How to collect the output of CLI commands periodically using Python

How to collect the output of CLI commands periodically using Python

851
Created On 10/08/25 07:54 AM - Last Modified 10/10/25 10:14 AM


Objective


Python script for collecting CLI command outputs periodically from Palo Alto Firewalls/Panorama. Uses SSH automation to execute commands at specified intervals and save results to file without manual intervention.

Environment


  • Palo Alto Firewalls or Panorama
  • Linux/Windows/macOS PC that can access the Palo Alto firewall or Panorama using SSH
  • Python 3.x with pexpect library installed
  • SSH access enabled on the firewall/Panorama

Procedure


NOTE: This procedure involves the use of a custom Python script. This information is provided as-is for informational purposes only. Palo Alto Networks does not provide technical support for third-party applications or custom scripts. Use is at your own risk.

 

  1. Install Python dependencies on your system:
    pip3 install pexpect
  2. Create the Python script by saving the code present in Additional Information as outputs_collector.py 
  3. Edit the configuration section in the script.
     
    # SSH IP Address
IP_ADDRESS = "192.168.1.1"

    # SSH Username
USERNAME = "admin"

    # SSH Password (leave empty to prompt for password)
PASSWORD = ""

    # Output file path
OUTPUT_FILE = "firewall_outputs.log"

    # Outputs to collect / commands to execute
COMMANDS_TO_RUN = [
    'show clock',
    'show session info',
    'show running resource-monitor second last 60',
    'show running resource-monitor minute last 10',
    'debug dataplane pool statistics',
    'show running resource-monitor ingress-backlogs',
    'show counter global filter delta yes',
    'debug dataplane pow performance all'
]

    # Interval between command executions
INTERVAL = 5
  4. Ensure proper permissions for the login account on the firewall/Panorama to execute the configured show commands.
  5. Run the script from command line:
    python3 outputs_collector.py
  6. Enter password when prompted (if PASSWORD was left empty in configuration).
  7. Monitor execution - the script will:
    • Display command outputs on screen
    • Save all outputs to the specified log file
    • Continue running until manually stopped with Ctrl+C
  8. Stop the script by pressing Ctrl+C when data collection is complete.





              
Additional Information

Python Script outputs_collector.py


import pexpect
import sys
import time
import getpass

#######################
# --- Configuration ---
# SSH IP Address
IP_ADDRESS = "192.168.1.1"
# SSH Username
USERNAME = "admin"
# SSH Password (leave empty to prompt for password)
PASSWORD = ""
# Output file path
OUTPUT_FILE = "firewall_outputs.log"
# Outputs to collect / commands to execute
COMMANDS_TO_RUN = [
    'show clock',
    'show session info',
    'show running resource-monitor second last 60',
    'show running resource-monitor minute last 10',
    'debug dataplane pool statistics',
    'show running resource-monitor ingress-backlogs',
    'show counter global filter delta yes',
    'debug dataplane pow performance all'
]
# Interval between command executions
INTERVAL = 5
#######################

# --- Main Script ---
PROMPT = r">\s*$"
if not PASSWORD:
    PASSWORD = getpass.getpass(f"Enter password for {USERNAME}@{IP_ADDRESS}: ")
try:
    print(f"--- Connecting to {IP_ADDRESS} ---")
    fw = pexpect.spawn(f'ssh -o StrictHostKeyChecking=no {USERNAME}@{IP_ADDRESS}')
    fw.expect('[Pp]assword: ')
    fw.sendline(PASSWORD)
    index = fw.expect(['Last login', pexpect.TIMEOUT], timeout=10)
    if index == 0:
        print("--- Successfully logged in ---")
        fw.expect(PROMPT)
    else:
        print("--- Login error: Timeout or Invalid credentials ---")
        fw.close()
        sys.exit(1)

    fw.sendline('set cli scripting-mode on')
    fw.expect(PROMPT)
    fw.sendline('set cli pager off')
    fw.expect(PROMPT)

    with open(OUTPUT_FILE, 'w') as f:
        fw.sendline('show system info')
        fw.expect(PROMPT)
        output = fw.before.decode().strip()
        f.write(output + '\n')
        f.flush()
        while True:
            for command in COMMANDS_TO_RUN:
                fw.sendline(command)
                fw.expect(PROMPT)
                output = fw.before.decode().strip()
                print(output)
                f.write(output + '\n')
                f.flush()
            time.sleep(INTERVAL)

except pexpect.exceptions.EOF:
    print("\nError: Connection closed unexpectedly.")
    print("Last output received:")
    print(fw.before.decode())
except pexpect.exceptions.TIMEOUT:
    print("\nError: Connection timed out.")
    print("Did not receive the expected prompt in time.")
except KeyboardInterrupt:
    print("\n--- Script stopped by user ---")
    fw.close()
finally:
    if 'fw' in locals() and fw.isalive():
        fw.close()



Related article:
How to collect the output of CLI commands periodically using Tera Term script




        
       
      





      

        
        
        

    

    

    

      

        
Other users also viewed:

        

             

               
              

        

    

        

        
        

          
Actions

          
    
           
            
            
            
  • 
                Print
            
    • 
            
  • 
            
    • 
            
  • 
              Copy Link
                
                
    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA1Ki000000TO2EKAW&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail
    
            
    •