Okay this has been a bit of a challenge but I created working REGEX expressions to check a port against being either a switchport, routed, shutdown, having port security or having dot1x. First question;
I made the regex to parse the scripts from interface A to interface B, I tried to have it go from interface A to ! which appears in every running config between each interface, this would of simplified things a great deal but NCM policy auditor seems to ignore all the "!'s" in the config so I couldnt match on them, am I missing something?
Next I made 49 rules for fa0/1-48 (2 for fa0/24 depending on if its a 24 or 48 port switch). I made policies for each type of switch and applied rules to the appropriate switches based on the criteria of (model contains 356024 or 356048) and included the REGEX rule to also look for dot1x system-auth-control and after prepending fa0/1 - fa0/9 to insure synchronous ordering the reports look awesome showing exactly where we have violations and it seems to process at about 10-20 seconds or per switch which is very acceptable. The problem is next I am doing 3750 templates that will also have to include stacked 3750's that could have over 200 ports so obviously making these templates are very time consuming and tedious! I have 3 networks I am running this on, I need to be able to export all the rules/policies/reports so that I can pump these into the other 2 networks without having to completely rebuild all this stuff. I have looked and I dont see the files anywhere for this and suspect that this is all kept in the SQL database. Can someone please tell me what I need to do to export/import all the rules/policies/reports from NCM policy auditor?
The consolation prize is that I can provide the templates to Solarwinds/Thwack for others to use. Any and all information would be greatly appreciated!
The working REGEX's look like this;
FastEthernet0/1 Port Security Audit
---------------------------------------------------------------------
interface FastEthernet0/1(.*\n)*.*shutdown(.*\n)*.*interface FastEthernet0/2|interface FastEthernet0/1(.*\n)*.*switchport mode trunk(.*\n)*.*interface FastEthernet0/2|interface FastEthernet0/1(.*\n)*.*ip address.*(.*\n)*.*interface FastEthernet0/2|interface FastEthernet0/1(.*\n)*.*switchport mode access(.*\n)*.*dot1x pae authenticator(.*\n)*.*dot1x port-control auto(.*\n)*.*interface FastEthernet0/2|interface FastEthernet0/1(.*\n)*.*switchport mode access(.*\n)*.*switchport port-security(.*\n)*.*switchport port-security mac-address sticky ....\.....\......(.*\n)*.*interface FastEthernet0/2
FastEthernet0/2 Port Security Audit
---------------------------------------------------------------------
interface FastEthernet0/2(.*\n)*.*shutdown(.*\n)*.*interface FastEthernet0/3|interface FastEthernet0/2(.*\n)*.*switchport mode trunk(.*\n)*.*interface FastEthernet0/3|interface FastEthernet0/2(.*\n)*.*ip address.*(.*\n)*.*interface FastEthernet0/3|interface FastEthernet0/2(.*\n)*.*switchport mode access(.*\n)*.*dot1x pae authenticator(.*\n)*.*dot1x port-control auto(.*\n)*.*interface FastEthernet0/3|interface FastEthernet0/2(.*\n)*.*switchport mode access(.*\n)*.*switchport port-security(.*\n)*.*switchport port-security mac-address sticky ....\.....\......(.*\n)*.*interface FastEthernet0/3
etc...
and
.*dot1x system-auth-control.*
-TCK
