In a previous post I explained how to Fish the UCS API Pool with Wireshark. That was hard but very important method to know. Like all things in life, there is an easier way (as also highlighted by A Friend!). It’s nice to have friends, even if they are anonymous which makes birthday parties hard to plan.
Anyway, let’s recap why we need to do this:
You may want to develop your own code against the UCS API for many reasons, maybe you’re lazy and nosey? Sorry, I meant efficient and creative, of course. When you use the UCS Manager GUI your actions are turned into API XML commands and sent to UCSM over the wire. If you can see this commands, you can programmatically repeat your actions. Say, schedule a backup or create 200 VLANs. Or deploy a whole UCS in one key press? Niiiiiice.
You want to see what is sent and received between your UCS Manager Java client and the UCSM Manager server software running on the Fabric Interconnect. One way is to sniff the wire with Wireshark, another (easier way) is to turn on Java logging and just watch the logs!
To do this you will need no extra tools other than your local computer and remote UCS system (or Cisco Platform Emulator). I’m doing this on a Mac so the following is for a Mac but I’m sure a bright person such as yourself can translate into Windoze steps. Here’s the method:
- Edit your Java Preferences to enable console and logging.
- Start your UCS Manager session.
- Tail the logs, send commands, spy on UCS!
Edit your Java Preferences
Find Java Preferences is a good start…
Opening Java Preferences on the Mac
Once open, turn on Console (show it, so you can play with the Java Preferences live) and turn on Logging:
Show Console and turn on Logging
Make sure that, after changing these settings, you close any Java and browser, like Safari, setting and restart.
Start your UCS Manager Session
I’m running the Cisco UCSPE so here’s what it all looks like on my laptop:
UCS PE, Java Console, Browser and UCSM Client all open
Now all that’s open and working, let’s do the last bit to tail the logs and see our API commands.
Tail the logs; send commands; spy on UCS!
The Java logs that you enabled are located on a Mac in the following directory. On a Windoze device they’ll be in the Applications Data folder somewhere.
Although you could use the tail command, I use the less command and the tail function in that. Using less means I can tail, stop tailing, search back and forwards… much more powerful…
$ cd /Users/viewyonder/Library/Caches/Java/log/.ucsm $ ls -lart <deleted for brevity> -rw-r--r-- 1 viewyonder staff 7317690 19 Sep 08:35 centrale_17765.log -rw-r--r-- 1 viewyonder staff 5898189 23 Sep 15:10 centrale_1702.log $ less centrale_1702.log
Now, back on the UCSM client I do an action and see the XML in the Terminal window where I’m tailing the log. Here’s an example of creating a new user. First, the screen in UCSM and second, the XML in the log.
Creating a new local user in UCS Manager
And in my terminal screen that is running the less command, I found the following XML:
UCS API XML to create a local user
And because it’s a terminal session, I just copy the XML out and paste it into here.. voila!
<configConfMos cookie="1283173103/093e56fe-f84b-41c0-bdf6-02adb130b273" response="yes"> <outConfigs> <pair key="sys/user-ext/user-viewyonder"> <aaaUser childAction="deleteNonPresent" descr="" dn="sys/user-ext/user-viewyonder" email="stevie_chambers@viewyonder.com" encPwd="" expiration="never" expires="no" firstName="Steve" intId="25431" lastName="Chambers" name="viewyonder" phone="800-UNIFY-ME-BABY" priv="read-only" pwd="" pwdSet="no" status="created"> <aaaUserRole childAction="deleteNonPresent" descr="" intId="25433" name="read-only" rn="role-read-only" status="created"/> <aaaUserRole childAction="deleteNonPresent" descr="" intId="25434" name="admin" rn="role-admin" status="created"/> <aaaSshAuth childAction="deleteNonPresent" data="" oldStrType="none" rn="sshauth" status="created" strType="none"/> </aaaUser> </pair> </outConfigs> </configConfMos>
Comments