Automating Repeatable Tasks in Cisco Identity Service Engine

Continuing the previous post where I had shared how we can setup Ansible for Cisco Identity Service Engine

[Please Note: this was before ISE 3.0 introduced where additional feature for automation where introduced. For further details please refer this ].

In this post we shall be looking at how we can use Python to Automate tasks related to Endpoint Onboarding, Fetch and Deletion from Cisco ISE.

Certain tasks in ISE are repeatable and can be automated which can then allow the benefit of automation like

1. Reducing Human Error while performing repeatable tasks.
2. Offloading the repeatable task to automation hence enabling better utilisation of resources.

In this post, we will be going through the script and its usage which can enable above mentioned points.

Applicability of automation usecases where administrator is required to add endpoint to Cisco ISE can be observed in

• Education Sector
• Manufacturing/Industrial Sector
• Service Provider
• Enterprises

Breakdown of Script

Script is designed as Class to enable which has various features defined as function of class like

• getEndpoint() - To Fetch list of all endpoints
• postEndpoint() - To Add Endpoints
• postbulkEndpoint() - To Add Bulk Endpoints
• delEndpoint() - To remove Endpoints

This will the capability to extend the features of the class in future.

The complete detail of the Requirement, Usecases and Usage has been explained at Github Page

Following Sequence of action will be seen post successful execution of script.

Code Snippet

def postendpoint(self)
    uri = self.getendpointurl(False)
    url = "https://" + str(self.getiseip()) + ":9060" + str(uri)
    rawdata = open("endpoint.json",'r')
    payload = json.loads(rawdata.read())
    resp = self.apicall("POST", url, json.dumps(payload))
    if resp.status_code == 201:
        logger.info("Endpoint is Added Successfully.")
    else:
        logger.error("Issue with Adding Endpoint. For more Details, Response from ISE was --->\n {}".format(resp.text))
def postbulkendpoint(self):
    uri = self.getendpointurl(True)
    url = "https://" + str(self.getiseip()) + ":9060" + str(uri)
    rawdata = open("bulkendpoint.xml", 'r')
    resp = self.apicall("PUT", url, rawdata)
    if resp.status_code == 202:
        logger.info("All Endpoints are  Added Successfully.")
    else:
        logger.error("Issue with Adding Endpoint. For more Details, Response from ISE was --->\n {}".format(resp.text))
def delendpoint(self,endpointid):
    uri = self.getdeleteurl()
    url = "https://" + str(self.getiseip()) + ":9060" + str(uri) + str(endpointid)
    resp = self.apicall("DELETE", url,{})
    if resp.status_code == 204:
        logger.info("{}  is  Deleted Successfully.")
    else:
        logger.error("Issue with Deleting Endpoint with UUID {}. For more Details, Response from ISE was --->\n {}".format(endpointid,resp.text)):        

Feel free to explore the code and add your feedbacks !!

Thanks!!