cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post
Level 8

NCM Compliance - Policy Rule Variables

Is there a way to pass variables (i.e. custom properties for the node) into the string matching section (similar to what you can do in NCM scripting ${Custom_Property_Name}? We want to be able to check for site specific routes on core switches and it seems this feature is lacking in the string matching section.

Labels (1)
0 Kudos
3 Replies

I do not believe this is currently possible, but will come back if I can find a way to do so.

I suggest you add this as a feature request as I can see the benefit of being able to reference such values in the search parameters, whether Regex or plain text.

0 Kudos

Done

0 Kudos
Level 7

I would like to take is a step further and include the ability to run a configuration template like script.  The script would return the search pattern to look for.

/*

.CHANGE_TEMPLATE_DESCRIPTION

        Configure device hostname

.CHANGE_TEMPLATE_TAGS

Cisco

.PLATFORM_DESCRIPTION

        Cisco IOS

.PARAMETER_LABEL @ContextNode

        NCM Node

.PARAMETER_DESCRIPTION @ContextNode

        The node the template will operate on.  All templates require this by default. The target node is selected during the first part of the wizard so it will not be available for selection when defining values of variables.

*/

script SearchScript ( NCM.Nodes @ContextNode )

{

  int @SearchLocation = indexof(@ContextNode.SysName, '.')

  if (@SearchLocation == 0)

  {

     @SearchLocation = StrLength(@ContextNode.SysName)

  } else {

     @SearchLocation = @SearchLocation - 1

  }

  string @STRhostname = substring(@ContextNode.SysName, 1, @SearchLocation)

  SEARCH-RETURN

  {

    REGEX '^hostname @STRhostname'

  }

}

The return could even be a advanced search like

ADV-SEARCH-RETURN

{

  STRING 'exec-timeout 30' AND STRING 'session-timeout 30'

}

WHERE

{

CONFIG-BLOCK-START REGEX '^line vty 0 4'

CONFIG-BLOCK-END REGEX '^(!|end)'

}

These are simplified examples.  Using a scripting language could allow for more complex search patterns that are dependent on the device that is being checked.

0 Kudos