diff --git a/netbox_zabbix_sync.py b/netbox_zabbix_sync.py index 15bf9ca..b0878ea 100755 --- a/netbox_zabbix_sync.py +++ b/netbox_zabbix_sync.py @@ -6,6 +6,7 @@ import logging import argparse from pynetbox import api from pyzabbix import ZabbixAPI, ZabbixAPIException +from pynetbox.core.query import RequestError as NetboxRequestError # Set logging log_format = logging.Formatter('%(asctime)s - %(name)s - ' @@ -46,6 +47,7 @@ def main(arguments): zabbix_pass = environ.get("ZABBIX_PASS") netbox_host = environ.get("NETBOX_HOST") netbox_token = environ.get("NETBOX_TOKEN") + netbox_key = environ.get("NETBOX_KEY") # Set Zabbix API try: @@ -55,7 +57,8 @@ def main(arguments): e = f"Zabbix returned the following error: {str(e)}." logger.error(e) # Set Netbox API - netbox = api(netbox_host, netbox_token, threading=True) + netbox = api(netbox_host, token=netbox_token, + private_key=netbox_key, threading=True) # Get all Zabbix and Netbox data netbox_devices = netbox.dcim.devices.all() zabbix_groups = zabbix.hostgroup.get(output=['name']) @@ -89,6 +92,10 @@ def main(arguments): else: logger.debug(f"{device.name} is not linked to a tenant. " f"Using HG format '{device.hostgroup}'.") + # -s flag: collect secrets from this device + if(arguments.secret): + # This triggers another API query, might cause delay. + device.getNetboxSecrets(netbox) # Checks if device is in cleanup state if(device.status != "Active"): if(device.zabbix_id): @@ -163,6 +170,7 @@ class NetworkDevice(): self.zabbix = zabbix self.tenant = nb.tenant self.hostgroup = None + self.secrets = None self.hg_format = [self.nb.site.name, self.nb.device_type.manufacturer.name, self.nb.device_role.name] @@ -237,11 +245,25 @@ class NetworkDevice(): f"Modifying hostname from {self.name} to " + f"{self.nb.virtual_chassis.name}.") self.name = self.nb.virtual_chassis.name + return True else: logger.debug(f"Device {self.name} is non-primary cluster member.") return False + def getNetboxSecrets(self, nbapi): + """ + Get secrets from this Netbox host + """ + try: + self.secrets = nbapi.secrets.secrets.filter(device=self.nb.name) + if(self.secrets): + logger.debug(f"Got {len(self.secrets)} secret(s)" + f" for host {self.name}.") + except NetboxRequestError as e: + e = f"Couldn't get Netbox secrets, error {e}." + logger.warning(e) + def getZabbixTemplate(self, templates): """ Returns Zabbix template ID @@ -319,7 +341,8 @@ class NetworkDevice(): """ try: # Initiate interface class - interface = ZabbixInterface(self.nb.config_context, self.ip) + interface = ZabbixInterface(self.nb.config_context, + self.ip, self.secrets) # Check if Netbox has device context. # If not fall back to old config. if(interface.get_context()): @@ -513,8 +536,9 @@ class NetworkDevice(): class ZabbixInterface(): - def __init__(self, context, ip): + def __init__(self, context, ip, secrets=None): self.context = context + self.secrets = secrets self.type = None self.ip = ip self.skelet = {"main": "1", "useip": "1", "dns": "", "ip": self.ip} @@ -542,6 +566,12 @@ class ZabbixInterface(): # Checks if SNMP settings are defined in Netbox if("snmp" in self.context["zabbix"]): snmp = self.context["zabbix"]["snmp"] + # Check if matching SNMP Netbox secret is found for host. + secrets = ["community", "authpassphrase", "privpassphrase"] + if(self.secrets): + for secret in self.secrets: + if(secret.name in secrets): + snmp[secret.name] = secret.plaintext self.interface["details"] = {} # Checks if bulk config has been defined if(snmp.get("bulk")): @@ -610,6 +640,8 @@ if(__name__ == "__main__"): parser.add_argument("-t", "--tenant", action="store_true", help=("Add Tenant name to the Zabbix " "hostgroup name scheme.")) + parser.add_argument("-s", "--secret", action="store_true", + help=("Use Netbox secrets for SNMP interfaces.")) args = parser.parse_args() main(args)