SonicWall ARP Cache Logs Part 1

I have read a number of forums where users have asked if it’s possible to export the SonicWall ARP cache records automatically or to poll SonicWall devices to retrieve the records. The only response I’ve seen is to purchase a Gateway Antivirus subscription and to link to Netflow so I wrote a Python a script to do this instead. The script uses paramiko for the ssh functionality and I use keyring to store credentials. I’m currently storing the results to a text file which can later be easily parsed if you need to compare the list of MAC addresses to those stored in your inventory system or a device list file.

This is the code:

import paramiko
import time
import keyring

f = open('testlog3.txt', 'wb')
host = [('172.30.16.1',"p1"),("172.30.17.1","p2")]	#list of hosts and password entry identifier
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
for x,y in host:
    ssh.connect(x, username = 'super1', password = keyring.get_password(y,"super1"))
    newcon = ssh.invoke_shell()
    newcon.send('no cli pager session\n')     #display all results without paging
    newcon.send('show arp cache\n')
    time.sleep(1)
    output=newcon.recv(10000)
    f.write(output)
    newcon.close()
f.close()

This is an example of the text file that’s created by the script:
textfile

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s