line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
package Net::Cisco::ISE::NetworkDevice; |
2
|
1
|
|
|
1
|
|
6
|
use strict; |
|
1
|
|
|
|
|
2
|
|
|
1
|
|
|
|
|
26
|
|
3
|
1
|
|
|
1
|
|
6
|
use Moose; |
|
1
|
|
|
|
|
2
|
|
|
1
|
|
|
|
|
5
|
|
4
|
1
|
|
|
1
|
|
5784
|
use Data::Dumper; |
|
1
|
|
|
|
|
2
|
|
|
1
|
|
|
|
|
47
|
|
5
|
|
|
|
|
|
|
|
6
|
|
|
|
|
|
|
|
7
|
|
|
|
|
|
|
BEGIN { |
8
|
1
|
|
|
1
|
|
5
|
use Exporter (); |
|
1
|
|
|
|
|
2
|
|
|
1
|
|
|
|
|
23
|
|
9
|
1
|
|
|
1
|
|
5
|
use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS %actions); |
|
1
|
|
|
|
|
2
|
|
|
1
|
|
|
|
|
90
|
|
10
|
1
|
|
|
1
|
|
3
|
$VERSION = '0.05'; |
11
|
1
|
|
|
|
|
14
|
@ISA = qw(Exporter); |
12
|
1
|
|
|
|
|
3
|
@EXPORT = qw(); |
13
|
1
|
|
|
|
|
2
|
@EXPORT_OK = qw(); |
14
|
1
|
|
|
|
|
1100
|
%EXPORT_TAGS = (); |
15
|
|
|
|
|
|
|
}; |
16
|
|
|
|
|
|
|
|
17
|
|
|
|
|
|
|
%actions = ( "query" => "/ers/config/networkdevice/", |
18
|
|
|
|
|
|
|
"create" => "/ers/config/networkdevice/", |
19
|
|
|
|
|
|
|
"update" => "/ers/config/networkdevice/", |
20
|
|
|
|
|
|
|
"getById" => "/ers/config/networkdevice/", |
21
|
|
|
|
|
|
|
); |
22
|
|
|
|
|
|
|
|
23
|
|
|
|
|
|
|
# MOOSE! |
24
|
|
|
|
|
|
|
|
25
|
|
|
|
|
|
|
has 'id' => ( |
26
|
|
|
|
|
|
|
is => 'rw', |
27
|
|
|
|
|
|
|
isa => 'Str', |
28
|
|
|
|
|
|
|
); |
29
|
|
|
|
|
|
|
|
30
|
|
|
|
|
|
|
has 'name' => ( |
31
|
|
|
|
|
|
|
is => 'rw', |
32
|
|
|
|
|
|
|
isa => 'Str', |
33
|
|
|
|
|
|
|
); |
34
|
|
|
|
|
|
|
has 'description' => ( |
35
|
|
|
|
|
|
|
is => 'rw', |
36
|
|
|
|
|
|
|
isa => 'Str', |
37
|
|
|
|
|
|
|
); |
38
|
|
|
|
|
|
|
|
39
|
|
|
|
|
|
|
has 'authenticationSettings' => ( |
40
|
|
|
|
|
|
|
is => 'rw', |
41
|
|
|
|
|
|
|
isa => 'Any', |
42
|
|
|
|
|
|
|
); |
43
|
|
|
|
|
|
|
|
44
|
|
|
|
|
|
|
has 'coaPort' => ( |
45
|
|
|
|
|
|
|
is => 'rw', |
46
|
|
|
|
|
|
|
isa => 'Str', |
47
|
|
|
|
|
|
|
default => '1700', |
48
|
|
|
|
|
|
|
); |
49
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
|
has 'profileName' => ( |
51
|
|
|
|
|
|
|
is => 'rw', |
52
|
|
|
|
|
|
|
isa => 'Str', |
53
|
|
|
|
|
|
|
); |
54
|
|
|
|
|
|
|
|
55
|
|
|
|
|
|
|
has 'NetworkDeviceIPList' => ( |
56
|
|
|
|
|
|
|
is => 'rw', |
57
|
|
|
|
|
|
|
isa => 'Any', |
58
|
|
|
|
|
|
|
); |
59
|
|
|
|
|
|
|
|
60
|
|
|
|
|
|
|
has 'NetworkDeviceGroupList' => ( |
61
|
|
|
|
|
|
|
is => 'rw', |
62
|
|
|
|
|
|
|
isa => 'Any', |
63
|
|
|
|
|
|
|
); |
64
|
|
|
|
|
|
|
|
65
|
|
|
|
|
|
|
has 'modelName' => ( |
66
|
|
|
|
|
|
|
is => 'rw', |
67
|
|
|
|
|
|
|
isa => 'Str', |
68
|
|
|
|
|
|
|
); |
69
|
|
|
|
|
|
|
|
70
|
|
|
|
|
|
|
has 'ProfileName' => ( |
71
|
|
|
|
|
|
|
is => 'rw', |
72
|
|
|
|
|
|
|
isa => 'Str', |
73
|
|
|
|
|
|
|
); |
74
|
|
|
|
|
|
|
|
75
|
|
|
|
|
|
|
has 'softwareVersion' => ( |
76
|
|
|
|
|
|
|
is => 'rw', |
77
|
|
|
|
|
|
|
isa => 'Str', |
78
|
|
|
|
|
|
|
); |
79
|
|
|
|
|
|
|
|
80
|
|
|
|
|
|
|
has 'snmpsettings' => ( |
81
|
|
|
|
|
|
|
is => 'rw', |
82
|
|
|
|
|
|
|
isa => 'Any', |
83
|
|
|
|
|
|
|
); |
84
|
|
|
|
|
|
|
|
85
|
|
|
|
|
|
|
has 'tacacsSettings' => ( |
86
|
|
|
|
|
|
|
is => 'rw', |
87
|
|
|
|
|
|
|
isa => 'Any', |
88
|
|
|
|
|
|
|
); |
89
|
|
|
|
|
|
|
|
90
|
|
|
|
|
|
|
has 'trustsecsettings' => ( |
91
|
|
|
|
|
|
|
is => 'rw', |
92
|
|
|
|
|
|
|
isa => 'Any', |
93
|
|
|
|
|
|
|
); |
94
|
|
|
|
|
|
|
|
95
|
|
|
|
|
|
|
# No Moose |
96
|
|
|
|
|
|
|
|
97
|
|
|
|
|
|
|
sub toXML |
98
|
0
|
|
|
0
|
1
|
|
{ my $self = shift; |
99
|
0
|
|
|
|
|
|
my $result = ""; |
100
|
0
|
|
0
|
|
|
|
my $id = $self->id || ""; |
101
|
0
|
|
0
|
|
|
|
my $name = $self->name || ""; |
102
|
0
|
|
0
|
|
|
|
my $description = $self->description || ""; |
103
|
0
|
0
|
|
|
|
|
if ($self->authenticationSettings) |
104
|
0
|
|
0
|
|
|
|
{ my $enablekeywrap = $self->authenticationSettings->{"enablekeywrap"} || ""; |
105
|
0
|
|
0
|
|
|
|
my $keyencryptionkey = $self->authenticationSettings->{"keyencryptionkey"} || ""; |
106
|
0
|
|
0
|
|
|
|
my $keyinputformat = $self->authenticationSettings->{"keyInputFormat"} || ""; |
107
|
0
|
|
0
|
|
|
|
my $messageauthenticatorcodekey = $self->authenticationSettings->{"messageAuthenticatorCodeKey"} || ""; |
108
|
0
|
|
0
|
|
|
|
my $networkprotocol = $self->authenticationSettings->{"networkProtocol"} || ""; |
109
|
0
|
|
0
|
|
|
|
my $radiussharedsecret = $self->authenticationSettings->{"radiusSharedSecret"} || ""; |
110
|
0
|
|
|
|
|
|
$result .= <<XML; |
111
|
|
|
|
|
|
|
<authenticationSettings> |
112
|
|
|
|
|
|
|
<enableKeyWrap>$enablekeywrap</enableKeyWrap> |
113
|
|
|
|
|
|
|
<keyEncryptionKey>$keyencryptionkey</keyEncryptionKey> |
114
|
|
|
|
|
|
|
<keyInputFormat>$keyinputformat</keyInputFormat> |
115
|
|
|
|
|
|
|
<messageAuthenticatorCodeKey>$messageauthenticatorcodekey</messageAuthenticatorCodeKey> |
116
|
|
|
|
|
|
|
<networkProtocol>$networkprotocol</networkProtocol> |
117
|
|
|
|
|
|
|
<radiusSharedSecret>$radiussharedsecret</radiusSharedSecret> |
118
|
|
|
|
|
|
|
</authenticationSettings> |
119
|
|
|
|
|
|
|
XML |
120
|
|
|
|
|
|
|
|
121
|
|
|
|
|
|
|
} |
122
|
0
|
|
0
|
|
|
|
my $coaport = $self->coaPort || ""; |
123
|
0
|
|
|
|
|
|
$result .= "<coaPort>$coaport</coaPort>\n"; |
124
|
0
|
0
|
|
|
|
|
if ($self->NetworkDeviceIPList) |
125
|
0
|
|
|
|
|
|
{ $result .= "<NetworkDeviceIPList>\n"; |
126
|
0
|
|
|
|
|
|
my @networkdeviceiplist = @{ $self->NetworkDeviceIPList->{"NetworkDeviceIP"} }; |
|
0
|
|
|
|
|
|
|
127
|
0
|
|
|
|
|
|
for my $networkdeviceiplist (@networkdeviceiplist) |
128
|
0
|
|
0
|
|
|
|
{ my $ipaddress = $networkdeviceiplist->{"ipaddress"} || ""; |
129
|
0
|
|
0
|
|
|
|
my $mask = $networkdeviceiplist->{"mask"} || ""; |
130
|
0
|
|
|
|
|
|
$result .= <<XML; |
131
|
|
|
|
|
|
|
<NetworkDeviceIP> |
132
|
|
|
|
|
|
|
<ipaddress>$ipaddress</ipaddress> |
133
|
|
|
|
|
|
|
<mask>$mask</mask> |
134
|
|
|
|
|
|
|
</NetworkDeviceIP> |
135
|
|
|
|
|
|
|
XML |
136
|
|
|
|
|
|
|
} |
137
|
0
|
|
|
|
|
|
$result .= "</NetworkDeviceIPList>\n"; |
138
|
|
|
|
|
|
|
} |
139
|
|
|
|
|
|
|
|
140
|
0
|
0
|
|
|
|
|
if ($self->NetworkDeviceGroupList) |
141
|
0
|
|
|
|
|
|
{ $result .= "<NetworkDeviceGroupList>\n"; |
142
|
0
|
|
|
|
|
|
my @networkdevicegrouplist = @{ $self->NetworkDeviceGroupList->{"NetworkDeviceGroup"} }; |
|
0
|
|
|
|
|
|
|
143
|
0
|
|
|
|
|
|
for my $networkdevicegroup (@networkdevicegrouplist) |
144
|
0
|
|
0
|
|
|
|
{ my $name = $networkdevicegroup || ""; |
145
|
0
|
|
|
|
|
|
$result .= qq(<NetworkDeviceGroup>$name</NetworkDeviceGroup>\n); |
146
|
|
|
|
|
|
|
} |
147
|
0
|
|
|
|
|
|
$result .= "</NetworkDeviceGroupList>\n"; |
148
|
|
|
|
|
|
|
} |
149
|
0
|
|
0
|
|
|
|
my $profilename = $self->profileName || ""; |
150
|
0
|
|
|
|
|
|
$result .= "<profileName>$profilename</profileName>"; |
151
|
0
|
0
|
|
|
|
|
if ($self->snmpsettings) |
152
|
0
|
|
|
|
|
|
{ $result .= "<snmpsettings>\n"; |
153
|
0
|
|
0
|
|
|
|
my $linktrapquery = $self->snmpsettings->{"linkTrapQuery"} || ""; |
154
|
0
|
|
0
|
|
|
|
my $mactrapquery = $self->snmpsettings->{"macTrapQuery"} || ""; |
155
|
0
|
|
0
|
|
|
|
my $originatingpolicyservicesnode = $self->snmpsettings->{"originatingPolicyServicesNode"} || ""; |
156
|
0
|
|
0
|
|
|
|
my $pollinginterval = $self->snmpsettings->{"pollingInterval"} || ""; |
157
|
0
|
|
0
|
|
|
|
my $rocommunity = $self->snmpsettings->{"roCommunity"} || ""; |
158
|
0
|
|
0
|
|
|
|
my $version = $self->snmpsettings->{"version"} || ""; |
159
|
0
|
|
0
|
|
|
|
my $authpassword = $self->snmpsettings->{"authPassword"} || ""; |
160
|
0
|
|
0
|
|
|
|
my $privacyprotocol = $self->snmpsettings->{"privacyProtocol"} || ""; |
161
|
0
|
|
0
|
|
|
|
my $securitylevel = $self->snmpsettings->{"securityLevel"} || ""; |
162
|
0
|
|
0
|
|
|
|
my $authprotocol = $self->snmpsettings->{"authProtocol"} || ""; |
163
|
0
|
|
0
|
|
|
|
my $username = $self->snmpsettings->{"userName"} || ""; |
164
|
0
|
|
0
|
|
|
|
my $privacypassword = $self->snmpsettings->{"privacyPassword"} || ""; |
165
|
0
|
|
|
|
|
|
$result .= <<XML; |
166
|
|
|
|
|
|
|
<snmpsettings> |
167
|
|
|
|
|
|
|
<linkTrapQuery>$linktrapquery</linkTrapQuery> |
168
|
|
|
|
|
|
|
<macTrapQuery>$mactrapquery</macTrapQuery> |
169
|
|
|
|
|
|
|
<originatingPolicyServicesNode>$originatingpolicyservicesnode</originatingPolicyServicesNode> |
170
|
|
|
|
|
|
|
<pollingInterval>$pollinginterval</pollingInterval> |
171
|
|
|
|
|
|
|
<roCommunity>$rocommunity</roCommunity> |
172
|
|
|
|
|
|
|
<version>$version</version> |
173
|
|
|
|
|
|
|
<authPassword>$authpassword</authPassword> |
174
|
|
|
|
|
|
|
<privacyProtocl>$privacyprotocol</privacyProtocol> |
175
|
|
|
|
|
|
|
<securityLevel>$securitylevel</securityLevel> |
176
|
|
|
|
|
|
|
<authProtocol>$authprotocol</authProtocol> |
177
|
|
|
|
|
|
|
<userName>$username</userName> |
178
|
|
|
|
|
|
|
<privacyPassword>$privacypassword</privacyPassword> |
179
|
|
|
|
|
|
|
</snmpsettings> |
180
|
|
|
|
|
|
|
XML |
181
|
|
|
|
|
|
|
} |
182
|
|
|
|
|
|
|
|
183
|
0
|
0
|
|
|
|
|
if ($self->tacacsSettings) |
184
|
0
|
|
0
|
|
|
|
{ my $connectmodeoptions = $self->tacacsSettings->{"connectModeOptions"} || ""; |
185
|
0
|
|
0
|
|
|
|
my $sharedsecret = $self->tacacsSettings->{"sharedSecret"} || ""; |
186
|
0
|
|
|
|
|
|
$result .= <<XML; |
187
|
|
|
|
|
|
|
<tacacsSettings> |
188
|
|
|
|
|
|
|
<connectModeOptions>$connectmodeoptions</connectModeOptions> |
189
|
|
|
|
|
|
|
<sharedSecret>$sharedsecret</sharedSecret> |
190
|
|
|
|
|
|
|
</tacacsSettings> |
191
|
|
|
|
|
|
|
XML |
192
|
|
|
|
|
|
|
|
193
|
|
|
|
|
|
|
} |
194
|
|
|
|
|
|
|
|
195
|
0
|
0
|
|
|
|
|
if ($self->trustsecsettings) |
196
|
0
|
|
|
|
|
|
{ $result .= qq(<trustsecsettings>); |
197
|
0
|
0
|
|
|
|
|
if ($self->trustsecsettings->{"deviceAuthenticationSettings"}) |
198
|
0
|
|
0
|
|
|
|
{ my $sgadeviceid = $self->trustsecsettings->{"deviceAuthenticationSettings"}{"sgaDeviceId"} || ""; |
199
|
0
|
|
0
|
|
|
|
my $sgadevicepassword = $self->trustsecsettings->{"deviceAuthenticationSettings"}{"sgaDevicePassword"} || ""; |
200
|
0
|
|
|
|
|
|
$result .= qq(<deviceAuthenticationSettings>\n); |
201
|
0
|
|
|
|
|
|
$result .= qq(<sgaDeviceId>$sgadeviceid</sgaDeviceId>\n); |
202
|
0
|
|
|
|
|
|
$result .= qq(<sgaDevicePassword>$sgadevicepassword</sgaDevicePassword>\n); |
203
|
0
|
|
|
|
|
|
$result .= qq(</deviceAuthenticationSettings>\n); |
204
|
|
|
|
|
|
|
} |
205
|
0
|
0
|
|
|
|
|
if ($self->trustsecsettings->{"sgaNotificationAndUpdates"}) |
206
|
0
|
|
0
|
|
|
|
{ my $sendconfigurationtodeviceusing = $self->trustsecsettings->{"sgaNotificationAndUpdates"}{"sendConfigurationToDeviceUsing"} || ""; |
207
|
0
|
|
0
|
|
|
|
my $downloadpeerauthorizationpolicyeveryxseconds = $self->trustsecsettings->{"sgaNotificationAndUpdates"}{"downlaodPeerAuthorizationPolicyEveryXSeconds"} || ""; |
208
|
0
|
|
0
|
|
|
|
$downloadpeerauthorizationpolicyeveryxseconds ||= $self->trustsecsettings->{"sgaNotificationAndUpdates"}{"downloadPeerAuthorizationPolicyEveryXSeconds"} || ""; |
|
|
|
0
|
|
|
|
|
209
|
0
|
|
0
|
|
|
|
my $downloadsgaccllistseveryxseconds = $self->trustsecsettings->{"sgaNotificationAndUpdates"}{"downloadSGACLListsEveryXSeconds"} || ""; |
210
|
0
|
|
0
|
|
|
|
my $downloadenvironmentdataeveryxseconds = $self->trustsecsettings->{"sgaNotificationAndUpdates"}{"downlaodEnvironmentDataEveryXSeconds"} || ""; |
211
|
0
|
|
0
|
|
|
|
$downloadenvironmentdataeveryxseconds ||= $self->trustsecsettings->{"sgaNotificationAndUpdates"}{"downloadEnvironmentDataEveryXSeconds"} || ""; |
|
|
|
0
|
|
|
|
|
212
|
0
|
|
0
|
|
|
|
my $reauthenticationeveryxseconds = $self->trustsecsettings->{"sgaNotificationAndUpdates"}{"reAuthenticationEveryXSeconds"} || ""; |
213
|
0
|
|
0
|
|
|
|
my $sendconfigurationtodevice = $self->trustsecsettings->{"sgaNotificationAndUpdates"}{"sendConfigurationToDevice"} || ""; |
214
|
0
|
|
0
|
|
|
|
my $othersgadevicestotrustthisdevice = $self->trustsecsettings->{"sgaNotificationAndUpdates"}{"otherSGADevicesToTrustThisDevice"} || ""; |
215
|
|
|
|
|
|
|
|
216
|
0
|
|
|
|
|
|
$result .= qq(<sgaNotificationAndUpdates>\n); |
217
|
0
|
|
|
|
|
|
$result .= qq(<sendConfigurationToDeviceUsing>$sendconfigurationtodeviceusing</sendConfigurationToDeviceUsing>\n); |
218
|
0
|
|
|
|
|
|
$result .= qq(<downlaodPeerAuthorizationPolicyEveryXSeconds>$downloadpeerauthorizationpolicyeveryxseconds</downlaodPeerAuthorizationPolicyEveryXSeconds>\n); |
219
|
0
|
|
|
|
|
|
$result .= qq(<downlaodEnvironmentDataEveryXSeconds>$downloadenvironmentdataeveryxseconds</downlaodEnvironmentDataEveryXSeconds>\n); |
220
|
0
|
|
|
|
|
|
$result .= qq(<reAuthenticationEveryXSeconds>$reauthenticationeveryxseconds</reAuthenticationEveryXSeconds>\n); |
221
|
0
|
|
|
|
|
|
$result .= qq(<sendConfigurationToDevice>$sendconfigurationtodevice</sendConfigurationToDevice>\n); |
222
|
0
|
|
|
|
|
|
$result .= qq(<otherSGADevicesToTrustThisDevice>$othersgadevicestotrustthisdevice</otherSGADevicesToTrustThisDevice>\n); |
223
|
0
|
|
|
|
|
|
$result .= qq(<downloadSGACLListsEveryXSeconds>$downloadsgaccllistseveryxseconds</downloadSGACLListsEveryXSeconds>\n); |
224
|
0
|
|
|
|
|
|
$result .= qq(</sgaNotificationAndUpdates>\n); |
225
|
|
|
|
|
|
|
} |
226
|
0
|
0
|
|
|
|
|
if ($self->trustsecsettings->{"deviceConfigurationDeployment"}) |
227
|
0
|
|
0
|
|
|
|
{ my $includewhendeployingsgtupdates = $self->trustsecsettings->{"deviceConfigurationDeployment"}{"includeWhenDeployingSGTUpdates"} || ""; |
228
|
0
|
|
0
|
|
|
|
my $execmodeusername = $self->trustsecsettings->{"deviceConfigurationDeployment"}{"execModeUsername"} || ""; |
229
|
0
|
|
0
|
|
|
|
my $enablemodepassword = $self->trustsecsettings->{"deviceConfigurationDeployment"}{"enableModePassword"} || ""; |
230
|
0
|
|
0
|
|
|
|
my $execmodepassword = $self->trustsecsettings->{"deviceConfigurationDeployment"}{"execModePassword"} || ""; |
231
|
|
|
|
|
|
|
|
232
|
0
|
|
|
|
|
|
$result .= qq(<deviceConfigurationDeployment>\n); |
233
|
0
|
|
|
|
|
|
$result .= qq(<includeWhenDeployingSGTUpdates></includeWhenDeployingSGTUpdates>\n); |
234
|
0
|
|
|
|
|
|
$result .= qq(<execModeUsername>$execmodeusername</execModeUsername>\n); |
235
|
0
|
|
|
|
|
|
$result .= qq(<enableModePassword>$enablemodepassword</enableModePassword>\n); |
236
|
0
|
|
|
|
|
|
$result .= qq(<execModePassword>$execmodepassword</execModePassword>\n); |
237
|
0
|
|
|
|
|
|
$result .= qq(</deviceConfigurationDeployment>\n); |
238
|
|
|
|
|
|
|
} |
239
|
|
|
|
|
|
|
|
240
|
0
|
|
|
|
|
|
$result .= qq(</trustsecsettings>\n); |
241
|
|
|
|
|
|
|
} |
242
|
|
|
|
|
|
|
# Not documented by Cisco ISE API: |
243
|
|
|
|
|
|
|
# SNMP Settings: authPassword |
244
|
|
|
|
|
|
|
# SNMP Settings: privacyProtocol |
245
|
|
|
|
|
|
|
# SNMP Settings: securityLevel |
246
|
|
|
|
|
|
|
# SNMP Settings: authProtocol |
247
|
|
|
|
|
|
|
# SNMP Settings: userName |
248
|
|
|
|
|
|
|
# SNMP Settings: privacyPassword |
249
|
|
|
|
|
|
|
# TACACS Settings: previousSharedSecretExpiry - Probably not implemented for write operations |
250
|
|
|
|
|
|
|
# TACACS Settings: previousSharedSecret - Probably not implemented for write operations |
251
|
|
|
|
|
|
|
|
252
|
0
|
|
|
|
|
|
return $result; |
253
|
|
|
|
|
|
|
} |
254
|
|
|
|
|
|
|
|
255
|
|
|
|
|
|
|
sub header |
256
|
0
|
|
|
0
|
1
|
|
{ my $self = shift; |
257
|
0
|
|
|
|
|
|
my $data = shift; |
258
|
0
|
|
|
|
|
|
my $record = shift; |
259
|
0
|
|
0
|
|
|
|
my $name = $record->name || "Device Name"; |
260
|
0
|
|
0
|
|
|
|
my $id = $record->id || ""; |
261
|
0
|
|
0
|
|
|
|
my $description = $record->description || "Random Description"; |
262
|
|
|
|
|
|
|
|
263
|
0
|
|
|
|
|
|
return qq{<?xml version="1.0" encoding="UTF-8" standalone="yes"?><ns4:networkdevice description="$description" name="$name" id="$id" xmlns:ers="ers.ise.cisco.com" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ns4="network.ers.ise.cisco.com">$data</ns4:networkdevice>}; |
264
|
|
|
|
|
|
|
|
265
|
|
|
|
|
|
|
} |
266
|
|
|
|
|
|
|
|
267
|
|
|
|
|
|
|
=pod |
268
|
|
|
|
|
|
|
|
269
|
|
|
|
|
|
|
=head1 NAME |
270
|
|
|
|
|
|
|
|
271
|
|
|
|
|
|
|
Net::Cisco::ISE::Device - Access Cisco ISE functionality through REST API - Device fields |
272
|
|
|
|
|
|
|
|
273
|
|
|
|
|
|
|
=head1 SYNOPSIS |
274
|
|
|
|
|
|
|
|
275
|
|
|
|
|
|
|
use Net::Cisco::ISE; |
276
|
|
|
|
|
|
|
use Net::Cisco::ISE::Device; |
277
|
|
|
|
|
|
|
|
278
|
|
|
|
|
|
|
my $ise = Net::Cisco::ISE->new(hostname => '10.0.0.1', username => 'acsadmin', password => 'testPassword'); |
279
|
|
|
|
|
|
|
|
280
|
|
|
|
|
|
|
my %devices = $ise->devices; |
281
|
|
|
|
|
|
|
# Retrieve all devices from ISE |
282
|
|
|
|
|
|
|
# Returns hash with device name / Net::Cisco::ISE::Device pairs |
283
|
|
|
|
|
|
|
|
284
|
|
|
|
|
|
|
print $ise->devices->{"MAIN_Router"}->toXML; |
285
|
|
|
|
|
|
|
# Dump in XML format (used by ISE for API calls) |
286
|
|
|
|
|
|
|
|
287
|
|
|
|
|
|
|
my $device = $ise->devices("name","MAIN_Router"); |
288
|
|
|
|
|
|
|
# Faster call to request specific device information by name |
289
|
|
|
|
|
|
|
|
290
|
|
|
|
|
|
|
my $device = $ise->devices("id","250"); |
291
|
|
|
|
|
|
|
# Faster call to request specific device information by ID (assigned by ISE, present in Net::Cisco::ISE::Device) |
292
|
|
|
|
|
|
|
|
293
|
|
|
|
|
|
|
$device->id(0); # Required for new device! |
294
|
|
|
|
|
|
|
my $id = $ise->create($device); |
295
|
|
|
|
|
|
|
# Create new device based on Net::Cisco::ISE::Device instance |
296
|
|
|
|
|
|
|
# Return value is ID generated by ISE |
297
|
|
|
|
|
|
|
print "Record ID is $id" if $id; |
298
|
|
|
|
|
|
|
print $Net::Cisco::ISE::ERROR unless $id; |
299
|
|
|
|
|
|
|
# $Net::Cisco::ISE::ERROR contains details about failure |
300
|
|
|
|
|
|
|
|
301
|
|
|
|
|
|
|
my $id = $ise->update($device); |
302
|
|
|
|
|
|
|
# Update existing device based on Net::Cisco::ISE::Device instance |
303
|
|
|
|
|
|
|
# Return value is ID generated by ISE |
304
|
|
|
|
|
|
|
print "Record ID is $id" if $id; |
305
|
|
|
|
|
|
|
print $Net::Cisco::ISE::ERROR unless $id; |
306
|
|
|
|
|
|
|
# $Net::Cisco::ISE::ERROR contains details about failure |
307
|
|
|
|
|
|
|
|
308
|
|
|
|
|
|
|
$ise->delete($device); |
309
|
|
|
|
|
|
|
# Delete existing device based on Net::Cisco::ISE::Device instance |
310
|
|
|
|
|
|
|
|
311
|
|
|
|
|
|
|
=head1 DESCRIPTION |
312
|
|
|
|
|
|
|
|
313
|
|
|
|
|
|
|
The Net::Cisco::ISE::Device class holds all the device relevant information from Cisco ISE 5.x |
314
|
|
|
|
|
|
|
|
315
|
|
|
|
|
|
|
=head1 USAGE |
316
|
|
|
|
|
|
|
|
317
|
|
|
|
|
|
|
All calls are typically handled through an instance of the L<Net::Cisco::ISE> class. L<Net::Cisco::ISE::Device> acts as a container for device group related information. |
318
|
|
|
|
|
|
|
|
319
|
|
|
|
|
|
|
=over 3 |
320
|
|
|
|
|
|
|
|
321
|
|
|
|
|
|
|
=item new |
322
|
|
|
|
|
|
|
|
323
|
|
|
|
|
|
|
Class constructor. Returns object of Net::Cisco::ISE::Device on succes. The following fields can be set / retrieved: |
324
|
|
|
|
|
|
|
|
325
|
|
|
|
|
|
|
=over 5 |
326
|
|
|
|
|
|
|
|
327
|
|
|
|
|
|
|
=item description |
328
|
|
|
|
|
|
|
|
329
|
|
|
|
|
|
|
=item id |
330
|
|
|
|
|
|
|
|
331
|
|
|
|
|
|
|
=item name |
332
|
|
|
|
|
|
|
|
333
|
|
|
|
|
|
|
=item tacacsConnection |
334
|
|
|
|
|
|
|
|
335
|
|
|
|
|
|
|
=item groupInfo |
336
|
|
|
|
|
|
|
|
337
|
|
|
|
|
|
|
=item legacyTACACS |
338
|
|
|
|
|
|
|
|
339
|
|
|
|
|
|
|
=item tacacs_SharedSecret |
340
|
|
|
|
|
|
|
|
341
|
|
|
|
|
|
|
=item singleConnect |
342
|
|
|
|
|
|
|
|
343
|
|
|
|
|
|
|
=item radius_SharedSecret |
344
|
|
|
|
|
|
|
|
345
|
|
|
|
|
|
|
=item subnets |
346
|
|
|
|
|
|
|
|
347
|
|
|
|
|
|
|
=item ips |
348
|
|
|
|
|
|
|
|
349
|
|
|
|
|
|
|
=item location |
350
|
|
|
|
|
|
|
|
351
|
|
|
|
|
|
|
=item deviceType |
352
|
|
|
|
|
|
|
|
353
|
|
|
|
|
|
|
=item displayedInHex |
354
|
|
|
|
|
|
|
|
355
|
|
|
|
|
|
|
=item keyWrap |
356
|
|
|
|
|
|
|
|
357
|
|
|
|
|
|
|
=item portCOA |
358
|
|
|
|
|
|
|
|
359
|
|
|
|
|
|
|
=back |
360
|
|
|
|
|
|
|
|
361
|
|
|
|
|
|
|
Formatting rules may be in place & enforced by Cisco ISE. |
362
|
|
|
|
|
|
|
|
363
|
|
|
|
|
|
|
=over 3 |
364
|
|
|
|
|
|
|
|
365
|
|
|
|
|
|
|
=item description |
366
|
|
|
|
|
|
|
|
367
|
|
|
|
|
|
|
The device description. |
368
|
|
|
|
|
|
|
|
369
|
|
|
|
|
|
|
=item id |
370
|
|
|
|
|
|
|
|
371
|
|
|
|
|
|
|
The device ID. Cisco ISE generates a unique ID for each Host record. This field cannot be updated within ISE but is used for reference. Set to 0 when creating a new record or when duplicating an existing host. |
372
|
|
|
|
|
|
|
|
373
|
|
|
|
|
|
|
=item name |
374
|
|
|
|
|
|
|
|
375
|
|
|
|
|
|
|
The device name, typically something like the sysName or hostname. |
376
|
|
|
|
|
|
|
|
377
|
|
|
|
|
|
|
=item tacacsConnection |
378
|
|
|
|
|
|
|
|
379
|
|
|
|
|
|
|
Boolean value (0 / 1) to indicate if TACACS+ is used on this device. |
380
|
|
|
|
|
|
|
|
381
|
|
|
|
|
|
|
=item groupInfo |
382
|
|
|
|
|
|
|
|
383
|
|
|
|
|
|
|
Read-only value that contains C<deviceType>, C<location> and other device type information. Only C<deviceType>, C<location> are retrievable by the respective methods. |
384
|
|
|
|
|
|
|
|
385
|
|
|
|
|
|
|
=item legacyTACACS |
386
|
|
|
|
|
|
|
|
387
|
|
|
|
|
|
|
Boolean value (0 / 1) that indicates support for legacy versions of TACACS+. |
388
|
|
|
|
|
|
|
|
389
|
|
|
|
|
|
|
=item tacacs_SharedSecret |
390
|
|
|
|
|
|
|
|
391
|
|
|
|
|
|
|
The shared key for TACACS+. When retrieving this information, the key is masked as **********. |
392
|
|
|
|
|
|
|
|
393
|
|
|
|
|
|
|
=item singleConnect |
394
|
|
|
|
|
|
|
|
395
|
|
|
|
|
|
|
The TACACS+ singleConnect setting. |
396
|
|
|
|
|
|
|
|
397
|
|
|
|
|
|
|
=item radius_SharedSecret |
398
|
|
|
|
|
|
|
|
399
|
|
|
|
|
|
|
The shared key for RADIUS. When retrieving this information, the key is masked as **********. |
400
|
|
|
|
|
|
|
|
401
|
|
|
|
|
|
|
=item subnets |
402
|
|
|
|
|
|
|
|
403
|
|
|
|
|
|
|
Array reference that contains hash entries of all IP information for the device entry, separated as C<netMask> and C<ipAddress> keys. |
404
|
|
|
|
|
|
|
|
405
|
|
|
|
|
|
|
=item ips |
406
|
|
|
|
|
|
|
|
407
|
|
|
|
|
|
|
Cleaned up instance of C<subnet>. |
408
|
|
|
|
|
|
|
|
409
|
|
|
|
|
|
|
=item location |
410
|
|
|
|
|
|
|
|
411
|
|
|
|
|
|
|
The device location field, as defined in C<groupInfo>. |
412
|
|
|
|
|
|
|
|
413
|
|
|
|
|
|
|
=item deviceType |
414
|
|
|
|
|
|
|
|
415
|
|
|
|
|
|
|
The specific device Type field. |
416
|
|
|
|
|
|
|
|
417
|
|
|
|
|
|
|
=item displayedInHex |
418
|
|
|
|
|
|
|
|
419
|
|
|
|
|
|
|
Boolean value (0 / 1). Used for RADIUS configuration. |
420
|
|
|
|
|
|
|
|
421
|
|
|
|
|
|
|
=item keyWrap |
422
|
|
|
|
|
|
|
|
423
|
|
|
|
|
|
|
Boolean value (0 / 1). Used for RADIUS configuration. |
424
|
|
|
|
|
|
|
|
425
|
|
|
|
|
|
|
=item portCOA |
426
|
|
|
|
|
|
|
|
427
|
|
|
|
|
|
|
TCP port for specific RADIUS purposes. |
428
|
|
|
|
|
|
|
|
429
|
|
|
|
|
|
|
=item toXML |
430
|
|
|
|
|
|
|
|
431
|
|
|
|
|
|
|
Dump the record in ISE accept XML formatting (without header). |
432
|
|
|
|
|
|
|
|
433
|
|
|
|
|
|
|
=item header |
434
|
|
|
|
|
|
|
|
435
|
|
|
|
|
|
|
Generate the correct XML header. Takes output of C<toXML> as argument. |
436
|
|
|
|
|
|
|
|
437
|
|
|
|
|
|
|
=back |
438
|
|
|
|
|
|
|
|
439
|
|
|
|
|
|
|
=over 3 |
440
|
|
|
|
|
|
|
|
441
|
|
|
|
|
|
|
=item description |
442
|
|
|
|
|
|
|
|
443
|
|
|
|
|
|
|
The device group account description, typically used for full device group name. |
444
|
|
|
|
|
|
|
|
445
|
|
|
|
|
|
|
=item groupType |
446
|
|
|
|
|
|
|
|
447
|
|
|
|
|
|
|
This points to the type of Device Group, typically Location or Device Type but can be customized. See also L<Net::Cisco::ISE::Device> C<deviceType>. |
448
|
|
|
|
|
|
|
|
449
|
|
|
|
|
|
|
=back |
450
|
|
|
|
|
|
|
|
451
|
|
|
|
|
|
|
=back |
452
|
|
|
|
|
|
|
|
453
|
|
|
|
|
|
|
=head1 BUGS |
454
|
|
|
|
|
|
|
|
455
|
|
|
|
|
|
|
|
456
|
|
|
|
|
|
|
|
457
|
|
|
|
|
|
|
=head1 SUPPORT |
458
|
|
|
|
|
|
|
|
459
|
|
|
|
|
|
|
|
460
|
|
|
|
|
|
|
|
461
|
|
|
|
|
|
|
=head1 AUTHOR |
462
|
|
|
|
|
|
|
|
463
|
|
|
|
|
|
|
Hendrik Van Belleghem |
464
|
|
|
|
|
|
|
CPAN ID: BEATNIK |
465
|
|
|
|
|
|
|
hendrik.vanbelleghem@gmail.com |
466
|
|
|
|
|
|
|
|
467
|
|
|
|
|
|
|
=head1 COPYRIGHT |
468
|
|
|
|
|
|
|
|
469
|
|
|
|
|
|
|
This program is free software licensed under the... |
470
|
|
|
|
|
|
|
|
471
|
|
|
|
|
|
|
The General Public License (GPL) |
472
|
|
|
|
|
|
|
Version 2, June 1991 |
473
|
|
|
|
|
|
|
|
474
|
|
|
|
|
|
|
The full text of the license can be found in the |
475
|
|
|
|
|
|
|
LICENSE file included with this module. |
476
|
|
|
|
|
|
|
|
477
|
|
|
|
|
|
|
|
478
|
|
|
|
|
|
|
=head1 SEE ALSO |
479
|
|
|
|
|
|
|
|
480
|
|
|
|
|
|
|
perl(1). |
481
|
|
|
|
|
|
|
|
482
|
|
|
|
|
|
|
=cut |
483
|
|
|
|
|
|
|
|
484
|
|
|
|
|
|
|
#################### main pod documentation end ################### |
485
|
|
|
|
|
|
|
__PACKAGE__->meta->make_immutable(); |
486
|
|
|
|
|
|
|
|
487
|
|
|
|
|
|
|
1; |
488
|
|
|
|
|
|
|
# The preceding line will help the module return a true value |
489
|
|
|
|
|
|
|
|