#!/usr/bin/env python3 """ SNMP NID Viewer — Web Server Serves the NID viewer HTML and provides API endpoints to trigger live SNMP walks from the browser UI. Routes: GET / — Viewer page (built from latest monitoring JSON) POST /api/walk — Trigger a walk { "target": "x.x.x.x", "mode": "targeted"|"full" } GET /api/status — SSE stream of walk progress Usage: python3 nid-server.py """ import json import os import re import shutil import subprocess import sys import threading import time from concurrent.futures import ThreadPoolExecutor, as_completed from datetime import datetime from http.server import ThreadingHTTPServer, BaseHTTPRequestHandler from pathlib import Path SCRIPT_DIR = Path(__file__).resolve().parent WALKS_DIR = SCRIPT_DIR / "walks" # ── OID subtrees for targeted walk (mirrors snmp-walk.sh) ──────────── TARGETED_OIDS = [ (".1.3.6.1.2.1.1", "System"), (".1.3.6.1.2.1.2", "IF-MIB"), (".1.3.6.1.2.1.4", "IP-MIB"), (".1.3.6.1.2.1.31", "IF-MIB-X"), (".1.3.6.1.2.1.55", "IPv6-MIB"), (".1.3.111.2.802.1.1.13", "LLDP-MIB"), (".1.3.6.1.4.1.22420.1.1", "ACD-DESC-MIB"), (".1.3.6.1.4.1.22420.2.1", "ACD-ALARM-MIB"), (".1.3.6.1.4.1.22420.2.2", "ACD-FILTER-MIB"), (".1.3.6.1.4.1.22420.2.3", "ACD-POLICY-MIB"), (".1.3.6.1.4.1.22420.2.4", "ACD-SFP-MIB"), (".1.3.6.1.4.1.22420.2.6", "ACD-REGULATOR-MIB"), (".1.3.6.1.4.1.22420.2.8", "ACD-SMAP-MIB"), (".1.3.6.1.4.1.22420.2.9", "ACD-PORT-MIB"), ] # ── Environment / config ───────────────────────────────────────────── def load_env(path: Path) -> dict: """Parse a .env file into a dict (simple key=value, skip comments).""" env = {} if not path.is_file(): return env for line in path.read_text().splitlines(): line = line.strip() if not line or line.startswith("#"): continue if "=" not in line: continue key, _, val = line.partition("=") env[key.strip()] = val.strip().strip('"').strip("'") return env ENV = load_env(SCRIPT_DIR / ".env") SERVER_PORT = int(ENV.get("SERVER_PORT", "5525")) SNMP_VERSION = ENV.get("SNMP_VERSION", "2c") SNMP_COMMUNITY = ENV.get("SNMP_COMMUNITY", "public") # SNMPv3 fields (future) SNMP_V3_USER = ENV.get("SNMP_V3_USER", "") SNMP_V3_AUTH_PROTO = ENV.get("SNMP_V3_AUTH_PROTO", "SHA") SNMP_V3_AUTH_PASS = ENV.get("SNMP_V3_AUTH_PASS", "") SNMP_V3_PRIV_PROTO = ENV.get("SNMP_V3_PRIV_PROTO", "AES") SNMP_V3_PRIV_PASS = ENV.get("SNMP_V3_PRIV_PASS", "") SNMP_V3_SEC_LEVEL = ENV.get("SNMP_V3_SEC_LEVEL", "authPriv") # ── Walk state (shared across threads) ─────────────────────────────── walk_lock = threading.Lock() walk_status = { "state": "idle", # idle | walking | parsing | building | complete | error "message": "", "progress": 0, # 0-100 "timestamp": None, "lines": 0, "elapsed": 0, } # Monotonically increasing version so SSE clients know when state changed walk_version = 0 # Path to latest monitoring JSON (set after successful walk) latest_json = None def set_status(state, message="", progress=0, **extra): global walk_version with walk_lock: walk_status["state"] = state walk_status["message"] = message walk_status["progress"] = progress walk_status.update(extra) walk_version += 1 def get_status(): with walk_lock: return dict(walk_status), walk_version # ── SNMP walk execution ────────────────────────────────────────────── def build_snmp_auth() -> list: """Build snmpwalk authentication flags from env config.""" if SNMP_VERSION == "3": args = ["-v3", "-u", SNMP_V3_USER, "-l", SNMP_V3_SEC_LEVEL] if SNMP_V3_SEC_LEVEL != "noAuthNoPriv": args += ["-a", SNMP_V3_AUTH_PROTO, "-A", SNMP_V3_AUTH_PASS] if SNMP_V3_SEC_LEVEL == "authPriv": args += ["-x", SNMP_V3_PRIV_PROTO, "-X", SNMP_V3_PRIV_PASS] return args return ["-v", SNMP_VERSION, "-c", SNMP_COMMUNITY] def run_walk(target: str, mode: str): """Execute the full walk pipeline in a background thread.""" global latest_json ip_re = re.compile(r"^\d{1,3}(\.\d{1,3}){3}$") if not ip_re.match(target): set_status("error", message=f"Invalid IP address: {target}") return timestamp = datetime.now().strftime("%Y-%m-%d_%H-%M-%S") safe_ip = target.replace(".", "-") walk_file = WALKS_DIR / f"{safe_ip}_{timestamp}_walk.txt" WALKS_DIR.mkdir(parents=True, exist_ok=True) auth = build_snmp_auth() t_start = time.time() try: # ── Step 1: snmpwalk ────────────────────────────────────── # Use snmpbulkwalk (GETBULK PDUs) when available — much faster walk_cmd = "snmpbulkwalk" if shutil.which("snmpbulkwalk") else "snmpwalk" bulk_args = [] # use snmpbulkwalk default (-Cr10); higher values truncate on some devices if mode == "full": set_status("walking", message="Walking full OID tree (.1)", progress=5) result = subprocess.run( [walk_cmd, "-On", "-OQ"] + bulk_args + auth + [target, ".1"], capture_output=True, text=True, timeout=300, ) walk_file.write_text(result.stdout) else: # Walk subtrees in parallel for speed total = len(TARGETED_OIDS) completed = [0] # mutable counter for progress results_map = {} def walk_subtree(idx, oid, label): res = subprocess.run( [walk_cmd, "-On", "-OQ"] + bulk_args + auth + [target, oid], capture_output=True, text=True, timeout=120, ) completed[0] += 1 pct = int((completed[0] / total) * 70) set_status("walking", message=f"Walking subtrees ({completed[0]}/{total})", progress=pct) return idx, res.stdout set_status("walking", message=f"Walking {total} subtrees in parallel", progress=5) with ThreadPoolExecutor(max_workers=4) as pool: futures = [ pool.submit(walk_subtree, i, oid, label) for i, (oid, label) in enumerate(TARGETED_OIDS) ] for fut in as_completed(futures): idx, output = fut.result() if output.strip(): results_map[idx] = output # Reassemble in OID order output_lines = [results_map[i] for i in sorted(results_map)] walk_file.write_text("\n".join(output_lines)) line_count = sum(1 for _ in walk_file.open()) elapsed = round(time.time() - t_start, 1) set_status("walking", message=f"Walk complete: {line_count:,} lines in {elapsed}s", progress=72, lines=line_count) if line_count == 0: set_status("error", message=f"Walk returned no data — check reachability and credentials", elapsed=elapsed) return # ── Step 2: snmp-parse.py ───────────────────────────────── set_status("parsing", message="Parsing SNMP data", progress=78) parse_result = subprocess.run( [sys.executable, str(SCRIPT_DIR / "snmp-parse.py"), str(walk_file)], capture_output=True, text=True, timeout=120, ) if parse_result.returncode != 0: set_status("error", message=f"Parse failed: {parse_result.stderr[:200]}") return monitoring_json = walk_file.with_name(walk_file.stem + "_monitoring.json") if not monitoring_json.is_file(): set_status("error", message="Parser did not produce monitoring JSON") return latest_json = monitoring_json elapsed = round(time.time() - t_start, 1) set_status("complete", message=f"Done — {line_count:,} lines in {elapsed}s", progress=100, lines=line_count, elapsed=elapsed, timestamp=datetime.now().isoformat()) except subprocess.TimeoutExpired: set_status("error", message="Walk timed out — device may be unreachable") except Exception as e: set_status("error", message=str(e)[:300]) # ── Find latest monitoring JSON ────────────────────────────────────── def find_latest_json() -> Path | None: """Return the most recent *_monitoring.json in walks/.""" if latest_json and latest_json.is_file(): return latest_json candidates = sorted(WALKS_DIR.glob("*_monitoring.json"), key=lambda p: p.stat().st_mtime) return candidates[-1] if candidates else None # ── HTTP handler ───────────────────────────────────────────────────── class NIDHandler(BaseHTTPRequestHandler): """Serve viewer and handle walk API.""" def log_message(self, format, *args): # Cleaner logging print(f"[{self.log_date_time_string()}] {format % args}") def _send(self, code, content_type, body): self.send_response(code) self.send_header("Content-Type", content_type) self.send_header("Content-Length", str(len(body))) self.send_header("Cache-Control", "no-store") self.end_headers() self.wfile.write(body) def _send_json(self, code, obj): self._send(code, "application/json", json.dumps(obj).encode()) # ── GET ──────────────────────────────────────────────────────── def do_GET(self): if self.path == "/": self._serve_viewer() elif self.path == "/api/status": self._serve_sse() else: self._send(404, "text/plain", b"Not found") def _serve_viewer(self): """Build and serve the viewer HTML from latest data.""" # Import build_html lazily to avoid circular issues at module level sys.path.insert(0, str(SCRIPT_DIR)) from build_nid_viewer import build_html json_path = find_latest_json() if json_path: with json_path.open() as f: data = json.load(f) else: data = {} html = build_html(data) self._send(200, "text/html; charset=utf-8", html.encode()) def _serve_sse(self): """Stream walk status as Server-Sent Events.""" self.send_response(200) self.send_header("Content-Type", "text/event-stream") self.send_header("Cache-Control", "no-store") self.send_header("Connection", "keep-alive") self.end_headers() last_version = -1 try: while True: status, version = get_status() if version != last_version: msg = f"data: {json.dumps(status)}\n\n" self.wfile.write(msg.encode()) self.wfile.flush() last_version = version # Close SSE after terminal states so client triggers reload if status["state"] in ("complete", "error"): break time.sleep(0.3) except (BrokenPipeError, ConnectionResetError): pass # ── POST ─────────────────────────────────────────────────────── def do_POST(self): if self.path == "/api/walk": self._handle_walk() elif self.path == "/api/clear": self._handle_clear() else: self._send(404, "text/plain", b"Not found") def _handle_walk(self): """Start a walk in a background thread.""" current, _ = get_status() if current["state"] in ("walking", "parsing"): self._send_json(409, {"error": "Walk already in progress"}) return length = int(self.headers.get("Content-Length", 0)) body = json.loads(self.rfile.read(length)) if length else {} target = body.get("target", "").strip() mode = body.get("mode", "targeted").strip() if not target: self._send_json(400, {"error": "target IP required"}) return if mode not in ("targeted", "full"): self._send_json(400, {"error": "mode must be 'targeted' or 'full'"}) return set_status("walking", message="Starting walk...", progress=1) thread = threading.Thread(target=run_walk, args=(target, mode), daemon=True) thread.start() self._send_json(200, {"status": "started", "target": target, "mode": mode}) def _handle_clear(self): """Move all walk data to walks/archive/ and reset state.""" global latest_json archive = WALKS_DIR / "archive" archive.mkdir(parents=True, exist_ok=True) moved = 0 for f in WALKS_DIR.iterdir(): if f.is_file(): f.rename(archive / f.name) moved += 1 latest_json = None set_status("idle") self._send_json(200, {"status": "cleared", "files_archived": moved}) # ── Main ───────────────────────────────────────────────────────────── def main(): server = ThreadingHTTPServer(("0.0.0.0", SERVER_PORT), NIDHandler) print(f"╔═══════════════════════════════════════════════════╗") print(f"║ SNMP NID Viewer — Web Server ║") print(f"║ http://localhost:{SERVER_PORT:<5} ║") print(f"╚═══════════════════════════════════════════════════╝") print(f" SNMPv{SNMP_VERSION} | Press Ctrl+C to stop") print() try: server.serve_forever() except KeyboardInterrupt: print("\nShutting down.") server.shutdown() if __name__ == "__main__": main()