ACI Security Report¶
This application provides simple audit reports that can be used for compliance checks or security audits.
This reporting application is included in the
acitoolkit package when downloaded using the
git clone method
of installation. The application can be found in the
The application is started from the command line. In its simplest form, it can be invoked by the following command:
The full command help is shown below:
python aci-report-security-audit.py -h usage: aci-report-security-audit.py [-h] [-u URL] [-l LOGIN] [-p PASSWORD] [--csv CSV] Simple application that logs on to the APIC and produces a report that can be used for security compliance auditing. optional arguments: -h, --help show this help message and exit -u URL, --url URL APIC URL e.g. http://18.104.22.168 -l LOGIN, --login LOGIN APIC login ID. -p PASSWORD, --password PASSWORD APIC login password. --csv CSV Output to a CSV file.
By default, the audit report is displayed on the screen as comma separated values. If the
--csv command line option
is provided, the output will be sent to the specified filename in proper CSV format.
Each row of the report contains the following information:
* Tenant name * Context (VRF) name * Bridge Domain name * Application Profile name * EPG name * Number of Consumer EPG Endpoints * Provided Contract name * Number of Providing EPG Endpoints * Consumed Contract name * Protocol specified in the Filter entry * Source port range specified in the Filter entry * Destination port range specified in the Filter entry