sam
2b10edbb7b
- Add nid-server.py: Python web server (stdlib) with live walk API, SSE progress streaming, and clear/archive endpoints - Add snmp-walk.sh: CLI wrapper for walk pipeline with .env config - Add walk control card to viewer UI with IP input, mode selector, walk/clear buttons, and real-time progress bar - Make cards collapsible, add management IP to header - Add dynamic port type rendering (SFP vs RJ45 from connector table) - Add SFF-8024 connector type labels for SFP detail cards - Fix ifOperStatus numeric vs text comparisons for live walk data - Add alarm config-only fallback when device lacks status table - Use snmpbulkwalk for faster walks with parallel subtree execution - Add .env/.env.example for secrets and config, gitignore walks/ Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
375 lines
15 KiB
Python
375 lines
15 KiB
Python
#!/usr/bin/env python3
|
|
"""
|
|
SNMP NID Viewer — Web Server
|
|
|
|
Serves the NID viewer HTML and provides API endpoints to trigger
|
|
live SNMP walks from the browser UI.
|
|
|
|
Routes:
|
|
GET / — Viewer page (built from latest monitoring JSON)
|
|
POST /api/walk — Trigger a walk { "target": "x.x.x.x", "mode": "targeted"|"full" }
|
|
GET /api/status — SSE stream of walk progress
|
|
|
|
Usage:
|
|
python3 nid-server.py
|
|
"""
|
|
|
|
import json
|
|
import os
|
|
import re
|
|
import shutil
|
|
import subprocess
|
|
import sys
|
|
import threading
|
|
import time
|
|
from concurrent.futures import ThreadPoolExecutor, as_completed
|
|
from datetime import datetime
|
|
from http.server import ThreadingHTTPServer, BaseHTTPRequestHandler
|
|
from pathlib import Path
|
|
|
|
SCRIPT_DIR = Path(__file__).resolve().parent
|
|
WALKS_DIR = SCRIPT_DIR / "walks"
|
|
|
|
# ── OID subtrees for targeted walk (mirrors snmp-walk.sh) ────────────
|
|
TARGETED_OIDS = [
|
|
(".1.3.6.1.2.1.1", "System"),
|
|
(".1.3.6.1.2.1.2", "IF-MIB"),
|
|
(".1.3.6.1.2.1.4", "IP-MIB"),
|
|
(".1.3.6.1.2.1.31", "IF-MIB-X"),
|
|
(".1.3.6.1.2.1.55", "IPv6-MIB"),
|
|
(".1.3.111.2.802.1.1.13", "LLDP-MIB"),
|
|
(".1.3.6.1.4.1.22420.1.1", "ACD-DESC-MIB"),
|
|
(".1.3.6.1.4.1.22420.2.1", "ACD-ALARM-MIB"),
|
|
(".1.3.6.1.4.1.22420.2.2", "ACD-FILTER-MIB"),
|
|
(".1.3.6.1.4.1.22420.2.3", "ACD-POLICY-MIB"),
|
|
(".1.3.6.1.4.1.22420.2.4", "ACD-SFP-MIB"),
|
|
(".1.3.6.1.4.1.22420.2.6", "ACD-REGULATOR-MIB"),
|
|
(".1.3.6.1.4.1.22420.2.8", "ACD-SMAP-MIB"),
|
|
(".1.3.6.1.4.1.22420.2.9", "ACD-PORT-MIB"),
|
|
]
|
|
|
|
# ── Environment / config ─────────────────────────────────────────────
|
|
|
|
def load_env(path: Path) -> dict:
|
|
"""Parse a .env file into a dict (simple key=value, skip comments)."""
|
|
env = {}
|
|
if not path.is_file():
|
|
return env
|
|
for line in path.read_text().splitlines():
|
|
line = line.strip()
|
|
if not line or line.startswith("#"):
|
|
continue
|
|
if "=" not in line:
|
|
continue
|
|
key, _, val = line.partition("=")
|
|
env[key.strip()] = val.strip().strip('"').strip("'")
|
|
return env
|
|
|
|
|
|
ENV = load_env(SCRIPT_DIR / ".env")
|
|
|
|
SERVER_PORT = int(ENV.get("SERVER_PORT", "5525"))
|
|
SNMP_VERSION = ENV.get("SNMP_VERSION", "2c")
|
|
SNMP_COMMUNITY = ENV.get("SNMP_COMMUNITY", "public")
|
|
# SNMPv3 fields (future)
|
|
SNMP_V3_USER = ENV.get("SNMP_V3_USER", "")
|
|
SNMP_V3_AUTH_PROTO = ENV.get("SNMP_V3_AUTH_PROTO", "SHA")
|
|
SNMP_V3_AUTH_PASS = ENV.get("SNMP_V3_AUTH_PASS", "")
|
|
SNMP_V3_PRIV_PROTO = ENV.get("SNMP_V3_PRIV_PROTO", "AES")
|
|
SNMP_V3_PRIV_PASS = ENV.get("SNMP_V3_PRIV_PASS", "")
|
|
SNMP_V3_SEC_LEVEL = ENV.get("SNMP_V3_SEC_LEVEL", "authPriv")
|
|
|
|
# ── Walk state (shared across threads) ───────────────────────────────
|
|
|
|
walk_lock = threading.Lock()
|
|
walk_status = {
|
|
"state": "idle", # idle | walking | parsing | building | complete | error
|
|
"message": "",
|
|
"progress": 0, # 0-100
|
|
"timestamp": None,
|
|
"lines": 0,
|
|
"elapsed": 0,
|
|
}
|
|
# Monotonically increasing version so SSE clients know when state changed
|
|
walk_version = 0
|
|
# Path to latest monitoring JSON (set after successful walk)
|
|
latest_json = None
|
|
|
|
|
|
def set_status(state, message="", progress=0, **extra):
|
|
global walk_version
|
|
with walk_lock:
|
|
walk_status["state"] = state
|
|
walk_status["message"] = message
|
|
walk_status["progress"] = progress
|
|
walk_status.update(extra)
|
|
walk_version += 1
|
|
|
|
|
|
def get_status():
|
|
with walk_lock:
|
|
return dict(walk_status), walk_version
|
|
|
|
|
|
# ── SNMP walk execution ──────────────────────────────────────────────
|
|
|
|
def build_snmp_auth() -> list:
|
|
"""Build snmpwalk authentication flags from env config."""
|
|
if SNMP_VERSION == "3":
|
|
args = ["-v3", "-u", SNMP_V3_USER, "-l", SNMP_V3_SEC_LEVEL]
|
|
if SNMP_V3_SEC_LEVEL != "noAuthNoPriv":
|
|
args += ["-a", SNMP_V3_AUTH_PROTO, "-A", SNMP_V3_AUTH_PASS]
|
|
if SNMP_V3_SEC_LEVEL == "authPriv":
|
|
args += ["-x", SNMP_V3_PRIV_PROTO, "-X", SNMP_V3_PRIV_PASS]
|
|
return args
|
|
return ["-v", SNMP_VERSION, "-c", SNMP_COMMUNITY]
|
|
|
|
|
|
def run_walk(target: str, mode: str):
|
|
"""Execute the full walk pipeline in a background thread."""
|
|
global latest_json
|
|
|
|
ip_re = re.compile(r"^\d{1,3}(\.\d{1,3}){3}$")
|
|
if not ip_re.match(target):
|
|
set_status("error", message=f"Invalid IP address: {target}")
|
|
return
|
|
|
|
timestamp = datetime.now().strftime("%Y-%m-%d_%H-%M-%S")
|
|
safe_ip = target.replace(".", "-")
|
|
walk_file = WALKS_DIR / f"{safe_ip}_{timestamp}_walk.txt"
|
|
WALKS_DIR.mkdir(parents=True, exist_ok=True)
|
|
|
|
auth = build_snmp_auth()
|
|
t_start = time.time()
|
|
|
|
try:
|
|
# ── Step 1: snmpwalk ──────────────────────────────────────
|
|
# Use snmpbulkwalk (GETBULK PDUs) when available — much faster
|
|
walk_cmd = "snmpbulkwalk" if shutil.which("snmpbulkwalk") else "snmpwalk"
|
|
bulk_args = [] # use snmpbulkwalk default (-Cr10); higher values truncate on some devices
|
|
|
|
if mode == "full":
|
|
set_status("walking", message="Walking full OID tree (.1)", progress=5)
|
|
result = subprocess.run(
|
|
[walk_cmd, "-On", "-OQ"] + bulk_args + auth + [target, ".1"],
|
|
capture_output=True, text=True, timeout=300,
|
|
)
|
|
walk_file.write_text(result.stdout)
|
|
else:
|
|
# Walk subtrees in parallel for speed
|
|
total = len(TARGETED_OIDS)
|
|
completed = [0] # mutable counter for progress
|
|
results_map = {}
|
|
|
|
def walk_subtree(idx, oid, label):
|
|
res = subprocess.run(
|
|
[walk_cmd, "-On", "-OQ"] + bulk_args + auth + [target, oid],
|
|
capture_output=True, text=True, timeout=120,
|
|
)
|
|
completed[0] += 1
|
|
pct = int((completed[0] / total) * 70)
|
|
set_status("walking", message=f"Walking subtrees ({completed[0]}/{total})", progress=pct)
|
|
return idx, res.stdout
|
|
|
|
set_status("walking", message=f"Walking {total} subtrees in parallel", progress=5)
|
|
with ThreadPoolExecutor(max_workers=4) as pool:
|
|
futures = [
|
|
pool.submit(walk_subtree, i, oid, label)
|
|
for i, (oid, label) in enumerate(TARGETED_OIDS)
|
|
]
|
|
for fut in as_completed(futures):
|
|
idx, output = fut.result()
|
|
if output.strip():
|
|
results_map[idx] = output
|
|
|
|
# Reassemble in OID order
|
|
output_lines = [results_map[i] for i in sorted(results_map)]
|
|
walk_file.write_text("\n".join(output_lines))
|
|
|
|
line_count = sum(1 for _ in walk_file.open())
|
|
elapsed = round(time.time() - t_start, 1)
|
|
set_status("walking", message=f"Walk complete: {line_count:,} lines in {elapsed}s",
|
|
progress=72, lines=line_count)
|
|
|
|
if line_count == 0:
|
|
set_status("error", message=f"Walk returned no data — check reachability and credentials",
|
|
elapsed=elapsed)
|
|
return
|
|
|
|
# ── Step 2: snmp-parse.py ─────────────────────────────────
|
|
set_status("parsing", message="Parsing SNMP data", progress=78)
|
|
parse_result = subprocess.run(
|
|
[sys.executable, str(SCRIPT_DIR / "snmp-parse.py"), str(walk_file)],
|
|
capture_output=True, text=True, timeout=120,
|
|
)
|
|
if parse_result.returncode != 0:
|
|
set_status("error", message=f"Parse failed: {parse_result.stderr[:200]}")
|
|
return
|
|
|
|
monitoring_json = walk_file.with_name(walk_file.stem + "_monitoring.json")
|
|
if not monitoring_json.is_file():
|
|
set_status("error", message="Parser did not produce monitoring JSON")
|
|
return
|
|
|
|
latest_json = monitoring_json
|
|
elapsed = round(time.time() - t_start, 1)
|
|
set_status("complete",
|
|
message=f"Done — {line_count:,} lines in {elapsed}s",
|
|
progress=100, lines=line_count, elapsed=elapsed,
|
|
timestamp=datetime.now().isoformat())
|
|
|
|
except subprocess.TimeoutExpired:
|
|
set_status("error", message="Walk timed out — device may be unreachable")
|
|
except Exception as e:
|
|
set_status("error", message=str(e)[:300])
|
|
|
|
|
|
# ── Find latest monitoring JSON ──────────────────────────────────────
|
|
|
|
def find_latest_json() -> Path | None:
|
|
"""Return the most recent *_monitoring.json in walks/."""
|
|
if latest_json and latest_json.is_file():
|
|
return latest_json
|
|
candidates = sorted(WALKS_DIR.glob("*_monitoring.json"), key=lambda p: p.stat().st_mtime)
|
|
return candidates[-1] if candidates else None
|
|
|
|
|
|
# ── HTTP handler ─────────────────────────────────────────────────────
|
|
|
|
class NIDHandler(BaseHTTPRequestHandler):
|
|
"""Serve viewer and handle walk API."""
|
|
|
|
def log_message(self, format, *args):
|
|
# Cleaner logging
|
|
print(f"[{self.log_date_time_string()}] {format % args}")
|
|
|
|
def _send(self, code, content_type, body):
|
|
self.send_response(code)
|
|
self.send_header("Content-Type", content_type)
|
|
self.send_header("Content-Length", str(len(body)))
|
|
self.send_header("Cache-Control", "no-store")
|
|
self.end_headers()
|
|
self.wfile.write(body)
|
|
|
|
def _send_json(self, code, obj):
|
|
self._send(code, "application/json", json.dumps(obj).encode())
|
|
|
|
# ── GET ────────────────────────────────────────────────────────
|
|
|
|
def do_GET(self):
|
|
if self.path == "/":
|
|
self._serve_viewer()
|
|
elif self.path == "/api/status":
|
|
self._serve_sse()
|
|
else:
|
|
self._send(404, "text/plain", b"Not found")
|
|
|
|
def _serve_viewer(self):
|
|
"""Build and serve the viewer HTML from latest data."""
|
|
# Import build_html lazily to avoid circular issues at module level
|
|
sys.path.insert(0, str(SCRIPT_DIR))
|
|
from build_nid_viewer import build_html
|
|
|
|
json_path = find_latest_json()
|
|
if json_path:
|
|
with json_path.open() as f:
|
|
data = json.load(f)
|
|
else:
|
|
data = {}
|
|
|
|
html = build_html(data)
|
|
self._send(200, "text/html; charset=utf-8", html.encode())
|
|
|
|
def _serve_sse(self):
|
|
"""Stream walk status as Server-Sent Events."""
|
|
self.send_response(200)
|
|
self.send_header("Content-Type", "text/event-stream")
|
|
self.send_header("Cache-Control", "no-store")
|
|
self.send_header("Connection", "keep-alive")
|
|
self.end_headers()
|
|
|
|
last_version = -1
|
|
try:
|
|
while True:
|
|
status, version = get_status()
|
|
if version != last_version:
|
|
msg = f"data: {json.dumps(status)}\n\n"
|
|
self.wfile.write(msg.encode())
|
|
self.wfile.flush()
|
|
last_version = version
|
|
# Close SSE after terminal states so client triggers reload
|
|
if status["state"] in ("complete", "error"):
|
|
break
|
|
time.sleep(0.3)
|
|
except (BrokenPipeError, ConnectionResetError):
|
|
pass
|
|
|
|
# ── POST ───────────────────────────────────────────────────────
|
|
|
|
def do_POST(self):
|
|
if self.path == "/api/walk":
|
|
self._handle_walk()
|
|
elif self.path == "/api/clear":
|
|
self._handle_clear()
|
|
else:
|
|
self._send(404, "text/plain", b"Not found")
|
|
|
|
def _handle_walk(self):
|
|
"""Start a walk in a background thread."""
|
|
current, _ = get_status()
|
|
if current["state"] in ("walking", "parsing"):
|
|
self._send_json(409, {"error": "Walk already in progress"})
|
|
return
|
|
|
|
length = int(self.headers.get("Content-Length", 0))
|
|
body = json.loads(self.rfile.read(length)) if length else {}
|
|
target = body.get("target", "").strip()
|
|
mode = body.get("mode", "targeted").strip()
|
|
|
|
if not target:
|
|
self._send_json(400, {"error": "target IP required"})
|
|
return
|
|
if mode not in ("targeted", "full"):
|
|
self._send_json(400, {"error": "mode must be 'targeted' or 'full'"})
|
|
return
|
|
|
|
set_status("walking", message="Starting walk...", progress=1)
|
|
thread = threading.Thread(target=run_walk, args=(target, mode), daemon=True)
|
|
thread.start()
|
|
self._send_json(200, {"status": "started", "target": target, "mode": mode})
|
|
|
|
def _handle_clear(self):
|
|
"""Move all walk data to walks/archive/ and reset state."""
|
|
global latest_json
|
|
archive = WALKS_DIR / "archive"
|
|
archive.mkdir(parents=True, exist_ok=True)
|
|
moved = 0
|
|
for f in WALKS_DIR.iterdir():
|
|
if f.is_file():
|
|
f.rename(archive / f.name)
|
|
moved += 1
|
|
latest_json = None
|
|
set_status("idle")
|
|
self._send_json(200, {"status": "cleared", "files_archived": moved})
|
|
|
|
|
|
# ── Main ─────────────────────────────────────────────────────────────
|
|
|
|
def main():
|
|
server = ThreadingHTTPServer(("0.0.0.0", SERVER_PORT), NIDHandler)
|
|
print(f"╔═══════════════════════════════════════════════════╗")
|
|
print(f"║ SNMP NID Viewer — Web Server ║")
|
|
print(f"║ http://localhost:{SERVER_PORT:<5} ║")
|
|
print(f"╚═══════════════════════════════════════════════════╝")
|
|
print(f" SNMPv{SNMP_VERSION} | Press Ctrl+C to stop")
|
|
print()
|
|
try:
|
|
server.serve_forever()
|
|
except KeyboardInterrupt:
|
|
print("\nShutting down.")
|
|
server.shutdown()
|
|
|
|
|
|
if __name__ == "__main__":
|
|
main()
|