Every network engineer knows the pain. Your network is underdocumented, and the reason is simple: writing documentation manually takes longer than doing the actual work. So it never gets done. Or it gets done once and is outdated within a week.
This workflow changes the math. Five Python scripts, one AI prompt, and about 10 minutes. You go from raw show command output to a finished, structured runbook. And the whole thing is designed so you never paste real credentials or internal data into an AI tool.
The Problem
Documentation debt is real. In a mid-market environment with a small team, you are managing dozens of devices across multiple vendors. Nobody has time to manually document every interface, every VLAN, every routing adjacency. But when something breaks at 2 AM, that documentation is exactly what you wish you had.
The usual approaches do not work:
- Manual documentation takes hours and is outdated immediately
- Network management tools generate raw data dumps, not readable docs
- Existing automation requires programming skills most network engineers do not have
The Workflow
This is a 5-step pipeline. Each step is a standalone Python script. You run them in order.
Step 1: Collect (01-collector.py)
Netmiko connects to all your devices over SSH and runs role-based show commands. Routers get routing-specific commands. Switches get switching-specific commands. All output is saved to timestamped text files.
python 01-collector.py
The script prompts for credentials once and uses them for all devices. Output goes to output/<timestamp>/<device>.txt.
Step 2: Redact (02-redactor.py)
Before anything touches an AI tool, the redactor strips sensitive data. It handles 11 categories: credentials, IP addresses, hostnames, MAC addresses, serial numbers, usernames, certificates, timestamps, versions, interface descriptions, and VLAN names. Credentials are always redacted. Everything else is opt-in.
python 02-redactor.py --input-dir output/<timestamp>/ --redact-all
The redactor generates a map.json file that maps every placeholder back to its real value. This file never leaves your machine.
Step 3: Assemble Prompt (03-prompt-assembler.py)
This script takes the redacted output and builds a paste-ready prompt. It includes a token estimate so you know what you are working with, and a 3-step guide for what to do next.
python 03-prompt-assembler.py --input-dir output/<timestamp>/redacted/
You copy the assembled prompt and paste it into Claude, ChatGPT, or whichever AI tool you prefer. The AI generates a structured runbook from the redacted device data.
Step 4: Restore (04-restore.py)
Once you have the AI-generated documentation, the restore script takes the runbook and the map.json file and swaps all placeholders back to real values. The final document has your actual hostnames, IPs, and device details, but the AI never saw them.
python 04-restore.py output/<timestamp>/runbook.md output/<timestamp>/redacted/map.json
Step 5: Generate Diagram (05-diagram-generator.py)
This one is a bonus. It parses CDP neighbor data and interface information from the collected output and generates a draw.io network topology diagram. No AI needed. Runs entirely offline with Cisco-style icons and interface labels.
python 05-diagram-generator.py --input-dir output/<timestamp>/
Why Redaction Matters
This is not optional. If you paste raw show commands into a public AI tool, you are potentially exposing internal IPs, hostnames, credentials embedded in configs, and network architecture details. The redact-then-restore approach gives you the benefit of AI-generated documentation without the security risk.
The redactor was tested against real device output and verified with AI-assisted review to catch edge cases like hostname cross-references across files and VLAN name patterns that could leak internal naming conventions.
What You Get
At the end of this workflow, you have:
- A structured, readable runbook with real device data
- A network topology diagram you can open in draw.io
- All generated from live device output, not manually typed
- The whole process takes about 10 minutes for a 3-device lab, and scales from there
Honest Assessment
This workflow is not perfect. A few things to know:
- The AI-generated runbook is a strong first draft, not a finished document. You should review it and add context that only you know.
- Truncated interface descriptions in show output can sometimes slip past the redactor. These are minor leaks but worth being aware of.
- The quality of the documentation depends on which show commands you collect. The collector script is configurable so you can add commands for your environment.
- Token limits matter. Large environments may need to split the prompt across multiple passes.
Get the Scripts
Everything from this video is open source and free:
Download the scripts, clone the lab topology, and run the full workflow yourself. The README includes step-by-step setup instructions so you can replicate it in your own CML environment.