10-03-2016 09:49 AM
Hello - I'm making a compliance policy in PI for QoS checking. I would like to create a policy that would look to make sure that QoS is applied appropriately to all of the switch interfaces. Is there a way that PI can do this within the Compliance Policies configuration?
Solved! Go to Solution.
10-04-2016 02:32 PM
Andrew,
The attached XML file contains the definition for a Compliance Policy that will review the desired commands on ports that are configured as Access, Trunk or Port-channel.
Extract it and import it under Configuration > Compliance > Policies.
Next, create the Profile under Config > Compliance > Profiles and add the Policy to it. From there you can run it on the desired devices.
Please rate the thread if this helps.
Luis
10-05-2016 01:25 PM
Andrew,
You should be able to edit the rule and add a new condition. Make the condition scope "Device Properties", device property "OS Version". Condition match criteria is "Evaluate expression" with value <_IOS_Version> >= <15.0>.
Luis - feel free to set me straight if I'm not quite correct - I'm learning this bit. :)
10-03-2016 03:13 PM
Hi Andrew,
PI should be able to check the desired interfaces for the commands you need. However, a few details need to be known.
For example, do you mean all interfaces including physical and logical? SVIs, Port-Channels, etc?
Are the same QoS commands consistently configured in all of them or is there something that changes, like a policy-name or similar?
The reason for these questions is because we can configure the policy to look for a static command, or use regex to match certain expressions.
Thanks,
Luis
10-04-2016 06:37 AM
Here is the standard's conguration that they want me to check against.
Trunk >
auto qos voip trust
mls qos trust dscp
priority-queue out
Port-Channel>
srr-queue bandwidth share 1 30 35 5
priority-queue out
mls qos trust dscp
Access>
auto qos voip cisco-softphone
mls qos trust dscp
priority-queue out
10-04-2016 02:32 PM
Andrew,
The attached XML file contains the definition for a Compliance Policy that will review the desired commands on ports that are configured as Access, Trunk or Port-channel.
Extract it and import it under Configuration > Compliance > Policies.
Next, create the Profile under Config > Compliance > Profiles and add the Policy to it. From there you can run it on the desired devices.
Please rate the thread if this helps.
Luis
10-04-2016 02:38 PM
This is perfect. Thank you.
10-05-2016 08:42 AM
Just out of curiosity is there a way to ensure that this runs only on IOS version 15+? Is that done in the report setup when you select the devices, or can you make that in the policy itself?
The reason I'm asking is that the syntax changes a bit between IOS.
10-05-2016 01:25 PM
Andrew,
You should be able to edit the rule and add a new condition. Make the condition scope "Device Properties", device property "OS Version". Condition match criteria is "Evaluate expression" with value <_IOS_Version> >= <15.0>.
Luis - feel free to set me straight if I'm not quite correct - I'm learning this bit. :)
10-05-2016 01:29 PM
that's it, perfect!
11-03-2016 11:24 PM
I've been doing a fair bit with compliance with interactive rules and multiline working OK, but I need a rule that applies two different lines based on IOS version. I have 12.x and 15.x so wanted to do "if 15.x run a, otherwise it's 12 so check command present and run y" ... Possible?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: