Automating SAN admin tasks on CISCO SAN switches


SAN switches are backbone of every fabric. All of the traffic goes through these special devices via optical cables. FCID, pwwn, fpwwn, SFP, zoning are the most common things a storage admin deals day to day. For any troubleshooting finding the initiators logged into which targets are one of the primary task. On a medium size fabric the number of zones, logins, aliases, pwwn ranges from thousands of tables. What if we have a single table which has the consolidated information from all your switches.

Imagine when you search for a particular PWWN, the query returns all the zones its participating, FCID, port, switch it connects, aliases. This would definitely save a lot of time for you.  Keeping a track of ever changing databases is a tedious work. the only way to skip that is to write a piece of code and it will run for ever in a click.

  • Tools

For interacting with SAN switches we have Putty, Plink (command line utility for putty) for Windows and SSH for Linux. Here the focus is given to automating the health check on Cisco switches using Plink and Windows PowerShell 1.0. In general, all the windows machine comes with PowerShell 1.0 or greater. Plink can be downloaded from here. Here is the link for using Plink in batch and scripts.

Output of Plink when called by PS

Here the PowerShell will call the Plink application installed on your computer. Plink then fetch  the username on the IP” ” via port number 22  and password “password ” and issue the command “show zoneset active” on the switch end using SSH.

PS C:\Users\admin> & ‘D:\Installations Files\plink.exe’ -ssh username@ -P 22
-pw password show zoneset active

Plink: command-line connection utility
Release 0.66
Usage: plink [options] [user@]host [command]
(“host” can also be a PuTTY saved session name)
-V print version information and exit
-pgpfp print PGP key fingerprints and exit
-v show verbose messages
-load sessname Load settings from saved session
-ssh -telnet -rlogin -raw -serial
force use of a particular protocol
-P port connect to specified port
-l user connect with specified username
-batch disable all interactive prompts
-sercfg configuration-string (e.g. 19200,8,n,1,X)
Specify the serial configuration (serial only)
The following options only apply to SSH connections:
-pw passw login with specified password
-D [listen-IP:]listen-port
Dynamic SOCKS-based port forwarding
-L [listen-IP:]listen-port:host:port
Forward local port to remote address
-R [listen-IP:]listen-port:host:port
Forward remote port to local address
-X -x enable / disable X11 forwarding
-A -a enable / disable agent forwarding
-t -T enable / disable pty allocation
-1 -2 force use of particular protocol version
-4 -6 force use of IPv4 or IPv6
-C enable compression
-i key private key file for user authentication
-noagent disable use of Pageant
-agent enable use of Pageant
-hostkey aa:bb:cc:…
manually specify a host key (may be repeated)
-m file read remote command(s) from file
-s remote command is an SSH subsystem (SSH-2 only)
-N don’t start a shell/command (SSH-2 only)
-nc host:port
open tunnel in place of session (SSH-2 only)


  • Extracting data using PowerShell

The power shell is used to extract the data coming from Plink. As the output is not in a standard format, some PowerShell scripts needs to be written to convert the output to a CSV. The CSV from many switches are consolidated to one and act as a database for your query.

How to use this piece of code.

  1. open your PowerShell as Admin
  2. run Set-ExecutionPolicy unrestricted
  3. Click yes on the popup
  4. Now create a folder cisco on your d drive. If you do not have a d drive you may chande the ‘D:\cisco\’ to ‘C:\cisco\’
  5. Copy the code in a text file and rename it to filename.ps1.Basically the extension should be ps1 and move it to the folder which you have created in step 4
  6. Keep your  pilink.exe application on ‘D:\Installations Files\plink.exe’ or just change the path of the code to point the plink.exe file. eg: if you plink file is there in C:\folder\plink.exe, change the code to ‘C:\folder\plink.exe’
  7. Run the .ps1 file using powershell
  8. Voila your CSV will be created

If you have many IPs then use a for loop. Similarly  Flogi database, interface  and FCAlias or device-aliases details can be made into friendly databases and

$defpath = ‘D:\cisco\’
(& ‘D:\Installations Files\plink.exe’ -ssh admin@ -P 22 -pw password show zoneset active) | Out-File -Encoding UTF8 (“$defpath” + “cisco_zsactive.txt”) #-Append
“Zonename,VSAN_ID,Member1,Member2,Member3,Member4,Member5,Member6,Member7,Member8,Member9,Member10” | Out-File (“$defpath” + “cisco_zsactive.csv”) -Encoding UTF8
$variable = ((gc (“$defpath” + “cisco_zsactive.txt”)) | Select-String “zone name”,pwwn -SimpleMatch) -join “`r`n”
#($variable + “`r`n }”) is added to input a fill word to get the pattern of the container
$ZoneContainer = ($variable + “`r`n }”) | ForEach-Object {
$_ -replace ‘Zone name’, “}`r`nZone name” `

($ZoneContainer| Select-String ‘(?s)(?<=Z)(.+?)(?=\ })’ -AllMatches).Matches | % {
$ZoneContainer = $ZoneContainer.Replace($_.Value, ($_.Value -split “`r`n” | % { $_.Trim() }) -join ” “)
$ZoneContainer | Out-File (“$defpath” + “cisco_temp_zsactive.txt”) -Encoding UTF8

$Zone_csv_unformatted = gc (“$defpath” + “cisco_temp_zsactive.txt”)

$FCIDpattern = ‘(?s)(?<=0x)(.+?)(?= )’

$Zone_csv_unformatted | ForEach-Object{
$_ -replace ‘ }’, ” `
-replace ‘Zone name ‘, ”`
-replace ‘vsan ‘, ”`
-replace ‘pwwn ‘, ”`
-replace ‘\*’, ”`
-replace ‘ FCID ‘, ”`
-replace “0x+$FCIDpattern”, ”
}|ForEach-Object {
$csvmaker = (“$IP” + ‘ ‘ + $_ -replace “\s{1,}”, “,”)
Out-File -InputObject $csvmaker -FilePath (“$defpath” + “cisco_zsactive.csv”) -Encoding UTF8 -append

echo “ZoneSet Active data processed”

For extracting the information from the CSV, use

$pwwnsearch = Read-Host ” Enter the pwwn”

gc (“$defpath” + “cisco_zsactive.csv”) | Select-String -SimpleMatch $pwwnsearch | Out-File (“$defpath” + ‘pwwnout.csv’) -Encoding UTF8 -Width 3000




Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s