• State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 26 subscribers
  • Views 570 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

The Compliance (and\or) doesn't seem to make sense to me. Help me understand

jdbrande

I have 4 Layer 3 Switches

Lets say for simplicity They are named Router1, Router 2, Router 3, Router 4.

Inside the configs I am looking for those that don't have session-limit 2 in their configs.

However Router1, Router2, and Router3 don't support this command so I want to exclude them from popping positive on the Compliance. 

So I write 

I tried this, and the Routers 1,2,3 are still showing  up in the rule as not compliant

I have tried 

I also Tried this

What can I do to make this work?

  • 0

    , when removing the router conditions and just have session-limit 2 in there and test it against the devices do they show as a violation? here you are defining the string you are looking for, at the policy creation is where you define the nodes it'll be checked against so you don't need to add any of that scoping logic to the rule 

  • 0 in reply to christopher.t.jones123

    Router 1 2 and 3 show in violation because they don't support that specific command.  However There are 23 other stigs that I run in the same Policy that needs to check all 4 Routers

  • 0 in reply to jdbrande

    , the rule is not where you exclude/include logic for checking/not checking a device. The rule is where you define the data you want it to look for. All that other logic is done in the policy section. Trying to add that logic into the rule section is more headache than its worth

    I would recommend this workflow

    - create the rule and validate it works correctly (device that has it shows as not violated and device that doesnt have it shows as violated

    -when creating the policy define that router 1, 2, 3 should not be looked at for this rule. but the 23 other stigs 

    -reports can contain multiple policies and policies can contain multiple rules. I'm sure if you break this up you can find a fit that checks every appropriate rule against every appropriate device.

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.