{ "info": { "author": "Diogo Andr\u00e9 de Assump\u00e7\u00e3o", "author_email": "diogo.aa@protonmail.com", "bugtrack_url": null, "classifiers": [ "Development Status :: 2 - Pre-Alpha", "Intended Audience :: Developers", "License :: OSI Approved :: MIT License", "Natural Language :: English", "Programming Language :: Python :: 3", "Programming Language :: Python :: 3.4", "Programming Language :: Python :: 3.5", "Programming Language :: Python :: 3.6", "Programming Language :: Python :: 3.7" ], "description": "[![Build Status](https://travis-ci.org/DiogoAndre/acl_stats.svg?branch=master)](https://travis-ci.org/DiogoAndre/acl_stats)\n[![published](https://static.production.devnetcloud.com/codeexchange/assets/images/devnet-published.svg)](https://developer.cisco.com/codeexchange/github/repo/DiogoAndre/acl_stats)\n\n# ACL Stats\n\n**Quickly gather access-lists stats from Cisco ASA Firewalls**\n\nACL Stats is a tool to help extract basic info from access-list from a\nCisco ASA Firewall, and output the information in a structured way.\n\n![Sample script run with output in csv](sample_csv.png)\n\nThe script currently collects the number of hits for each acl entry and the date of the last hit.\n\n## Usage\n\nFirst, install it via pip:\n\n pip install acl_stats\n\nUse it as a command line tool. You can get contextual help in the cli:\n\n acl_stats --help\n\nThere are two main modes to pass the access-lists to the script.\n\n### Directly from a Device\n\nThe script can connect to a device in the network and gather the informatoin needed. \nA connection is made via HTTPS (same transport as ASDM), hence the firewall will need to have that method enabled.\n\nRun ``acl_stats device --help`` to get the contextual help listing all the available parameters:\n\n```shell\n $ acl_stats device --help 02:35:23\n ACL Stats\n Usage: acl_stats device [OPTIONS]\n\n Connect to a device to fech ACLs\n\n Options:\n --hostname TEXT Hostname or IP of device to connect [required]\n --port INTEGER port to use when connection to a device [required]\n --username TEXT username to use when connection to a device [required]\n --password TEXT password to use when connection to a device [required]\n --acl-name TEXT Name of target ACL [required]\n --output TEXT Choose an output format: json, csv. Defaults to csv\n --write-to TEXT Write the output to a file\n --help Show this message and exit.\n```\n\nHere's an example:\n\n```shell\n acl_stats device --hostname 192.168.218.72 --port 443 --username cisco --password cisco --acl-name inside_in --output json\n```\n\nIf you ommit the ``--write-to`` parameter, the output will be sent to ``stdout``(the terminal, usually).\n\n## From static files\n\nYou can also run the script 'off-line', using previously extracted command outputs.\nThe script processes one access-list at a time for now. Here are the two commands you need to save in **separete** files:\n\n show acess-list _name_of_acl\n show access-list _name_of_acl brief\n\nRun ``acl_stats static --help`` to get the contextual help listing all the available parameters:\n\n```shell\n $ acl_stats static --help 02:47:19\n ACL Stats\n Usage: acl_stats static [OPTIONS]\n\n Use static files instead of connection to a device\n\n Options:\n --acl-file TEXT File containing the output of the show acess-list _name_\n command [required]\n --acl-brief TEXT File containing the output of the show acess-list _name_\n brief command [required]\n --output TEXT Choose an output format: json, csv. Defaults to csv\n --write-to TEXT Write the output to a file\n --help Show this message and exit.\n```\n\nHere's an example:\n\n```shell\n acl_stats static --acl-file acl.log --acl-brief acl_brief.log --output json --write-to acl-inside_in.csv\n```\n\n## Example Outputs\n\nJSON Output\n\n```json\n $ acl_stats acl_stats device --hostname 192.168.218.72 --port 443 --username cisco --password cisco --acl-name inside_in --output json 02:47:23\n ACL Stats\n Using Device 192.168.218.72\n\n Contacting Device\n Fetching ACL\n Fetching ACL Brief\n Processing\n Done!\n [\n {\n \"entry_id\": \"20d85be5\",\n \"grouped_id\": \"00000000\",\n \"line\": \"1\",\n \"hitcount\": 3,\n \"last_hit_date\": \"2018-10-11 09:50:52\",\n \"timestamp\": 1539262252,\n \"entry\": \"access-list inside_in line 1 extended permit icmp any host 10.0.0.10 (hitcnt=3) 0x20d85be5\"\n },\n {\n \"entry_id\": \"bde0d47c\",\n \"grouped_id\": \"-\",\n \"line\": \"2\",\n \"hitcount\": 0,\n \"last_hit_date\": \"0\",\n \"timestamp\": 0,\n \"entry\": \"access-list inside_in line 2 extended permit tcp any host 10.0.0.10 eq www (hitcnt=0) 0xbde0d47c\"\n },\n {\n \"entry_id\": \"20414f5d\",\n \"grouped_id\": \"-\",\n \"line\": \"3\",\n \"hitcount\": 0,\n \"last_hit_date\": \"0\",\n \"timestamp\": 0,\n \"entry\": \"access-list inside_in line 3 extended deny tcp any host 10.0.0.10 eq gopher inactive (hitcnt=0) (inactive) 0x20414f5d\"\n },\n {\n \"entry_id\": \"49ae2fb8\",\n \"grouped_id\": \"-\",\n \"line\": \"4\",\n \"hitcount\": 0,\n \"last_hit_date\": \"0\",\n \"timestamp\": 0,\n \"entry\": \"access-list inside_in line 4 extended deny tcp any host 10.0.0.10 eq telnet (hitcnt=0) 0x49ae2fb8\"\n }\n ]\n Lines processed (acls + brief): 5\n Total execution time: 0.09016704559326172s.\n```\n\nCSV output:\n\n```csv\n $ acl_stats acl_stats device --hostname 192.168.218.72 --port 443 --username cisco --password cisco --acl-name inside_in --output csv 02:57:21\n ACL Stats\n Using Device 192.168.218.72\n\n Contacting Device\n Fetching ACL\n Fetching ACL Brief\n Processing\n Done!\n entry_id,grouped_id,line,hitcount,last_hit_date,timestamp,entry\n 20d85be5,00000000,1,3,2018-10-11 09:50:52,1539262252,access-list inside_in line 1 extended permit icmp any host 10.0.0.10 (hitcnt=3) 0x20d85be5\n bde0d47c,-,2,0,0,0,access-list inside_in line 2 extended permit tcp any host 10.0.0.10 eq www (hitcnt=0) 0xbde0d47c\n 20414f5d,-,3,0,0,0,access-list inside_in line 3 extended deny tcp any host 10.0.0.10 eq gopher inactive (hitcnt=0) (inactive) 0x20414f5d\n 49ae2fb8,-,4,0,0,0,access-list inside_in line 4 extended deny tcp any host 10.0.0.10 eq telnet (hitcnt=0) 0x49ae2fb8\n\n Lines processed (acls + brief): 5\n Total execution time: 0.08188796043395996s.\n```\n\n\n=======\nHistory\n=======\n\n0.1.0 (2018-10-11)\n------------------\n\n* First release on PyPI.", "description_content_type": "", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/diogoandre/acl_stats", "keywords": "acl_stats", "license": "MIT license", "maintainer": "", "maintainer_email": "", "name": "acl-stats", "package_url": "https://pypi.org/project/acl-stats/", "platform": "", "project_url": "https://pypi.org/project/acl-stats/", "project_urls": { "Homepage": "https://github.com/diogoandre/acl_stats" }, "release_url": "https://pypi.org/project/acl-stats/0.1.3/", "requires_dist": null, "requires_python": "", "summary": "Quickly gather access-lists stats from Cisco ASA Firewalls", "version": "0.1.3" }, "last_serial": 4384750, "releases": { "0.1.2": [ { "comment_text": "", "digests": { "md5": "b9041856d5023b2ae441ee6f3a9a9635", "sha256": "f41cb439900f656515c3cdcb0cde0704d44e67b41e5eb6cf958247fca4fa695f" }, "downloads": -1, "filename": "acl_stats-0.1.2.tar.gz", "has_sig": false, "md5_digest": "b9041856d5023b2ae441ee6f3a9a9635", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 14226, "upload_time": "2018-10-12T06:55:45", "url": "https://files.pythonhosted.org/packages/6f/8f/b0c236c390bf950afc9f3d09a5aa3eca384d1c06acd360e9f45d31030958/acl_stats-0.1.2.tar.gz" } ], "0.1.3": [ { "comment_text": "", "digests": { "md5": "42128907009960d3cc2bf0e448d3d9fb", "sha256": "9f794ec3363d4957842d493b34eb14076213fd4a2f6df79129fc90abf9572fcf" }, "downloads": -1, "filename": "acl_stats-0.1.3.tar.gz", "has_sig": false, "md5_digest": "42128907009960d3cc2bf0e448d3d9fb", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 14493, "upload_time": "2018-10-17T02:53:45", "url": "https://files.pythonhosted.org/packages/1d/da/07dad9e088f5d9b6da55d57f45d107e7296d1977fd3d5fd15d2db3853b85/acl_stats-0.1.3.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "42128907009960d3cc2bf0e448d3d9fb", "sha256": "9f794ec3363d4957842d493b34eb14076213fd4a2f6df79129fc90abf9572fcf" }, "downloads": -1, "filename": "acl_stats-0.1.3.tar.gz", "has_sig": false, "md5_digest": "42128907009960d3cc2bf0e448d3d9fb", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 14493, "upload_time": "2018-10-17T02:53:45", "url": "https://files.pythonhosted.org/packages/1d/da/07dad9e088f5d9b6da55d57f45d107e7296d1977fd3d5fd15d2db3853b85/acl_stats-0.1.3.tar.gz" } ] }