Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4017
Views
0
Helpful
4
Replies

Get "sh run all" using snmp

distahl
Level 1
Level 1

‎10-21-2020 03:43 AM - edited ‎10-21-2020 03:49 AM

Hi,

 

I want to check the config of our routers/switches in our network, using a script, for correct config lines. But some commands are shown differently on the devices (depending on the hw / ios version). On some devices a command is shown in running-config and on others the command is a default one and is only showing up in "sh run all". 

 

So as all custom commands also are shown inside "sh run all" / "system:default-running-config" it would be the best approach to read this and check if a config command is there. But I'm stuck at getting this information using snmp. I cannot find a working snmp OID to accomplish this.

 

I already tried "ccCopy..." OIDs and thought maybe the "iosFile" could help accessing "system:default-running-config", but this already fails because with those OIDs it is only allowed to copy files to or from run/startup config. Not from iosFile to networkFile.

 

I also tried the "ciscoFlashCopy..." OIDs. But while trying this I saw that it is not possible to access "system:". I cann only access "flash:", "webui:" and "crashinfo:". So this also isn't working.

 

Does anyone know another possible approach I could try.

! It needs to be SNMP !

 

Thanks in advance

Labels:
0 Helpful
4 Replies 4

balaji.bandi
Hall of Fame
Hall of Fame

‎10-21-2020 03:51 AM - edited ‎10-21-2020 03:53 AM

I would do below approach - not sure what is your end goal.

 

i will write a script out of box to get device information and validate (based on security practice of your business)

show run all (ALL will pull hidden configuration, which default configured) - i will ignore with all (i do compare show run - if you have any reason to pull all - that is different discussion).

 

You need to Load some SNMP OID based on the model and device, so i would go above steps so the script run on any device to pull the config and compare and audit.

 

make sense ? or tell us any thing i am missing here to understand the requirement.

 

EDIT : if you like only SNMP limited to devices :

 

https://www.cisco.com/c/en/us/support/docs/ip/simple-network-management-protocol-snmp/15217-copy-configs-snmp.html

https://www.cisco.com/c/en/us/support/docs/ip/simple-network-management-protocol-snmp/7910-11-7910.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

distahl
Level 1
Level 1
In response to balaji.bandi

‎10-21-2020 03:56 AM

As already written. It needs to be the "all" output, because on some devices a config line is default and on some others the same config  line isn't. So to be sure the line is active/configured I'm forced to see the "all" output.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to distahl

‎10-21-2020 03:57 AM

Sure and understand, then you can do out of the box script to pull and compare.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

marce1000
VIP
VIP

‎10-21-2020 03:51 AM

 

 - I very much doubt this is possible , as you mention CISCO-COPY-CONFIG-MIB , can for instance be used to copy the config to an external destination or vice versa , but that's all (no run-all will be included).

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful
Customers Also Viewed These Support Documents