We're using Prime Infrastructure 3.1 and while I've only ever used Prime to manage WLCs before, my understanding is that as of v3, it does a whole lot more that WLCs.  Trouble is, I just cant find example of what I'm attempting to do.  My only real reference at this point has been the Prime Infrastructure Admin, User, and Reference Guides.  If Prime is NOT the tool I should use, then that would be good to know.

My biggest complaint about what I've seen is that Prime would be great for building something from scratch,  Simply create all your templates, and start deploying new gear.

Problem is, I already have a deployed network, and I want it all to be audited and compliant, not just the new stuff.

Examples of what I'd like to do is as follows:

1. Verify that for each device (router, switch, WLC, etc...), I have hundreds, btw. 
1. On a scheduled basis (hourly, maybe) if necessary, have a current configuration saved in a centralized location (similar to RANCID, back in the day)
2. Check configs for:
1. disabled http
2. disabled telnet 
3. disabled ssh v1
4. enabled ssh v2
5. existence of specific local accounts
6. note deviation of any non-standard local accounts
7. ensure security settings (password-encryption, hashing techniques are standard per platform)
8. possible collect hashes, verify that they are hashing known passwords.

I was thinking that the Compliance and Audit module would do all this but it appears to only handle WLCs.

If I have to, I can easily start running something like RANCID and writing/running python scripts, but this sound like the sort of thing that Prime Infrastructure should be able to do.  Also, other than one 5-day class., "Managing Enterprise Networks with Cisco Prime", which is only offered by Learning Services in a few locations, I can't find any formal training in this product.  It is also not clear to me what version of Prime software is featured in this class.