LSM 2.5 Compliance Script Syntax

kevin_miller · ‎09-19-2005

Hello all.

I'm having trouble with compliance script syntax in LMS 2.5.

The syntax is pretty easy if I know what to match. For example:

+ logging 10.16.20.32 <- matches that line exactly

- logging [#10\.16\.20\.*#] <- matches 10.16.20.1, 2, 3, etc.

I want to match everything EXCEPT one server. Assume I have the config on a router:

logging 10.16.20.32

logging 10.17.10.200

logging 10.208.34.2

I want to ensure 10.16.20.32 is defined, and remove all others. But, I

don't know the IPs of the others.

+ logging 10.16.20.32

- logging [#10\.16\.20\.32#] <- how do I negate this??

I want the second line to match both:

logging 10.17.10.200

logging 10.208.34.2

smalkeric · ‎09-23-2005

I think you can add like

logging [#10\.16\.20\.2#]

It will look for both 10.17.10.200 and 10.208.34.2

kevin_miller · ‎09-25-2005

Thanks to two of the network management trainers at Networkers, I've got my answer. Here are some things that work:

- logging [LOGSERVER]

Notes - LOGSERVER is a placeholder that could be anything. This matches all lines with a single parameter - including the correct one in the config, but it also matches lines with other parameters - like "logging sync"

- logging [#(\d+\.?)+#]

Notes - This matches all logging lines with an IP address as a parameter. This works but also matches the line that I don't want to remove.

- logging [#(?!10\.16\.20\.32).*#]

Notes - This uses a negative lookahead search. The current matching code in Ciscoworks does anchored pattern matches so you must add ".*" to the end of the line. You must use an advanced baseline with multiple instances selected.

So, this last example solves my problem.