cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post
Level 8

Can I expand compliance capabilities with perl?


Hi, I have an installation of NCM on Windows. The config compliance reporting features are very useful, but I was wondering how easy it would be to add some of my own compliance checks via a perl script. For example, suppose I wanted to schedule a perl script to check the latest running-config files of 100 cisco devices to make sure that the descriptions on trunks matched up (i.e. the description on a trunk matches the hostname of the peer). The detailed results of the check could be written to a log file, but, at a minimum, I would want a fail alert to be generated to prompt someone to check the log. I guess there are many ways this might be achieved, for example there may be different ways to schedule the script and different mechanisms for alerting.

Anybody have any general advice on different approaches?

Labels (1)
0 Kudos
6 Replies
Level 18

Hi andy99,

As you suggest, you could schedule a perl script that would check the latest running configs. You can find them in Config Archive (by default in NCM installation directory). If you are able to write such a script, I suppose it shouldn't be difficult for you to extend the script so that it sends an e-mail or SNMP trap when a compliance violation is found.

Jiri

Jiri,

thanks. That is what I might do. It would be good if you could trigger some form of user defined script in the NCM rule definition, which would then return a true or false (violate the rule) result - maybe in the future. That way all your device config compliance would be managed by one system.

Just to confirm (as an example), if I have a 24 port cisco device and I want to check that every port has a description, am i right in thinking I cannot achieve that with the NCM Policy Reporter?

Andy.

0 Kudos

Does help?

Jiri

Jiri,

thanks, yes I think that could help. I've just checked and we are still running NCM 6.0. I think the block feature is in 6.1 and 7 so it looks like we'll have to upgrade.

Thanks, again.

Andy.

0 Kudos

Andy,

Yes, upgrade would be a good choice. If you have active NCM maintenance, you can upgrade to NCM 7.1 release candidate or wait a few weeks for the final release.

Regards,

Jiri

0 Kudos

Jiri,

I believe we have, so will look into it.

Thanks.

Andy.

0 Kudos