[c-nsp] Syslog Patterns
Phil Mayers
p.mayers at imperial.ac.uk
Wed Jan 18 09:34:02 EST 2012
On 18/01/12 14:26, Peter Rathlev wrote:
> My own experience is that there is no easy way of detecting a real
> configuration change. You can only compare two copies of the
> configuration, and since some things (e.g. "ntp clock-period" and
> timestamps) change more or less by themselves, you cannot even rely on a
> simple diff.
Agreed. We just back it up hourly, filter out noise and let subversion
take care of whether it has changed or not.
I guess CONFIG_I or other pattern matching could be used to trigger a
more timely version of this, but *relying* on the log message is a
recipe for disaster - what if someone does "no logging host x.x.x.x"?
Oops, your config backups stop.
More information about the cisco-nsp
mailing list