Comments
-
The rules that you can setup can get very in depth and you would be surprised what you can check for. If the ACL's and other stuff are pretty consistent across your network you can setup compliance rules for them. I have one setup for my network that runs every day, but will email me every week to let me know the…
-
I just uploaded a policy for this so you can check it out, its called IP Helper Address and it is in the Content Exchange. It has two different policies for it, a fail if found and a fail if not found. Modify it to suite you needs as it is just checking for a Helper Address of 1.1.1.1 right now. Let me know if you have any…
-
Ok I just created a report and uploaded it to the content exchange area on thwack. The report is called IP Helper Address and it will need to be modified a bit by changing the actual IP address in the rule. Also you can change the policy to check only selected nodes but I currently have it checking the configurations on…
-
I do not have one currently available for import. I can make a guide and post it in here on how to do it though. Give me a little bit and I will post it later today for you.
-
Can you see if all of the devices that are having errors are on the same poller? If the devices are on the same poller and every devices that is managed in NCM on that poller is having issues it may be an issue with the NCM poller software on that poller. Could be a version miss match between the version on the poller and…
-
It could be another random issue. Have you logged into the physical (or virtual) server that the poller software is on and tested the connection to the device that way? If you can SSH or Telnet from the actual server desktop then the problem is narrowed down to the SolarWinds configuration somewhere.
-
Ok, the above will exclude any VLAN interface from 20 to 30, but if you wanted to do other VLAN's aside from that you would need to modify it like the below for your example ^interface Vlan(?!(10|15|2[0-2]{1})).*$ To modify it for your needs exactly just change this part (10|15|2[0-2]{1}) to have only the VLAN's you want…
-
Glad you were able to get it working. That is weird that you had to delete it and recreate the rule though. As CourtseyIT said though there may have been an extra line return or space in there somewhere that could have caused that.
-
I have a few questions for you really quick, but I have an idea that may work via a compliance check. What type of devices are these (Cisco, Juniper, etc)? Do you already have the folder structure in place and do the folder names exactly match the hostname of the device?
-
Ok I think that I found a way to get the best of both worlds like cnorborg was wanting. For the actual rule it will be regex and look like this. For the Config block start and end try this out. And finally for your remediation script try this out. That will end up clearing any snmp-server host that is configured on there…
-
This one should work well for you to give you an idea of what you need. Just need to modify it for the snmp-server host instead and you should be all set. Thanks for linking that wluther, I was looking for that one too before I realized that you had already posted it.
-
I am not sure if there is a way to dynamically download configs in NCM via a compliance check failure, though there may be. You could create a new custom property and you set to true or false to track the failures, though that would be a lot of manual intervention for you. Maybe someone else on here may know of a way to…
-
You would go to Settings>Manage Nodes and then find the node that has the interface and click the + sign to expand the node and show the interfaces. If you want to delete the interface you would just check the box and then click the X on the top that says delete. If you want to do as wluther suggested and "Display as…
-
That is odd that you couldn't even exclude the first line. Hopefully support can get you all sorted out, sorry it didn't work for you.
-
You may need to alter your search config block rule. It would need to look something like the below which would search for your rules on each individual interface and then alert when it does not find it and give you the interface that is failing. Here is an example violation that uses a config block filter similar to that…
-
Jeff, I am seeing three different device templates for Dell PowerConnect switches, though I am not sure if that is the type of switch that you have. It is true that it should affect all of the devices, but as you said it is happening to random switches each day and there is no describable pattern in the failures. There are…
-
The carrot at the front means the start of a string (beginning of the line), so if they happen to see any spaces between the start of the line and the word Running then it would not get ignored. From the looks of the picture they have attached it appears that the Startup Configuration line was ignored in the previous…
-
How is the data stored in the database? I have never written a SQL report before and I would like a NetPath report for one of the items I am tracking.
-
It should be something like this I think. This is the filter pattern that should work for you. If it doesn't let me know and I can adjust it. ^\s*ip tacacs source\-interface.*[\r\n]*$ This will do a show run on the device but filter the output in the job log to only have the lines that include ip tacacs source-interface in…
-
With an additional line at the end it will. I only check for any additional permits with mine, but you can change it to check for additional denies as well. For additional permits it will look something like this. ^\s?permit (?!(10\.0\.0\.0 0\.31\.255\.255|192\.168\.0\.0 0\.0\.255\.255|172\.16\.0\.0…
-
I know this is 5 years old but I just started having this issue myself. I tried the tip you gave about changing the Subsequent failures, ours was set to Take No Action and I just changed it to Restart the Service. I bet that fixes it like you said. Thanks.
-
I would check the Data source and see if the rule is there correctly. Below is a screenshot of what is should look like, though it should be this as default. I believe the report also runs off of the configs in NCM so if your nodes do not have a backed up copy of the configuration that may be why there is no activity to…
-
Thanks for more insight on this Craig, I ended up playing around with it some more and I got it to finally work the way I had intended it to (thankfully). The violations show a bit funny, but that is just the limitation of Solar Winds. Here are the rules that I have to check for it, just in case anybody else wants to…
-
Ok so I wrote the check and I am running across an issue where it will not actually find any violations if I purposely leave out one of the addresses that should be in there. I am getting the entries to flag as found when I am writing it in Notepad++ and doing a regex search but in SolarWinds it does not find it. Can you…
-
Thanks for the information Craig, I will look through it and see which one works best but a quick glance makes me think the second link may be a bit better for my use. I will try it out and let you know for sure.
-
Most programming language will run sequentially so it could be that you are using @filename before you actually declare what @filename is. Can you try and put the string@filename = @ContextNode.NodeCaption before the string @path = @TFTP + ':/' + @DIRECTORY + '/' + @filename. That may alleviate the issue that you are…
-
No worries cnorborg, my actual username is kind of long and probably hard to find. It is christopher.a.thornton@gmail.com as I didn't know that is what I would be tagged as and used my email address for my username to make it easier haha.
-
You can use something like the below I think in the config block start. I tried a flavor of it on a different policy that I have and it flagged a bunch of extra lines so it needs cleaning up. This will search to see if interface Multilink *** is present and if it is it will then search for the second part which is…
-
This should work for what you are needed. You can modify it to fit your needs such as changing the username, privilege level, and password encryption type as needed. Let me know if you have any issues. Entries you can copy and paste ^username USERA privilege 15 secret 5 [$/A-Za-z0-9\.]{20,30}[\r\n]*$ ^username USERB…
-
Can you try this one below. That should match only the admin username and leave the other one to check. ^username admin password.*[\r\n]*$
