05-29-2017 06:04 AM - edited 03-01-2019 03:51 AM
Solved! Go to Solution.
05-29-2017 06:04 AM
NSO has built in support for compliance reporting that will check that all devices and services are configured as expected. It also shows details for any discrepancies, such as a misconfigured VPN on an interface. The report also includes details about all changes that have been performed in the network.
05-29-2017 06:04 AM
NSO has built in support for compliance reporting that will check that all devices and services are configured as expected. It also shows details for any discrepancies, such as a misconfigured VPN on an interface. The report also includes details about all changes that have been performed in the network.
05-29-2017 10:15 AM
Just to add,
There are several ways to accomplish compliance reporting in NSO.
First: Service Models. NSO can run a native compliance report against all instances of a service model in NSO. This will tell what instances are not compliant and what needs to be resolved. You can also do individual service instance Check-Sync to run compliance for an individual service. Whats nice with this method is you can do native outformat. Personally, I like this and have looped over services getting the outformat in python then exported to CSV for easier sharing than the native reports. Just 2 cents.
Second: Device Templates. You can also define templates and compare device configurations to the templates. for example if you have a static config that you want check you could write a quick template and check devices against it. You can also create templates with variables, how ever I find it cleaner to use service models when you need that capability, however templates are an option.
Third: Code it! To me the beauty of NSO lies in the cDB. You have a full structured database of your network, use it! If templates or services are to much overhead to you, or if you dont want to clutter up your NSO with extra models and templates write a quick script in python that loops over a device group, specific devices, or what ever you want and checks if they are compliant. If you haven't used the python ncs library you should try, its very well written and easy to use.
Hope that helps,
Brandon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide