I do not have an answer, but I have a similar situation.
After checking for ACL compliance of a particular ACL; I want to report on any additional ACL assignments not already defined by the Policy rules.
I want to report on any added device ACL rules that are not part of the defined Cirrus ACL rules.
I do not know about a negation option within the RedEx engine; but I thought allowing the use of Boolean logic between defined rules would be beneficial.
The best solution I have been able to come up with, is a pattern match across multiple lines (i.e. block of text).
For an acl list, this means that you can include the remark at the top of the access list, and the deny any at the bottom.So for an acl like this...
access-list 49 permit 10.1.1.11
access-list 49 deny any
You can create a rule like this...access-list 49 remark Management Server\s+access-list 49 permit 10\.1\.1\.11\s+access-list 49 deny any