cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

Adding the "Ignore text field" to Device.Backup.Running Config

Adding the "Ignore text field" to Device.Backup.Running Config

It would be very nice if the "Ignore text field", which is available in Device.Backup.TFTP, Report.Compare.Two files and Report.Compare.Running Startup (could be in other jobs too, but those are the ones i found) could be implemented in the "Device.Backup.Running Config" job. Often there are certificates or other things that varies that we would like to be able to "ignore" when changing, so not to generate a config change report for each and every run.

http://www.kiwisyslog.com/help/cattools/index.html?act_ignoretext.htm


10 Comments
Level 14

Depending on which device type you are using, you may be able to add ignore text via the Device Variations feature.

Not all device types support variations just yet, so if the device type you are using doesn't (and it won't work with the 'Generic.Device' device type) then post back which devices you would like to see Variations added to.

Regards,

Steve

Level 7

Thanks Steve, that seems like it will solve it for the Sonicwall's i am managing, but the variations tab is not implemented on Fortigate. So, halfway there 🙂

Magnus

Level 7

Hi.

Unfortunately my ignoretext attempts have failed with the Sonicwalls...

I have tried with both single lines of text to be ignored, aswell as multiple lines as described on the ignore text page, ie. {start of block text match}-{end of block text match}

Currently i have this setup, but it is generating an email everytime it runs.

BACKUP_IGNORETEXT = "^auxSyslogConn0"

BACKUP_IGNORETEXT = "^auxSyslogConn1"

BACKUP_IGNORETEXT = "^remaining)"

BACKUP_IGNORETEXT = "^ExpireTicks:"

I have tried to Read The Fine Manual, but apparently i am missing something

Thanks for the help.

- Magnus

Level 14

Hi Magnus,

Looks like there is a problem loading the variations overrides for the new SonicWall device script.

I have created an internal ticket for the CatTools project team to review.  

The ticket reference is: 186956.

Regards,

Steve

Level 14

Hi Magnus,

Thought I'd let you know that the issue with the variations overrides not loading on the new SonicWall.SonicOS device type has been fixed and a HotFix is available for download in the customer portal.

Regards,

Steve

Level 7

Thanks Steve, it seems to work better now, even if it is not working all

the way

For the Sonicwalls, I have variations configured like this:

^Cookie:

^auxSyslogConn0

^auxSyslogConn1

^remaining)

^ExpireTicks:

<GW

^SPI

^Responder

^Initiator

{<GW:}-{^SPI:}

{VPN.SA.Configuration.Section}-|VPN.SA.Configuration.Section

It seems to honor ^ statements but not < and definitely not {}-{}

Right now I would like to match lines that begin with GW: but not lines

that just has GW within them, preferrably i would like to match

the {VPN.SA.Configuration.Section}-|VPN.SA.Configuration.Section

statement and exclude the entire section.

As you can probably see from the convoluted variations statements, i have

been trying several different ways to match text, based on

http://www.kiwisyslog.com/help/cattools/index.html?act_ignoretext.htm

I can provide further debugs if you would like.

The part i am trying to ignore is in regards to current vpn tunnels.

Thank you.

-- Magnus Hansson

http://twitter.com/hanssonmagnus

http://www.linkedin.com/in/hanssonmagnus

On 19 November 2012 23:01, Steve Welsh <

Level 14

Hi Magnus,

The ignore block can be very tricky to set-up correctly.  I would need to see the HTML diff file and (if possible) the configs being compared, or at least an extract of them which includes the lines you are trying to ignore so I can find the correct syntax for the ignore text.

I have sent you a friend request so I can gather this information from you offline (as I guess you probably don't want to post firewall configs on a public forum).

Steve

Level 7

So, after some emailing back and forth with Steve Welsh offlist (and issuance of a patched version of the solarwinds scripts) this is now working just fine.

It is worth it to point out that <>^ are not regex. Those modifiers work fine in the Backup Ignore Text field, as long as you are not trying to ignore block text. If you do try to ignore block text , in other words {[Ss]tart.[Oo]f.[Tt]ext}-{[Ee]nd.[Oo]f.[Tt]ext} it follows regex notation.

So i want to send a big THANK YOU to Steve and his fellow Solarwinds developers for their help.

Level 14

Thanks Magnus for posting back...  it was my pleasure to help.

Level 8

The nortel.aplication.switch doesn't support variations and it shows changes at every backup because it generates ephemeral session keys every time someone logs in. I would like to have the possibility to ignore the "secret" lines so I don't get changes reported at every back-up. So please add variations to nortel.application.switch type.