cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post
Level 9

Example Remediation Script?

Can anybody provide an example of a simple remediation script for a Cisco device?  It seems none of the built-in rules have this in place, and I'm not sure where to get started when comparing to config-change scripts.

For a simple example, I'd like to start with standardizing my logging buffer size, since we tend to have them set to whatever the admin at the time felt was appropriate.  Looking at the built in rule:

16384.PNG

What do I need to put in the box in order to log into the router, enter the commands ("logging buffered 16384"), and then save the configuration?

Tags (2)
0 Kudos
2 Replies
Level 9

So, I guess I should have just tried it.

I initially wrote:

CLI {

conf t

logging buffered 16384

end

wr

}

This gave me errors on the first and last lines.  Redoing it with just the commands appears to work fine.

However, that brings up the next question: Is there any way to do more complex structure (a la configuration change scripts) in policy remediation scripts?

Also, is there any way to make it automatically pull the updated running-config so that the changes will show up in the report right away?

0 Kudos

In the remediation block paste following command:

---snip---

configure terminal

logging buffered 16384

end

copy running-config startup-config

---snap---

use this box as a normal ssh-window.

kind regards,

Flo

0 Kudos