NCMs Compliance Reports feature is the best solution for what you have described. Using this approach allows you to remediate all nodes in violation or just an individual node. Remediation scripts can also be run as part of the job.
The process of creating the rules, policies and reports can be found here Ensure compliance to policy rules
Thank you Tony, indeed that's what I did yesterday, I figured out how to do this with compliance reports, I just wish Solarwinds had more detailed guides on how to write those logical statements and different useful RegEx statements. This is what I did and I'm gonna apply it for the example in my original post:
- Under "String Matching", I checked "String is found", then checked "Advanced Config Search" right under
- I did "must contain" >> "RegEx expression" >> "switchport port-security maximum 3\b(\r)?\n" (without the quotation marks!)
- Under "SEARCH CONFIG FILE/BLOCK", checked "Config block" that way we're looking at all interfaces
- I defined the start block as: "^interface .*Ethernet" (without the quotation marks!) that way I could have all interfaces be it Gig, TenGig and so on
- The config block end is just a "!" (without the quotation marks!)
- Then I checked the "Regular Expression (RegEx) underneath and "Do NOT trigger this alert if config block is not found"
- Under "REMEDIATION", I checked the following:
- Run Script on each config block in violation
- Execute script in Config Mode
- And finally this is how the box would be populated:
- switchport port-security maximum 5
I guess I answered my own question, hopefully, this will help somebody else as well one day!