Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
163
Views
0
Helpful
4
Replies

DNAC reconfigures SNMP & logging from time to time on network devices

Sylvain_Che
Level 1
Level 1

‎09-04-2024 04:33 AM

Hi,

What is the reason DNAC reconfigures from time to time the SNMP and logging settings (I identified at least these 2 features)?

I see this on several DNAC deployments. Without visible reason to me, DNAC removes for example the "logging source-interface" command before re-adding a few seconds later. It does this for several network devices (but not all) at the same time.

In some environments it gives us some troubles (without mentioning https://community.cisco.com/t5/cisco-catalyst-center/router-provisioning-changes-ntp-source-interface/m-p/5163708/highlight/true#M10008  topic).

Sylvain.

0 Helpful
4 Replies 4

leestanton0931
Level 1
Level 1

‎09-04-2024 04:42 AM

DNAC (Cisco DNA Center) might reconfigure SNMP and logging settings due to its automated management and optimization processes. It can adjust these settings to ensure compliance with its policies or to align with updates and changes in the network topology.

This reconfiguration can occur due to several factors, including:

  • Device Discovery Processes: DNAC may be attempting to reconcile device configurations during its discovery or telemetry polling processes, which can lead to temporary changes in settings as it aligns the device state with its database.
  • Telemetry and Monitoring Adjustments: As DNAC collects telemetry data, it may modify settings to optimize data collection or to respond to changes in the network environment.
  • Network Policy Enforcement: DNAC enforces certain network policies that may require adjustments to logging and SNMP settings, especially if it detects inconsistencies or if devices are not reporting as expected.

If these changes are causing operational issues, it may be beneficial to review the configuration policies set within DNAC and ensure they align with your network requirements. Additionally, checking for any software updates or known issues in the version you are using could provide further insights into this behavior.

0 Helpful

Sylvain_Che
Level 1
Level 1
In response to leestanton0931

‎09-05-2024 04:09 AM

Not convinced. My devices are already discovered and are already configured with the right source-interface settings.

0 Helpful

Dan Rowe
Cisco Employee
Cisco Employee
In response to Sylvain_Che

‎09-05-2024 07:58 AM

Force an assurance configuration push and do a 'generate configuration preview'... In the configuration preview, you will see Catalyst Center will always remove the SNMP/Syslog configuration and re-add it. 

0 Helpful

Sylvain_Che
Level 1
Level 1
In response to Dan Rowe

‎09-05-2024 08:14 AM

But why?
In my situation, during this small time frame (between the "no source-interface xxx" and the "source-interface xxx"), my devices may sends syslogs via another interface which trigger a security alert to our SOC team.

Is there any way to change this behaviour? I was thinking about disabling Device Controllability but maybe not the best idea.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card