• State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 25 subscribers
  • Views 199 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Interface Level Checking

reheindel

I placed the following post on the NCM RC forum, but that forum does not get much activity.

I am bumping it over to here for feedback from the community - to gauge if there is much interest in the functionality I am asking for. 

============

I loaded the 6.1 RC, and I love the additional functionality of specifying a config block to check, as well as the ability to do multiple must contain/must not contain checks within a rule.

I still have an obstacle that I am trying to overcome when it comes to interface level checking.

An 'if' conditional check would be extremtly beneficial, for example:

IF interface block contains "ip address *

  config block MUST CONTAIN no ip redirects

  config block MUST CONTAIN no ip directed broadcast.

END of config block check (rule).

The absence of an IP address on the interface will nullify the need for the previous must contain statements.

Does that make sense, or anybody else see a need for this functionality?

Thanks development for all the work that has gone into the RC release, seems to be some GREAT performance gains in the inventory reporting.

Regards,

Bob

  • 0

    OK, I think after some fiddling around I am able to get what I need for the time being.

    I would still like to propose that the policy reporter be enhanced to include some "IF CONDITION" checking.

    Here is a screen shot of my rule.

    Based upon the existence of an ip address on an interface, the interface must also have "no ip redirects", "no ip unreachables", and "no ip proxy-arp".

     

  • 0 in reply to reheindel

    Here is what the violation details look like for an interface that was missing the "no ip proxy-arp" startement.

  • 0

    Bob,

    Right now we just have a shell for the interface level checking. 

     

    Right now the rules do not support wildcards in the generation of rules using Regex.  If I keyed off of  "ip address" then I will come across interfaces that are not-active "shutdown", sub-interfaces, and vlans. 

    As you have seen there are many requirements for interfaces.  Some are spelled out in the use of no ip redirects and some are not in the use of Descriptions. 

    I hope I have provided you some framework to further develop your policies. 

    I have used this format to go through several inspections.  All the inspectors loved the results and once I showed them how it worked and they reviewed my rules the inspection time was reduced drastically and my management had a birds eye view of were we should at a moments notice. 

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.