Is there a way to do a compliance check on things that are not in a configuration file? For instance on Cisco I need to see that the SNMPv3 user is set up, so I run a command "show snmp user" and look for specific output. Also, I need to make sure the RSA key modulus is 2048 so I have to run (depending on version) "show ssh key". Is there any way to get a compliance report on something like that?
under the ncm settings you can create new config types. Each config type is really just a set of commands you want it to run and record the output, so i have set up new config types for various show commands i was interested in tracking/parsing.
After you create a custom config type you need to edit the device template for your gear so it knows what command it needs to send when you ask for it to download an "rsa" config.
Then you add that new config type to the backup jobs since the default ones only grab running and startup configs and you can set up new compliance policies that target that specific config type.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.