All, sorry for this but I'm new to NCM and am having a problem. I'm obviously doing something wrong ... but I really don't see what!!
Basically I'm trying to create a series of rules in NCM 7.1 so that I don't have to manually audit security policy on a group of 40ish Cisco devices. All seems simple enough as I create the rule:
Name: ACL applied to SNMP Access
String Matching: Alert on rule below if String is found
String: ^snmp-server community .*R[OW] *$
String Type: Regex
Clicking on Test and pasting in the entire running config from the router returns with a correct result. The relevant section is:
snmp-server community dummyPass123 RO 23
snmp-server community dummyPass@56 RW 23
snmp-server community shouldFail123 RO
snmp-server community shouldFail@56 RW
snmp-server community n@c RO
snmp-server community n@c12345 RW
and the lines in red are indeed flagged so I'm confident on the expression. However, if I include that rule into a policy, and then into a report, I don't see any matches recorded. I know for certain that more than 50% of my switches should fail this test but count absolutely none. There is another test that I created, in the same report, which is looking at the length of the community string and that appears to be working correctly ... which would seem to suggest that the config is being parsed and it's just something stupid on my part! Unfortunately I have a few other rules that are failing in a similar way and I'm just confused now - any ideas welcomed!!
