This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.

You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Anyone know a command to remove any snmp-server host without having to specify the ip?

tlight over 7 years ago

Trying to build a remediation script that will remove any and all unwanted snmp-server hosts without having to specify the ip address (such as by wildcarding it or using place holders instead of the actual ip).

Say I have: "snmp-server host 1.1.1.1" and "snmp-server host 2.2.2.2" in my device

I want to remove "snmp-server host 2.2.2.2" while also writing the script to remove any snmp that is different (so it will also knock out 1.1.1.1 but that's okay since my next line adds only that in). Say for some reason "snmp-server host 3.3.3.3" is in the device. I don't want to have to write out the command "no snmp-server host 3.3.3.3" as I feel there might be a wildcard or placeholder technique to remove all of them and it would be more efficient.

Also, I have tried techniques such as using config block start/end to make the necessary changes when an snmp-server host is wrong. This works to change and remove wrong snmp-server hosts, however I run into problems when a device has no snmp-server host already in place and I want the same rule/remediation to fix the problem. I think this is because the device does not see a start so decides to not insert in the script even though its alerting me that it is not there, not sure why it would offer to alert me and then not offer a way to fix it. Any thoughts?

So at the end of the day one technique I can't remediate when the line is absent from the start and the other technique I can't remove the snmp-server hosts without being specific. I know I can do this in two rules but my manager did not like that, so I am trying to find a way to build it into one. Any help would be great.

0 wluther over 7 years ago

tlight I believe cnorborg has posted a solution to this same question/use case. I have it bookmarked, somewhere, and will post a link to it here once I find it again. But, you might want to take a look through his content, and see if you can find it first. I think his post was showing a way to do it through the compliance reporting part of NCM, using a nice little regex trick.
Cancel
Vote Up 0 Vote Down

Cancel
0 wluther over 7 years ago in reply to wluther

You should be able to apply the solution from this thread, Filtering for incorrect logging hosts, to your needs.
I am pretty sure that is the link I was thinking of, however, if I find another one of his, I'll leave a link here.
Thank you,
-Will
Cancel
Vote Up 0 Vote Down

Cancel
0 wluther over 7 years ago

tlight Here is the post I was actually thinking about, although the previously mentioned post is the same thing.
Automated Config clean up
Please let us know if it is the solution you are looking for.
Thank you,
-Will
Cancel
Vote Up 0 Vote Down

Cancel
0 christopher.a.thornton over 7 years ago in reply to wluther

This one should work well for you to give you an idea of what you need. Just need to modify it for the snmp-server host instead and you should be all set. Thanks for linking that wluther, I was looking for that one too before I realized that you had already posted it.
Cancel
Vote Up 0 Vote Down

Cancel
0 tlight over 7 years ago in reply to wluther

Hi wluther,
This works for everything except when I try to remediate when no snmp-server host is already in the device. Because I tell it to search the config for a specific block start, if that start does not already exist it does not insert in the correct script. For example:
my remediation is:
no ${ConfigBlockStartLine}
snmp-server host 1.1.1.1
and my start/end block is:
^snmp-server host (?:(?!1.1.1.1).* and .*
2 things can either happen.
1)If the device has an incorrect snmp-server host, then it removes all of them and inserts the correct script (which it does perfectly and I want)
2)If the device does not have an snmp-server host in it then it does nothing, the preview just says "no script" and running it changes nothing. I believe this is the case because the software looks through and does not see the config block (since it's not there), so it does nothing and fails to put in the correct script. Which makes the "alert me when the config block is not found" useless... because it won't remediate for the missing config block and put it in. Why alert me and not solve the problem? I think what might work would be if/then/else if that is possible. Something that goes "if" the device does not have an snmp-server host "then" it puts one in "else" it fixes the wrong snmp-server host.
Cancel
Vote Up 0 Vote Down

Cancel
0 tlight over 7 years ago

Right... I have tried using the "no snmp-server host" command to remove unwanted lines, which works only if you include a specific ip address. My goal is to not have to include a specific ip address, but instead remove all no matter what they are and insert the correct one all within one rule. I read that article earlier, maybe I missed something, but I didn't see anything in it that would help too much
Cancel
Vote Up 0 Vote Down

Cancel
0 tlight over 7 years ago in reply to christopher.a.thornton

Yes it does a great job of explaining how it works and then doing the trick! Just one part I can't get it to do, see below for my problem and example.
Cancel
Vote Up 0 Vote Down

Cancel
0 cnorborg over 7 years ago in reply to tlight

Guessing you either read the wrong one, or stopped reading. The solution to what you want to do is in this:
Filtering for incorrect logging hosts
I did discover that the initial solution didn't work in specific cases, including what you're mentioning. So this link should work for you.
Should also note that this ONLY checks for incorrect logging hosts, NOT the existence of a correct one. You will need another rule that simply checks to see if the one you want exists, and if not, puts it in there. That's the easy stuff, finding all the incorrect ones was the hard part...
If you can figure out how to definitively do it in a single rule, I'd love to know!!
Cancel
Vote Up 0 Vote Down

Cancel
0 christopher.a.thornton over 7 years ago in reply to tlight

Ok I think that I found a way to get the best of both worlds like cnorborg was wanting.
For the actual rule it will be regex and look like this.
For the Config block start and end try this out.
And finally for your remediation script try this out.
That will end up clearing any snmp-server host that is configured on there and then replace it with what is correct underneath. It may end up deleting them a few times and replacing it a few times due to running it on each block in violation, but that should remove any that should not be there and add in the ones that should. I am not sure if the remediation script will work properly if there are no snmp-server hosts configured at all though.
Cancel
Vote Up 0 Vote Down

Cancel
0 tlight over 7 years ago in reply to cnorborg

Sorry that last comment about reading the article was to someone else who posted the page leading me to cisco's site and just had definitions of commands. Trust me I have read everything I can find by you and at this point probably have some of your answer posts memorized! They really have been helpful.
Also, like ChrisT said above I was able to add a string in the advanced config search that just said "and" "must contain" and then the string I wanted. The combo makes sure my specific string is there and alerts me if its missing or if other, unnecessary strings are in the device. But alas, I still cannot get it to add in a string when no start block is found. Which just seems silly to me that they provide an alert for a missing config block but no way to remediate it within that rule. Probably will try and convince my manager that two rules is the way to go on this one.
Cancel
Vote Up 0 Vote Down

Cancel