[nsp] Suggestions on Versioning Control
Theo P. Zourzouvillys
theo at crazygreek.co.uk
Tue Nov 18 11:29:31 EST 2003
-----BEGIN PGP SIGNED MESSAGE-----
On Tuesday 18 November 2003 3:56 pm, Kenny Stoltz wrote:
> Does anyone have any good suggestions on a system for versioning for
> config files? I don't particularly see anything that cisco can do to
> make it work, but i think maybe some custom perl scripts + cvs might
> work pretty well, but I wish I could have it track every change rather
> than daily changes. Any ideas?
I knocked up a quick script that handles an snmp trap for a user loging out,
that then tells the router/switch to tftp it's config to my tftp server, upon
which the script diffs it against an old copy and mails me the changes.
the script is at <http://zozo.org.uk/downloads/cisco-logout.txt>, useful if
you are prepeaed to hack it around, but you'd probably be better off writting
of course, normal security issues apply.
it would be better if ios raised a trap whenever the config was changed. you
could probablt do this by mointoring syslog for SYS-5-CONFIG_I), but hey...
ohh, and i've not used the script in a live enviroment, it was merely as a
proof of concept for somethign i was doign a while ago, so, really no blame
on me for thigns it does, please ;)
<theo at crazygreek.co.uk>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the cisco-nsp