Compliance reporting using the output of the "show run all"

Question

I don't think this is possible, so maybe this can turn into a feature request.

Our security team identified a vulnerability where Cisco offers a workaround to minimize the attack vector. The workaround has to do with enabling a command (if it's available in the IOS version). Unfortunately, when this command is enabled, it only shows up in the "show run all" output. Is there a way in NCM to search the "show running all" output? I'm only looking into this as a way of automating that the command is on the device rather than accessing each device one at a time.

I think my only option for proving to our security team that this was done was providing the email notifications that the push was successful via NCM.

I have a case open on this so I will respond when I hear from them.

wluther · Accepted Answer

orionfan ​ You can create additional config types to download. (Running, Startup, Show All, DHCP, etc.) From that new config type, you would setup a job to download, then you can run compliance reports off the new config. I do this for DHCP, so I can get counts of active subscribers, as of the config downloaded that morning/previous night. To create the new config type, you will need to add a new type to the device template, as well as create the new device type in the NCM settings. Here is a link to a similar question, in regards to creating the new config type: Re: Use Solarwinds to Track CMD History on Cisco Devices And here is a link to how I used this with compliance reports: (there are likely far better examples than mine, out there) Compliance Report, Summarize &amp; Count Multiple Violations Per Device The compliance report part of it SHOULD work as it normally would, as there is nothing really special/different about the process. Thank you, -Will

Compliance reporting using the output of the "show run all"

Top Replies