The ACI Command Line tool allows users to get the most out of their ACI fabric by accessing the most important information from the APIs and stripping away the excess. The tool syntax is built in an intuitive way that makes it easy to extract the desired info. If you want to get all the VRFs in a Tenant, the command is simple "get vrf tenant <tenant_name>.
There are 3 base components of the v1.1 command tool: get object commands, detailed audit reports, and a multithreaded command query tool. The CLI also has the functionality to autocomplete commands, write to a file, rerun previous commands, and grep with or without ignore case. Configuration is stored in an easily readable and modifiable YAML config file called aci_config.yaml which is stored in the ~/ directory.
Get commands are meant to be simple, if you want all of your contracts you simply type "get contract all". If you want specific details about an object you use the name option and provide the name of the object: "get contract name Allow_All"
'get epg all' Name BD Subnets Tenant AP VRF EPs Domains Prov Contracts Cons Contracts --------- ---------- -------------- --------- -------- ---------------- ----- --------- ---------------- ---------------- default default L2_Only infra access overlay-1 10 vmm_odd Allow_All Allow_All 55 55 L2_Only EastRiver Brooklyn Main 10 phys TCP_Only 50 50A 172.20.50.1/22 EastRiver Brooklyn ER 23 phys, vmm TCP_Only Dell Dell_Blade 5.5.5.5/1 Servers Odd Prod 1 phys Allow_All Allow_All 'get epg all dn' uni/tn-EastRiver/ap-Brooklyn/epg-50 uni/tn-EastRiver/ap-Brooklyn/epg-55 uni/tn-Servers/ap-Odd/epg-Dell 'get epg all brief' 50 55 Dell default
'get epg name 50'
Tenant : EastRiver
AP : Brooklyn
EPG : 50
BD : 50A
Subnets : 172.20.50.1/22
VRF : ER
Domains :
Encaps : vlan-50
Endpoints : 23
L3Outs :
Provided Conts :
Consumed Conts : TCP_Only
Scope : 2785280
PC Tag : 32771
Pref Group : exclude
Flood-in-Encap : disabled
Monitor Policy : default
Name Alias :
Shutdown : no
Static Ints :
Interface Mode Encap VPC Name
-------------- ------- ------- ----------
101-102 eth1/5 regular vlan-50 VPC_5
Dynamic Ints :
Interface VMM Node Encap VPC Name
----------- ---------- ------- ----------
'get epg encap vlan 50' Tenant : EastRiver AP : Brooklyn EPG : 50 BD : 50A Subnets : 172.20.50.1/22 VRF : ER Domains : phys Encaps : vlan-50
'get epg interface 1001/1/1'
Tenant : EastRiver
AP : Harlem
EPG : Shakes
BD : Shakes
Subnets : 50.50.55.1/24
VRF : ER
Domains : phys, VC
Encaps : vlan-550, vlan-555
Endpoints : 0
L3Outs :
Provided Conts : default
Consumed Conts :
Scope : 2260992
PC Tag : 49154
Pref Group : include
Flood-in-Encap : disabled
Monitor Policy : default
Name Alias :
Shutdown : no
Tenant : Main
AP : Floor3
EPG : Dell-A
BD : VLAN-100
Subnets : 10.100.10.1/24
VRF : Main
Domains : phys
Encaps : vlan-100
Endpoints : 0
L3Outs : default
Provided Conts : icmp_allow
Consumed Conts :
Scope : 3014656
PC Tag : 16387
Pref Group : exclude
Flood-in-Encap : disabled
Monitor Policy : default
Name Alias :
Shutdown : no
Sort Options: epg, bd, vrf, ap, subnet, ep
'get epg tenant EastRiver sort vrf' Name BD Subnets Tenant AP VRF EPs Domains Prov Contracts Cons Contracts --------- ---------- -------------- --------- -------- ---------------- ----- --------- ---------------- ---------------- 55 55 L2_Only EastRiver Brooklyn Main 10 phys TCP_Only 50 50A 172.20.50.1/22 EastRiver Brooklyn ER 23 phys, vmm TCP_Only
'get epg vrf EastRiver:ER' 50 F5_LB DMZ
'get epg config tenant Dell_Blades' Name BD Subnets EPs FloodOnEncap MonPol Alias PC Tag Scope prefGrMemb Shutdown -------- ---- --------------- ----- -------------- -------- ------- -------- ------- ------------ ---------- CronJobs 300 10.30.30.1/20 0 disabled default 49154 2326528 exclude no 110 110 172.10.110.1/24 0 disabled default 32775 2326528 exclude no 111 111 172.10.111.1/24 0 disabled default 32774 2326528 exclude no 201 201 172.10.201.1/24 0 disabled default 49153 2326528 exclude no
'get bd all' 110 111 201 300 Car Chip Dell2_Car Dell_AI Hotdogs Main_BD New Nutanix Same Shakes Super_long_AP_Name_Car TURKEY Umbrella VLAN-100 VLAN-101 ave-ctrl default default inb 'get bd all dn' uni/tn-Dell_Blades/BD-110 uni/tn-Dell_Blades/BD-111 uni/tn-Dell_Blades/BD-201 uni/tn-Dell_Blades/BD-300 uni/tn-Dell_Blades/BD-Dell_AI uni/tn-Dell_Blades/BD-Nutanix uni/tn-EastRiver/BD-Hotdogs uni/tn-EastRiver/BD-Main_BD uni/tn-EastRiver/BD-Shakes uni/tn-Main/BD-Car uni/tn-Main/BD-Chip uni/tn-Main/BD-Dell2_Car uni/tn-Main/BD-New uni/tn-Main/BD-Same uni/tn-Main/BD-Super_long_AP_Name_Car uni/tn-Main/BD-TURKEY uni/tn-Main/BD-Umbrella uni/tn-Main/BD-VLAN-100 uni/tn-Main/BD-VLAN-101 uni/tn-common/BD-default uni/tn-infra/BD-ave-ctrl uni/tn-infra/BD-default uni/tn-mgmt/BD-inb
'get bd name Hotdogs' Tenant : EastRiver BD : Hotdogs EPGs : Hotdogs Subnets : 50.50.50.1/24 (public) AP : Bronx VRF : ER Domains : VC Encaps : Endpoints : 55 L3Outs : Unicast Routing : yes IP Learning : yes Limit-to-Subnet : yes ARP Flood : yes BUM Traffic : bd-flood Unknown L2 : proxy Unknown Mulicast : flood Name Alias : MAC : 00:22:BD:F8:19:FF Scope : 2260992 PC Tag : 32770
'get bd encap vlan 50' Tenant : EastRiver BD : Hotdogs EPGs : Hotdogs Subnets : 50.50.50.1/24 (public) AP : Bronx VRF : ER Domains : VC Encaps : vlan-50 Endpoints : 55 L3Outs : Unicast Routing : yes IP Learning : yes Limit-to-Subnet : yes ARP Flood : yes BUM Traffic : bd-flood Unknown L2 : proxy Unknown Mulicast : flood Name Alias : MAC : 00:22:BD:F8:19:FF Scope : 2260992 PC Tag : 32770
'get bd config tenant Main' Name EPs UC Routing IP Lrn Limit IP Flood L2 Unk UC L3 Unk MC ARP Flood MAC PC Tag Scope ---------------------- ----- ------------ -------- ---------- ----------- ----------- ----------- ----------- ----------------- -------- ------- Umbrella 55 yes yes encap-flood flood flood yes 00:22:BD:F8:19:FF 49153 3014656 Same 55 yes yes bd-flood proxy flood yes 00:22:BD:F8:19:FF 32774 3014656 TURKEY 55 yes yes bd-flood proxy flood yes 00:22:BD:F8:19:FF 32773 3014656 Super_long_AP_Name_Car 55 yes yes bd-flood proxy flood yes 00:22:BD:F8:19:FF 32771 3014656 VLAN-100 55 yes yes bd-flood proxy flood yes 00:22:BD:F8:19:FF 49154 3014656
'get bd vrf Main:Main' VLAN-101 VLAN-100 New TURKEY Dell2_Car Same Car Chip Umbrella Super_long_AP_Name_Car
'get bd subnet 50.50.55.1/24' Tenant : EastRiver AP : Harlem BD : Shakes EPGs : Shakes Subnets : 50.50.55.1/24 (private) VRF : ER Domains : phys, VC Encaps : vlan-555, vlan-550 Endpoints : 55 L3Outs :
'get bd ip 50.50.55.34' Tenant : EastRiver AP : Harlem BD : Shakes EPGs : Shakes Subnets : 50.50.55.1/24 (private) VRF : ER Domains : phys, VC Encaps : vlan-555, vlan-550 Endpoints : 55 L3Outs :
'get bd tenant Main'
Car
Chip
Dell2_Car
New
Same
Super_long_AP_Name_Car
TURKEY
Umbrella
VLAN-100
VLAN-101
'get bd tenant Main dn'
uni/tn-Main/BD-Car
uni/tn-Main/BD-Chip
uni/tn-Main/BD-Dell2_Car
uni/tn-Main/BD-New
uni/tn-Main/BD-Same
uni/tn-Main/BD-Super_long_AP_Name_Car
uni/tn-Main/BD-TURKEY
uni/tn-Main/BD-Umbrella
uni/tn-Main/BD-VLAN-100
uni/tn-Main/BD-VLAN-101
'get vrf all'
Dell_Blades:Inside
Dell_Blades:Outside
EastRiver:ER
EastRiver:Main
Main:Main
common:copy
common:default
infra:ave-ctrl
infra:overlay-1
mgmt:inb
mgmt:oob
'get vrf tenant EastRiver' EastRiver:ER EastRiver:Main
'get vrf scope 2260992' EastRiver:ER
'get tenant all'
Dell_Blades
EastRiver
Main
common
infra
mgmt
'get tenant name Main' Warning: This is a large query and may take several minutes... Main Endpoints : 40 AP Count : 5 EPG Count : 7 BD Count : 10 Subnet Count : 6 VRF Count : 1 L3Out Count : 1 Interface Count : 2 Encap Count : 2 Nodes : 1001, 1002 Phys Domains : phys VMM Domains : VC L3 Domains : Brooklyn, toCloud Encaps(VLAN) : 100, 101 Encaps(VXLAN) : L3Outs : VRFs : Main APs : Bad, Dell1, Dell2, Floor3, Super_long_AP_Name EPGs : A, B, Car, Car, Dell-A, Dell-B, Car BDs : Umbrella, Same, TURKEY, Super_long_AP_Name_Car, VLAN-100, Car, Chip, VLAN-101, Dell2_Car, New Subnets : 1.1.1.1/24, 1.1.1.1/24, 1.1.1.1/24, 10.100.10.1/24, 10.101.10.1/24, 1.1.1.1/24 Static Ints : Interface Mode Encap VPC Name ----------- ------- -------- ---------- 1001/1/1 regular vlan-100 1002/1/1 regular vlan-101 Dynamic Ints : Interface VMM Node Encap VPC Name ----------- ---------- ------- ----------
'get ap all'
infra
access
ave-ctrl
Main
Bad
Dell1
Dell2
Floor3
EastRiver
Bronx
Harlem
'get ap tenant EastRiver' Bronx Harlem
'get contract all'
common
default
Dell_Blades
Cloud
Permit_TCP
Red
Main
icmp_allow
'get contract tenant Dell_Blades'
Dell_Blades
( vrf ) Cloud
( vrf ) Permit_TCP
(global) Red
'get contract type vrf' Cloud Permit_TCP default icmp_allow
'get contract name icmp_allow'
icmp_allow
Consumers
EPGs
-----------
Main/Dell-B
Providers
EPGs
-----------
Main/Dell-A
'get subnet all'
BD Subnets:
110 - 172.10.110.1/24
111 - 172.10.111.1/24
201 - 172.10.201.1/24
300 - 10.30.30.1/20
Hotdogs - 50.50.50.1/24
New - 1.1.1.1/24
Shakes - 50.50.55.1/24
Super_long_AP_Name_Car - 1.1.1.1/24
TURKEY - 1.1.1.1/24
Umbrella - 1.1.1.1/24
VLAN-100 - 10.100.10.1/24
VLAN-101 - 10.101.10.1/24
EPG Subnets:
'get subnet tenant Main' 1.1.1.1/24 10.100.10.1/24 10.101.10.1/24
'get l3out all'
Backups
Brooklyn_Line
default
toCloud
'get l3out tenant EastRiver' Brooklyn_Line
'get l3out bd 55' toCloud
'get l3out epg Hotdogs' Brooklyn_Line
'get endpoint 10.100.10.57' 10.100.10.57 00:50:ab:cd:e4:f5 Tenant : Main VRF : VRF AP : Floor3 EPG : Dell-A BD : VLAN-100 Subnets : 10.100.10.1/24 Learned : local Interface : 1001/1/35 VLAN 55
'get endpoint vmm' 00:50:ab:cd:de:ad - 10.10.60.5 00:50:ab:cd:de:af - 10.10.70.15
'get endpoint vmm subnets' Tenant: EastRiver 192.168.10.1/24 Tenant: Main 10.10.60.1/24 10.10.70.1/24 10.10.80.1/24
'get domain all'
Physical Domains
Fenway
phys
Layer-2 External Domains
Layer-3 External Domains
Brooklyn
toCloud
FiberChannel Domains
AI
'get domain physical' Fenway phys
'get domain name phys'
Name : phys
Type : physDomP
AEPs : main_aep
VLAN Pool : [phys]-static
EPGs by Tenant ->
Dell_Blades
CronJobs
111
110
EastRiver
Shakes
Main
Dell-B
Dell-A
'get domain tenant Main'
Physical Domains
phys
VMM Domains
VC
L3 Domains
Brooklyn
toCloud
'get domain epg Hotdogs' uni/tn-EastRiver/ap-Bronx/epg-Hotdogs (VMM) VC
'get domain vlan 550'
(l3extDomP) Brooklyn
(l3extDomP) toCloud
(physDomP) phys
'get aep all' LeftIField default main_aep
'get aep name main_aep'
AEP : main_aep
Domains : phys (Physical)
toCloud (Layer-3)
Ports :
1001_1002_VPC eth1/10
1001_1002_VPC eth1/11
1001_1002_VPC eth1/12
leaf_1001 eth1/1-48
leaf_1002 eth1/1-48
'get pool all'
VLAN Pools:
vmm
vlan-3000 - vlan-3500
phys
vlan-90 - vlan-94
vlan-95 - vlan-98
vlan-100 - vlan-1000
vlan-1001 - vlan-1100
FC
vlan-3501 - vlan-3510
bunker
vlan-400 - vlan-700
VSAN Pools:
100
vsan-100 - vsan-100
VXLAN Pools:
'get pool vlan'
vmm
vlan-3000 - vlan-3500
phys
vlan-90 - vlan-94
vlan-95 - vlan-98
vlan-100 - vlan-1000
vlan-1001 - vlan-1100
FC
vlan-3501 - vlan-3510
bunker
vlan-400 - vlan-700
'get pool vlan 555'
phys
vlan-90 - vlan-94
vlan-95 - vlan-98
vlan-100 - vlan-1000 <<<<<
vlan-1001 - vlan-1100
bunker
vlan-400 - vlan-700 <<<<<
'get pool vsan'
100
vsan-100 - vsan-100
'get pool vsan 100'
100
vsan-100 - vsan-100 <<<<<
'get pool vxlan'
red
vxlan-45000 - vxlan-46000
'get pool vxlan 45789'
red
vxlan-45000 - vxlan-46000 <<<<
'get fault summary' [ 1] critical : F0104 - This fault occurs when a bond interface on a controller is in the link-down state. [ 9] major : F1419 - This fault occurs when a Data Management Engine (DME) process fails on a controller [ 12] major : F0101 - This fault occurs when a storage device fails on a controller [ 1] major : F1528 - This fault occurs when storage capacity utilization is between 85% and 90% [ 2] major : F1318 - This fault occurs when PSU are not detected correctly [ 1] minor : F0523 - This fault occurs when an End Point Group is incompletely or incorrectly configured. [ 6] minor : F1295 - This fault is raised when a Date and Time Policy (datetime:Pol) fails to apply due to configuration issues. [ 1] minor : F4149 - This fault occurs when you remove LC/FM/SUP/SC from the slot [ 17] minor : F0467 - This fault occurs when an End Point Group is incompletely or incorrectly configured. [ 2] warning : F1207 - This fault occurs when the operational state of the arp adjacency is down [ 6] warning : F110344 - Threshold crossing alert for class l2IngrBytesPart5min, property dropRate [ 12] warning : F100480 - Threshold crossing alert for class eqptIngrDropPkts5min, property errorRate [ 6] warning : F112296 - Threshold crossing alert for class l2IngrPktsPart5min, property dropRate [ 12] warning : F100264 - Threshold crossing alert for class eqptIngrDropPkts5min, property bufferRate
'get fault last day'
'get audit last hour brief' 'get audit last day'
'get audit user_list last day' admin maredford
'get audit user maredford last day'
'get neighbor cdp' ACI Interface Name Platform Remote Port Version --------------- --------- ------------- ----------- ---------- 201/5/1 leaf-1001 C98180YC Eth1/45 4.2 201/5/2 leaf-1002 C98180YC Eth1/45 4.2 1001/1/41 apic42 APIC-M2 Eth1/4 4.2 1001/1/49 spine-201 9336C Eth1/1 4.2 1002/1/49 spine-201 9336C Eth1/40 4.2
'get neighbor lldp' ACI Interface Name Remote Port Remote IP Platform --------------- --------- ----------------- ----------- ---------- 201/5/1 leaf-1001 16:96:17:47:34:92 10.0.160.64 ACI 201/5/2 leaf-1002 86:a2:97:32:c1:ea 10.0.160.66 ACI 1001/1/41 apic42 8e:d2:70:24:9a:19 10.0.0.1 ACI 1001/1/49 spine-201 0a:b6:b1:2a:fe:45 10.0.160.65 ACI 1002/1/49 spine-201 e2:25:c0:ae:f1:1f 10.0.160.65 ACI
'get neighbor lldp node 201' ACI Interface Name Remote Port Remote IP Platform --------------- --------- ----------------- ----------- ---------- 201/5/1 leaf-1001 16:96:17:47:34:92 10.0.160.64 ACI 201/5/2 leaf-1002 86:a2:97:32:c1:ea 10.0.160.66 ACI
'get info node 1001' Node : LEAF 1001 Name : leaf-1001 State : IN-SERVICE Version : simsw-4.2(7l) Model : N9K-C9396PX Serial : TEP-1-101 Pod : 1 Overlay IP : 10.0.160.64 Inband IP : 0.0.0.0 Inb Gateway : 0.0.0.0 OOB IP : 0.0.0.0 OOB Gateway : 0.0.0.0 Last Reset : 2025-07-09T18:38:13.400+00:00 Reset Reason : unknown Interfaces : eth1/1 - eth1/60
'get info border-leaf'
Node ID - L3Out Interfaces
1001 - 1/5, 1/39
1002 - 1/5
'get info spine'
Node : SPINE 201
Name : spine-201
State : IN-SERVICE
Version : simsw-4.2(7l)
Model : N9K-C9508
Serial : TEP-1-103
Pod : 1
Overlay IP : 10.0.160.65
Inband IP : 0.0.0.0
Inb Gateway : 0.0.0.0
OOB IP : 0.0.0.0
OOB Gateway : 0.0.0.0
Last Reset : 2025-07-09T18:38:13.501+00:00
Reset Reason : unknown
Linecards :
N9K-X9732C-EX FOX-950769 unknown
N9K-X9732C-EX FOX-950769 unknown
N9K-X9732C-EX FOX-950769 unknown
N9K-X9732C-EX FOX-950769 unknown
N9K-X9732C-EX FOX-950769 unknown
N9K-X9732C-EX FOX-950769 unknown
N9K-X9732C-EX FOX-950769 unknown
N9K-X9732C-EX FOX-950769 unknown
N9K-X9732C-EX FOX-950769 unknown
N9K-X9732C-EX FOX-950769 unknown
N9K-X9732C-EX FOX-950769 unknown
N9K-X9732C-EX FOX-950769 unknown
Fabric Cards :
N9K-C9508-FM FOX-796275 unknown
N9K-C9508-FM FOX-115920 unknown
'get info vpc'
Nodes in VPC:
1001-1002
Nodes NOT in VPC:
300
301
305
306
'get info fabric' APICs : 1 Spines : 1 Leafs : 2 << APICs >> State ID Pod Name Overlay Addr Inband Addr OOB Addr Version Serial Model ---------- ---- ----- ------ -------------- ------------- ---------- --------- --------- ----------------------- in-service 1 1 apic42 10.0.0.1 192.168.11.1 10.10.20.2 4.2(7l) TEP-1-1 VMware Virtual Platform << Spines >> State ID Pod Name Overlay Addr Inband Addr OOB Addr Version Serial Model ---------- ---- ----- --------- -------------- ------------- ---------- ------------- --------- --------- in-service 201 1 spine-201 10.0.160.65 0.0.0.0 0.0.0.0 simsw-4.2(7l) TEP-1-103 N9K-C9508 << Leafs >> State ID Pod Name Overlay Addr Inband Addr OOB Addr Version Serial Model ---------- ---- ----- --------- -------------- ------------- ---------- ------------- --------- ----------- in-service 1001 1 leaf-1001 10.0.160.64 0.0.0.0 0.0.0.0 simsw-4.2(7l) TEP-1-101 N9K-C9396PX in-service 1002 1 leaf-1002 10.0.160.66 0.0.0.0 0.0.0.0 simsw-4.2(7l) TEP-1-102 N9K-C9396PX
'get serial 'FDO3493DX'
SN : FDO3493DX
Type : Node
Info : spine-201
'get sclass 16387' EPG -> Scope: 3014656 uni/tn-Main/ap-Floor3/epg-Dell-A EPG -> Scope: 2260992 uni/tn-EastRiver/ap-Bronx/epg-Hotdogs BD -> Scope: 2326528 uni/tn-Dell_Blades/BD-Dell_AI BD -> Scope: 2457600 uni/tn-mgmt/BD-inb
'site list' Configured Sites: 1 - West 10.10.20.5
'site add'
'site 2'
Reports are deep-dive insights for your fabric. These commands are large and take several minutes to run. Once complete, the the report will be saved in the same directory that the CLI tool is launched from with the report type and time as the name of the file.
Report Unused will look through your entire fabric for configuration objects that are not being utilized. The unused object DNs are provided. Future releases will allow for automatic removal.
===== Unused Tenants =====
Total: 1
uni/tn-Vanilla
===== Unused APs =====
Total: 2
uni/tn-Dell_Blades/ap-Outside_DMZ
uni/tn-common/ap-default
===== Unused BDs =====
Total: 10
uni/tn-Dell_Blades/BD-Dell_AI
uni/tn-Dell_Blades/BD-Nutanix
uni/tn-EastRiver/BD-Main_BD
uni/tn-Main/BD-Chip
uni/tn-Main/BD-Dell2_Car
uni/tn-Main/BD-Super_long_AP_Name_Car
uni/tn-Main/BD-TURKEY
uni/tn-Main/BD-Umbrella
uni/tn-common/BD-default
uni/tn-mgmt/BD-inb
===== Unused EPGs =====
Total: 11
uni/tn-Dell_Blades/ap-Block_A/epg-111
uni/tn-Dell_Blades/ap-Block_B/epg-201
uni/tn-Dell_Blades/ap-Block_C/epg-CronJobs
uni/tn-EastRiver/ap-Bronx/epg-Hotdogs
uni/tn-Main/ap-Bad/epg-A
uni/tn-Main/ap-Bad/epg-B
uni/tn-Main/ap-Dell1/epg-Car
uni/tn-Main/ap-Dell2/epg-Car
uni/tn-Main/ap-Super_long_AP_Name/epg-Car
uni/tn-infra/ap-access/epg-default
uni/tn-infra/ap-ave-ctrl/epg-ave-ctrl
===== Unused Contracts =====
Total: 1
uni/tn-Dell_Blades/brc-Red
===== Unused VRFs =====
Total: 2
uni/tn-common/ctx-copy
uni/tn-mgmt/ctx-oob
===== Unused L3Outs =====
Total: 1
uni/tn-common/out-default
Report Fabric returns object counts from your fabric, as well as endpoint types. It also shows a list of all direct neighbors and their hardware types. It also provides a list of tenants by endpoint count which can give you an idea of how large each of your tenants are.
===== Object Counts =====
Tenants : 6
APs : 14
VRFs : 11
EPGs : 15
BDs : 23
L3outs : 4
Contracts : 5
VLAN Pools : 6
VSAN Pools : 1
AEPs : 4
Phys Domains : 2
L3 Domains : 2
L2 Domains : 0
===== Endpoint Counts =====
Local EPs : 1201
VMM EPs : 980
Total EPs : 2153
EP Counts by Tenant :
1550 : Dell_Blades
344 : EastRiver
301 : Main
===== Neighbors =====
Total Neighbors: 6
Hardware Type Neighbor Name
Nexus 9548 Router-East-1
Nexus 9548 Router-East-2
Nexus 9548 Router-East-3
Nexus 9548 Router-East-4
ASR 1001V Foundation
Catalyst 6500 Lab Core
Report Audits will generate a report that provides a detailed breakdown about the changes being made in the fabric. The report will output a text file called Audit_Report_xxxx.txt, where xxxx is the current date and time. The SPAM List is which keywords have been flagged as "spam" when trying to look at audit logs. Two examples are "pageCount", which is simply when the user modifies the pageCount of objects in a table in the GUI, and "Snapshot" which is the daily back-up that is taken. These two audits happen very frequently, but are of no use to an end user, so they are omitted from the Audit Logs at the bottom.
Example Output Total Log Count: 34,501 Oldest Audit Log: 03-05-2025T01:01:01 Newest Audit Log: 05-05-2025T01:01:01 Total Time: 61 Days Top Users That Made Changes: (10,220) apeacock (344) david (4) admin Audit SPAM List: pageCount Snapshot Audit Logs: xxxxx xxxxx xxxxx
Report Faults will convert all your fault records to a human readable form as well as return the oldest fault time, total fault time, faults by count, and current fault summary. The Fault SPAM list shows the current keywords that are omitted from the Fault Records in this report.
Total Record Count: 84,125 Oldest Fault Log: 03-05-2025T01:53:23 Newest Fault Log: 05-05-2025T22:12:53 Total Time: 61 days Top Faults by Count: (124) F1234 - EPG is not in Use (54) F0245 - VPC peer is down Fault SPAM List pageCount Snapshot Fault Summary (current active faults): F2393 - EPG no in Use F942 - cert expired Fault Records: xxxxx xxxxx xxxxx
Report Serial returns a list of all ACI Nodes, Chassis, Fabric Cards, and Transceivers.
===== ACI Nodes ===== FCH2215V164 APIC-SERVER-M2 dc4-apic1 FDO22423E3Z N9K-C9336C-FX2 dc4-lf2 FDO21521MT9 N9K-C9348GC-FXP dc4-lf1 FDO24111AES N9K-C9364C dc4-sp1 ===== ACI Chassis ===== ===== Fabric Cards ===== FDO14929134 N9K-C93843-FM FDO14330034 N9K-C93843-FM FDO19138030 N9K-C93843-FM FDO31989133 N9K-C93843-FM ===== Transceivers ===== FNS181800LG 10Gbase-SR AGD133431SH 10Gbase-SR AGA13334ZTA 10Gbase-SR FIS1952102G-A QSFP-100G-AOC10M FIS19521046-B QSFP-100G-AOC10M FIW204212VW-A QSFP-100G-AOC5M FIW210323S3-A QSFP-100G-AOC5M FIW210833MG-B QSFP-100G-AOC5M FIW2108345L-B QSFP-100G-AOC5M AVM1817S1UU QSFP-41G-SR-BD AVM1928U1VR QSFP-41G-SR-BD
The cmd tool allows you to query the NXOS CLI on multiple nodes in parallel. This is very powerful if you are troubleshooting issues across multiple boxes at once. You also have the option of saving your most used commands and recalling them at any time.
All commands are saved in the "aci_config.yaml" file under the user_commands dictionary.
This command allows you to run a query on the local CLI for a set of either leafs, spines, or apics. This query is run in parallel across all devices. Your command should be in quotations.
cmd apics "acidiag avread"
Alternatively, you can choose to run a query on a subset of nodes. Use a CSL (comma separated list) to select the nodes, and quotations to denote the command.
cmd nodes 113,205,333 "show version | i Ver"
The cmd tool allows users to store their commands in the aci_config.yaml file under an integer.
cmd create 5 nodes 111,112,113 "show ip int bri vrf Servers:Dell"
You can run a saved cmd by simply typing cmd and then the integer where the cmd is stored.
cmd 5
This command allows users to see a list of all saved cmds in aci_config.yaml.
cmd list
You can redirect the outputs of any "get" command to either a text or json file. The JSON write is especially helpful when used in tandem with the "dn" options. This will allow you to easily get all the "dn" information in an easily consumable format for Ansible, Terraform, or Python.
To write to a text file, add a pipe write (| write) to the end of the command and specify the file name. This will save the file as a text with the provided name in the current directory.
get bd all dn | write my_bds
To write to a text file, add a pipe json (| json) to the end of the command and specify the file name. This will save the file as a json with the provided name in the current directory.
get bd all dn | json my_bds
Grep functionality can be applied to any command by adding a pipe (|) to the end of any "get" command (reports and cmd excluded). There are 3 different supported grep types:
To add a new site, you can use the "site add" command. This will prompt you for the site name and IP address. Use "site <site_id>" to switch to the desired site and use "site list" to view all current sites.
All site configs are stored in the "aci_config.yaml" config file in the home directory (~/).
To remove a site, you can simply manually delete it from the aci_config.yaml file. Make sure to remove both the site name and IP address.
All stored configuration is saved in a YAML file called "aci_config.yaml". This is always stored in the home directory, or ~/. The following information is stored:
To change the username, simply modify the "Username" field in the "aci_config.yaml" file.
To change the password, you must delete the password line in the "aci_config.yaml" file and then run the CLI tool again. At start-up it will prompt you for the new password.