[c-nsp] Tool To Backup Configurations
john heasley
heas at shrubbery.net
Wed Jan 5 14:26:00 EST 2011
Tue, Jan 04, 2011 at 11:06:28PM +1300, Terry Rupeni:
> previously we had used a commercial product Solarwinds Configuration/Policy
> Manager. One thing we found useful in Solarwinds was a policy Reporter where
> you could easily script the manager to go through device configs and flag
> those devices that have say for example "ip http server" in the config. Is
> this possible/easy to do in Rancid?
it does not have such a capability. better, IMO; you're free to roll your
own scripts to read the diff(1) emails and tag additions of such offensive
configuration. Or, use cron jobs to periodically run audit scripts over
the saved configs.
IIRC, Joe Abley & Steven Stuart wrote some auditing scripts that were
presented at the last Eugene, Oregon NANOG.
and, the rancid dist comes with an example or two of auxiliary scripts in
its share directory.
More information about the cisco-nsp
mailing list