Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1278
Views
0
Helpful
0
Replies

Cisco Prime Infra compliance - finding unwanted commands

Sergey Prishchepa
Spotlight
Spotlight

‎01-05-2019 10:12 PM - edited ‎01-15-2019 05:46 AM

Hello!

I want to create a policy for search unwanted, undesirable commands. Example, I have an ACL:

 ip access-list standard ACL_TEST
    10 deny   any

 

If anyone adds here a some command, example, like this

 ip access-list standard ACL_TEST
    5 permit 1.1.1.1
    10 deny   any

 

 I want to know about it.

I create a policy with two conditions:

1.

Condition Scope - Configuration

Block Options - Parse as Blocks, Block Start Expression 'ip access-list standard ACL_TEST'

Condition Match Criteria - Contains the string 'ip access-list standard ACL_TEST'

Select Match Action - Continue

Select Does not Match Action - Raise a Violation

2.

Condition Scope - Previously Matched Blocks

Condition Match Criteria - Does not match the expression (^ip access-list standard ACL_NTP_Serve-only|^\s*?deny +?any)

Select Match Action - Raise a Violation

Select Does not Match Action - Continue

 

But if ACL_TEST contains 'permit 1.1.1.1' the Compliance Audit Job Completed with Success.

What am I doing wrong?

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents