Hiya,
I have some questions around the use of scripts in NCM (when remediating a failed compliance check).
I am fairly new to NCM so learning about its capabilities, but do have some previous scripting experience so not a complete noob.
Our versions are NPM 12.0.1 & NCM 7.5.1.
1) Is it possible to capture values from the STRING MATCHING section which are then referenced in the config block remediation script?
Particular use case is to use regex to pull out the VLAN ID, put it as a variable to be used later. When I have previously used regular expressions it has been possible to capture the first match as $1 and the second match as $2.
I suspect that I would need to use a config change template to achieve this, its just a shame as that seems much more complicated to setup.
See screenshot below.
2) I have a compliance policy that references two seperate rules. One is to update an ACL if its wrong - this is working as expected and remediating automatically and shown as Action "Execute Script", the other to apply interface specific config is not remediating automatically but is identifying the correct interfaces and generating the correct config. When looking at the report I am able to manually remediate which is shown as Action "Upload".
Both rules have Redmediation script type set to CLI: Automatically execute when a violation is found, Execute in Config Mode and for the interface script Run script on each block in violation.
Any suggestions as I don't want to have to manually do this?
Ps. I have tried the above with Execute in Config Mode disabled and it still fails but shows as Execute script so thats got nothing to do with it.
Ps. I have already allowed remediation to bypass approval as details here; Success Center
3) I reference the ${SaveConfig} on the ACL change which works, but when using Config block what is the best way to do this (so it happens once at the end?).
Thanks!
Paul Woolnough
