Fortinet Fortigate troubleshooting traffic flows

When we're trying to figure out why a particular traffic flow is not working, we'd first check the logs on Fortianalyzer or locally in our Fortigate; sometimes this process will work just fine, but other times we'll see something like "denied by policy id X" - being X the implicit/explicit deny any rule at the … Continue reading Fortinet Fortigate troubleshooting traffic flows

Advertisements

Backing up and tracking device configs with Ansible & Git

It seems reasonable to backup our devices config on a daily basis, or even better, after every change window, as well as to have some sort of revision control so that we know what changes were made and at what time. In this post, I'm going to explain the process required to get this up … Continue reading Backing up and tracking device configs with Ansible & Git

Building an interface counter’s report on Arista (II): using Ansible

We can gather interface counters reasonably easily using Ansible (you can check how to do the same thing using Python+pyeapi here). I am going to focus on output drops in this post, but the same concepts can be applied to any other interface counter. First of all, we need an inventory file in which we will … Continue reading Building an interface counter’s report on Arista (II): using Ansible

Building an interface counter’s report on Arista (I): using the Python pyeapi library

Pyeapi is the Arista's python library used to interact with their API. Leveraging it, we can pull structured data (JSON) directly from the switches. This JSON format data comes as multiple dictionaries within a list, which means that we can very easily access to its corresponding keys and values to analyse the specific data we care … Continue reading Building an interface counter’s report on Arista (I): using the Python pyeapi library