprof.exe -u xXx -p XxX -a $_ -o Orig-id`;
        @getzoneprof = @getzoneprof[0..3];
        
        ##### Find server name
        warn "Server not found for $_\n",next unless $getzoneprof[-1] =~ /dnsServers=(.+)/;
        my $dns_line = $1;
        my @dns = grep {length($_)>1} split(/[\s,]+/, $dns_line);
        
        foreach my $dns (@dns) {
          next if $Processed{$dns};
          $Processed{$dns} = 1;
          
          ##### ssh to server
          my $ssh = Net::SSH::Expect->new (
            host => $dns,
            password=> '123456',
            user => 'richsark',
	    raw_pty => 1,
	    timeout => 11
 
            );
          
 my $login_output;
  eval {$login_output = $ssh->login;};
  if($@) {
      #There was a problem with login, check $@ to see the details
      #Either try again, or go to next server
  }
  unless($login_output =~ /IT IS AN OFFENSE TO CONTINUE/) {
      #login was apparently successful, but you did not get the text you expected
      #you can probably continue, but maybe not
  }
 
          
          ##### run ls to look for files
print          my $ls = $ssh->exec("ls /opt/richsark/named/*.jnl");
         my $found='no';
print           $found='yes' if($ls and $ls =~ m|/opt/richsark/named/|);
          print $out "From zone $_ containing dnsserver \"$dns\" found=$found of presense of \"jnl\" files\n\n";
          
          $ssh->close;
        }
}
 
close($out);

Open in new window

0
 
richsarkAuthor Commented:
Adam, Never mind, I recall I wanted to look into another directory for them, thats were they maybe at, to do this do I simple add another dir to the ls like so:
Thanks

          ##### run ls to look for files
print          my $ls = $ssh->exec("ls /opt/richsark/named/*.jnl");
               my $ls = $ssh->exec("ls /opt/richsark2/named/*.jnl");
         my $found='no';
print           $found='yes' if($ls and $ls =~ m|/opt/richsark/named/|);
print           $found='yes' if($ls and $ls =~ m|/opt/richsark2/named/|);
          print $out "From zone $_ containing dnsserver \"$dns\" found=$found of presense of \"jnl\" files\n\n";
          
          $ssh->close;
        }
}
 
close($out);

Open in new window

0
 
Adam314Commented:
On line 37, try adding:
    print "ssh=$ssh\n";

On line 41 and 42, this is where you would put your code to handle login problems.
For now, add this:
    warn "Could not login to $dns\n";
    next;

That will cause it to give you a warning, and go on to the next host.
0
 
richsarkAuthor Commented:
Hi, Sorry, I ment to say where the directory /opt/richsark/named there are "yes" in the report,
But I know they are also in /opt/richsark2/named.
Can you see the above code is the right way please?
Thanks
0
 
Adam314Commented:
my $found='no';
my $ls = $ssh->exec("ls /opt/richsark/named/*.jnl");
$found='yes' if($ls and $ls =~ m|/opt/richsark/named/|);
my $ls = $ssh->exec("ls /opt/richsark2/named/*.jnl");
$found='yes' if($ls and $ls =~ m|/opt/richsark2/named/|);

0
 
richsarkAuthor Commented:
ok, Now i see this message
"my" variable $ls masks earlier declaration in same scope at test1.pl line 54.
0
 
Adam314Commented:
remove the "my " from the second $ls.
0
 
richsarkAuthor Commented:
Hi... Now it hangs on the first run, then ssh aborts, ever since we added the second directory its not working as it was before
          ##### run ls to look for files
	my $found='no';
	my $ls = $ssh->exec("ls /opt/richsark/named/*.jnl");
print	$found='yes' if($ls and $ls =~ m|/opt/richsark/named/|);
        $ls = $ssh->exec("ls /opt/richsark2/named/*.jnl");
print	$found='yes' if($ls and $ls =~ m|/opt/richsark2/named/|);

Open in new window

0
 
richsarkAuthor Commented:
Ok, got passed the hang part, it was my fault, I messed up the path,
Anyway, I am faced with this, I tthink is the way it looks for the two directories?

$ Use of uninitialized value $ls in print at test1.pl line 52, <$in> line 1.
/opt/richsark/named/db.10.in-addr.arpa.jnl  /opt/richsark/named/db.cmmc.sark.com.jnl
$ ksh: opt/richsark2/named/sec_qip/db.122.82.169.in-addr.arpa.jnl: cannot execute
$ /opt/richsark/named/db.10.in-addr.arpa.jnl  /opt/richsark/named/db.cmmc.sark.com.jnl
$ yesUse of uninitialized value $ls in print at test1.pl line 54, <$in> line 1.

richsarks's Password: SSHConnectionAborted at test1.pl line 54
0
 
Adam314Commented:
What is your line 52 and 54?
Why do you have print on those lines?  Remove the print part of that statement.
0
 
richsarkAuthor Commented:
Hi Adam, seems when I take 2 steps fwd, I take 5 steps back :(
In addition to my issue on top, even the servers that I cant ssh to are being put in the log as " no presence of jnl" Before I had them as being logged as
print $out "Login has failed on Server $dns\n\n";
I guess this is too much for me, I thought I could do it, but I know you probably banging your head each time you get an alert on this topic. I am sorry
I just wanted to avoid ssh'ing to 200 servers and matching about 1000 subnets, I guess without your help, I will not have a choice.
 
0
 
richsarkAuthor Commented:
Hi, did not see your post before mine,  I had the print statement so I can see what is happening, I will remove it now. So you cant at print statements to see whats going on? maybe thats why I am messing up??
0
 
Adam314Commented:
You can print, but not the way you have it.  Try this.


For it printing not found when it can't login, did you do what I suggested in post 24208627 on lines (that were) 41 and 42?
##### run ls to look for files
my $found='no';
print "init: found=$found\n";
my $ls = $ssh->exec("ls /opt/richsark/named/*.jnl");
$found='yes' if($ls and $ls =~ m|/opt/richsark/named/|);
print "ls-1: found=$found\n";
$ls = $ssh->exec("ls /opt/richsark2/named/*.jnl");
$found='yes' if($ls and $ls =~ m|/opt/richsark2/named/|);
print "ls-2: found=$found\n";

Open in new window

0
 
richsarkAuthor Commented:
Hi Adam, making progress I am happy to say, just one minor correction, there are some servers that have a different prompt versus the original we have in place.
some servers when I SSH to have this senerio which I have to type in yes to continue
Could not create directory '/home/richsark.ssh'.
The authenticity of host 'sarkie.ky.sarfish.com (19.97.6.15)' can't be established
RSA key fingerprint is 96:42:39:ff:a4:3c:1a:17:7d:5b:7e:a4:8a:b7:3d:51.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/home/richsark/.ssh/known_hosts).
How can we had this to the script to allow such senerio?
0
 
Adam314Commented:
Have you read the Net::SSH::Expect documentation?

You could try the waitfor method, something like:
    if($ssh->waitfor(qr/Are you sure you want to continue connecting/i, 10)) {
        $ssh->send("yes\n");
    }
   
But this might cause login to not work, so you might want peek instead.
0
 
richsarkAuthor Commented:
Hi Adam, I am giving up on this.
Yea I read the doc, and the modules that are needed did not load. My machine does not have internet access and its a lot of work to make that happen to dwl the install from cpan
I will close this out for now. Thanks for all your time ! and patience on my stupity.
 
0
 
richsarkAuthor Commented:
I gave up on this task for now. No fault on the Genius. This was too complex for me and the time needed to complete.
0
 
Adam314Commented:
No problem.  If you can break your program up into several smaller pieces, it will be easier to get help.  

As I can't test the program either, it makes it a bit difficult to help.  
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 40
  • 21
Tackle projects and never again get stuck behind a technical roadblock.
Join Now