JavaScript within native command set scripting
Native command sets support JavaScript scripting functionality that will allow the creator to add their own logic flow around sending native commands to network resources and the ability to execute or return data from external commands.
Syntax
The first line of the native command
set must be //#javascript
or //#js
to
indicate to the workflow engine that scripting mode has been enabled.
execute
that
accepts three parameters and returns true
or false
to
indicate that the unit of work (UOW) has succeeded or failed. //#javascript
function execute(scriptAuditLogger, deviceInterface, systemInterface) {
//enter javascript logic here
return true;
}
This could also be written as://#javascript
function execute(logger, device, system) {
//enter javascript logic here
return true;
}
At script runtime, the workflow engine passes three classes corresponding to the function parameters to the script. Whatever names are chosen for the parameters, the names must be used within the body of the function.
$
character when creating JavaScript within
native command set scripting, for example in a regular expression.
Use #single_dollar#
instead (including the hashtags). Netcool Configuration
Manager interprets
the $
character as the beginning of a substitution
variable, which allows the use of parameters in Native Command Sets.
A single $
character is therefore interpreted as
the beginning of a substitution, and if there is no closing $
character,
an error occurs.Methods
In order to describe the methods that are available for each class, the parameter names in the first example from the Syntax section will be used.
Method | Description | Example |
---|---|---|
void info(String message) | Sends an audit log message to the UOW log. | scriptAuditLogger.log(“This message will appear in Unit of work log”); |
void error(String message, Exception exception) | Sends an audit log error message to the UOW log. | scriptAuditLogger.error(“This operation has failed”, e); |
Method | Description | Example |
---|---|---|
String send(String command) | Sends a command to device and returns response. | var response = deviceInterface.send(“show ip interface brief”); |
String send(String command, String responseRegExp) | Sends a command to device and returns result of running a regular expression on the response. Only the first group match is returned. | var response = deviceInterface.send(“show ip interface brief”, “^(\w+)\s”); |
String sendAndExpect(String command, String expectedResponse | Sends a command to a device, waits for the expected response, and returns the device's response. Use this method when an interactive command is to be sent. | deviceInterface.sendAndExpect("copy run start", "[startup-config]?"); deviceInterface.send("\r"); |
String sendAndExpect(String command, String expectedResponse, String responseRegExp) | Sends a command to a device, waits for the expected response, and returns the result of running a regular expression on the response. Only the first group match is returned. Use this method when an interactive command is to be sent. |
Method | Description | Example |
---|---|---|
public Path createFile(String filePathName, String content) throws Exception | Method to create a file, given the absolute file path and the content as a
String. You need to add sun.nio.fs.UnixPath as an allowed class to System
Properties to use this method. |
var response = system.createFile(source,"initial content of
file\n"); |
public Path updateFile(String filePathName, String content) throws Exception | Method to update a file, given the absolute file path and the content as a
String. You need to add sun.nio.fs.UnixPath as an allowed class to System
Properties to use this method. |
var response = system.updateFile(source,"appended update to
file\n"); |
public void deleteFile(String filePathName) throws Exception | Method to delete a file given the absolute file path, | system.deleteFile(source); |
public boolean sftpFile (String sourceFilePathName , String destinationFilePathName , Map<String,String> options) throws Exception |
Method to SFTP a file to a specified server. You need the
java.util package in System Properties as an allowed java package to use this
method. |
|
String executeSystemCommand(String shellName, String shellArgs, String command, String checksum) |
Executes a system command and returns the output of the system command. The system command is a file that contains a shell script. The user must calculate a checksum for the file using icosutil. The checksum must then be entered in a native command set. |
var response = systemInterface.executeSystemCommand(“/bin/sh”, “-c”, “getNetStat.sh”, “<generated checksum>”); To generate a checksum for the getNetStat.sh script on the server run the following command:
<install_dir>;/bin/icosutil CalculateChecksum getNetStat.sh Important: If an external script is modified after a checksum has been generated, then a new
checksum must be generated and the native command set script must be updated.
|
String executeSystemCommand(String shellName, String shellArgs, String command, String responseRegExp, String checksum) |
Executes a system command and returns the result of running a regular expression on the output of the system command. Only the first group match is returned. The system command is a file that contains a shell script. The user must calculate a checksum for the file using icosutil. The checksum must then be entered in a native command set. |
var response = systemInterface.executeSystemCommand(“/bin/sh”, “-c”, “getExternalData.sh”, “^(w+)\s“, <generated checksum>”); To generate a checksum for the getExternalData.sh script on the server run the following command:
<install_dir>;/bin/icosutil CalculateChecksum getExternalData.sh Important: If an external script is modified after a checksum has been generated, then a new
checksum must be generated and the native command set script must be updated.
|
Restricted commands
reload
//#javascript
function execute(scriptAuditLogger, deviceInterface, systemInterface) {
var command = “reload”;
deviceInterface.send(command);
return true;
}
Disabling scripting
- Scripting – Enable script execution
- The system checks this property at runtime, and if set to 'false', will not allow scripts to be run.
Disabling external system commands
- Scripting – Enable external system command execution
- The system checks this property at runtime, and if set to 'false', will not allow scripts to be run.
Allowing classes and packages in scripting
- Scripting - Classes allowed in a script
- This system property stores a list of allowed Java classes. It is checked at runtime to determine if classes in a script are permitted.
- Scripting - Packages allowed in a script
- This system property stores a list of allowed Java packages. It is checked at runtime to determine if packages in a script are permitted.
Setting scripting timeout
- Scripting - Maximum script execution time
- The default script execution limit is 10 minutes, and a system administrator can set a time limit between one and 120 minutes.
Script samples
//#javascript
function execute(scriptAuditLogger, deviceInterface, systemInterface) {
var response = deviceInterface.send("show ntp status", "(Clock is unsynchronized)");
if (response == null) {
scriptAuditLogger.info("Clock IS synchronized");
return true;
} else {
scriptAuditLogger.info("Clock is NOT synchronized");
response = deviceInterface.send("show ntp association", "(#\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})");
if (response != null) {
var ipAddress = response.substring(1);
scriptAuditLogger.info("IP address of master = " + ipAddress);
response = deviceInterface.send("ping " + ipAddress);
scriptAuditLogger.info(response);
} else {
scriptAuditLogger.info("NTP master is NOT configured.");
}
return false;
}
}
//#javascript
importClass(java.util.regex.Pattern);
importClass(java.util.regex.Matcher);
function execute(logger, device, system) {
var ipAddresses = device.send("show ip int brie | ex (Interface|unassigned|down)");
logger.info(ipAddresses);
var regexpression = "((?:(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])\\.){3}(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9]))";
var pattern = Pattern.compile(regexpression, Pattern.MULTILINE);
var matcher = pattern.matcher(ipAddresses);
while (matcher.find()) {
var ipAddress = matcher.group();
logger.info("Found ip address [" + ipAddress + "]. Performing nslookup...");
var response = system.executeSystemCommand("/bin/sh", "-c", "/home/icosuser/scripts/nslookup.sh " + ipAddress, "57b0b52e4a43da0591f90d4b7da6f6d189b985bbf4ec787a416104910f7610ac");
logger.info(response);
}
return true;
}
nslookup.sh
,
was written and saved in the /home/icosuser/scripts directory
on the Netcool Configuration
Manager server.
The script consisted of one line: nslookup $1