Comments
-
You can setup a job to push a command script to all your devices. If they are Cisco they will support the blow command that will only show up interfaces. If they are other vendors I am not sure if they will support it. show int status | e dis|not For NXOS you can use the below as well. show int statu | grep connected
-
The only thing I can think to try is to modify your @String_CLI variable that you have defined. Inside of that variable you are trying to use the @SlashSymbol and that is not in the output of the text either so maybe that is trying to convert the / and the t character (it is interpreted in RexEx as a tab) and that is why…
-
Have you tried to copy the configuration from the stored config in NCM and paste that into the check box and see if that finds the interfaces correctly? Maybe the device you are testing it on via the saved configuration does not have any ports with port-security on it.
-
I did this in the last few months actually using an NCM job that I setup so you can just create a new job to do it for you. Go to CONFIGS>Jobs and select Create New Job Name the job whatever you want, pick the job type of Execute Command Scripts on Devices, and then pick the time you want it to run at then click next.…
-
Hey Jacob, Can you try this one out, I think it will do what you are asking. Rules for easy copy and paste: String Match ^interface GigabitEthernet 2/4[1-7]{1} ^\s{1,}shutdown[\r\n]*$ Search Config File/Block ^interface GigabitEthernet 2/4[1-7]{1} If that works for you here is also a remediation script you can use. Let me…
-
Hi enderaz, I was looking through my NCM instance and I think I see what you are talking about. That area is not talking about a config mismatch on the device itself, though there may be one. What the graph and list are saying is that there are difference between the last downloaded running configuration and the last…
-
I was looking back at this and I modified the Config Block start check. I think the below would provide a bit better matches, but it may need tweaking for you environment if you have different characters in your interface descriptions. ^interface.*[.\r\n\s\w\-\:\(\)\,]*ip address [0-9\.]{7,15} [0-9\.]{7,15}[\r\n]?$
-
I have a current Compliance Check set up to check for some configuration items on Layer 3 only interfaces. I will give a general screenshot below of the setup that you can re-purpose to push your configs to that interface. First go to the Confgs tab, then click on Compliance, and then click on Manage Policy Reports. Then…
-
You can make a job to execute a command script on a set of devices that you select dynamically. You can select all devices that have a model type of SG300 so it will run on all of them so you don't miss any. I don't have any SG300's so I can't do an exact screenshot of what it would look like, but here is a general…
-
Hi Enderaz, I found this in another similar question, can you go to this site and try this. Hopefully that will clear up the issues you are having. Conflict: Running configs and startup configs do not match - SolarWinds Worldwide, LLC. Help and Support
-
You will need to go to Configs and then Jobs and then click on Create New Job as seen below. Here are the steps that you need to do when you are creating the Job. Name the Job, change the Job type to Execute Command Script on Devices and choose a time for it to run. * Choose the Nodes you want to run it on. You can select…
-
Maybe a regex like this will find it. deny\s{1,}ip any any.*[\r\n]permit.*$
-
Can you try this for your RegEx expression and see if that works? I think the regex was getting tripped up on the additional ^ in there so I removed them and tested it, seams to be working on a site that I tested on. ^\s?ip access\-list standard XXX[\r\n]\s?permit 10.0.0.0 0.31.255.255[\r\n]\s?permit 192.168.0.0…
-
Try going into one of the nodes that is having issues and test the account you are trying to use. If you edit the properties of the node and scroll to the bottom where it has Manage Node with NCM check the connection profile that it is using for the device. There is also a test button there that you can use to make sure it…
-
It is possible to set this up, but personally I would do it with a compliance Rule, Policy, and Report in NCM. That way you can look at all your nodes and it can report on the ones where the IP Helper address was found. I can help you setup the Rule, Policy and Report in NCM if you would like.
-
Hi mkoponick. I had the same issue with some of our reports before as well and it could be a number of different issues that are causing this. I would suggest that you open a support request for them to help you with this issue as they would be able to better assist in your environment than we would here.
-
It is possible that they can be used for the different model types, but Cisco would know for sure. I know that I have some 3560 switch that are different model sub type but they all use the same IOS file. You could go through the Software download page and check each appliance version and compare the checksums for the IOS…
-
You could be getting slow response times from the devices as NCM is trying to get logged into them and download the config. Check out this thread as it may be able to help you. NCM 7.4 issue with downloading configs - router timeout
-
I would maybe do something like this. The first line should match any of your approved NTP servers and will pass 2 or more of them are found. The second line checks for any NTP servers that are not one of the approved 3 and it will fail if it finds one of them. You may have to adjust the regex a bit to tailor your exact…
-
For the devices that are showing up as unknown, that means you either do not have a running config or a startup config for that device saved on the NCM server. If you normally backup the running config, setup a one time job to go and grab a copy of the start up config and that will take care of the unknowns. For the ones…
-
I am actually rolling out an IOS upgrade through NCM right now, still in the testing phase though. The built in TFTP server is on the same server as your polling engine and core server. If you have a separate polling server you can use that IP address. The directory on your server is the TFTP-Root folder on the C drive of…
-
The way I interpret the logic in how the script the first if does not actually have any steps to preform and the second one then does it, that is why it fails I believe.You can try it like the below which should work like how you intended it to. It will loop through all nodes, if the vendor is Cisco it will then check if…
-
Not sure what you are trying to match, but this should find all VLANs except for 20-30 on a Cisco switch. ^interface Vlan(?!(2\d{1}|30)).*$
-
Have you tried to connect to the device from the poller that is monitoring it? There could be an ACL in place that is preventing the connection and that is why you are getting connection refused. If you can ssh to the device from the poller then there is something else going on with the device in NCM. I have had some…
-
I have one of these in place now actually, this is the compliance check that I use for usernames. The below will check to ensure that the username is present with MD5 encrypted password. Just repeat this line for however many usernames you have present. Replace username with whatever the actual username is. To ensure that…
-
The way this feature works is it compares the running configuration that it has last backed up to the startup configuration that it just backed up. If the startup configuration is much older than the running configuration in your backed up configs that is the issue. More than likely you are downloading a copy of your…
-
Can you give this one a try, I tested it on the below and it worked there. Should work for your Fortinet as well. .*set private\-key[\s\S]{1,}END ENCRYPTED PRIVATE KEY.*[\r\n]
-
I had some devices in the past that showed up as unknown or the incorrect device type. I wasn't able to find a way to get it down elegantly so I ended up just deleting the node and re-adding it. Not a graceful solution as you would need to fill in all of your custom information again and add it back to whatever groups it…
-
For your compliance report how are you selecting the nodes to run it against? Is it a dynamic selection based off of some criteria such as a custom property or are you running it against all nodes in your instance? You can use that same filter to select the nodes in the Configuration Management tab to download a fresh copy…
-
Hey Jeff, Do you happen to know if you have the Device Template set for the devices that fail or is it set to Auto Determine? It could be that the NCM server is trying to connect the first time with an incorrect device template and that is why you are getting the authentication failure.
