Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1234
Views
5
Helpful
1
Replies

How to debug NACM-rules

Go to solution
DTtb
Level 1
Level 1

‎02-06-2020 07:34 AM

Hi all,

 

I had problems with some NACM rule definition and wanted to debug it.

I am doing a REST-API-call to NCS 4.7.2 instance and would like to see, which NACM rules were hit during the API-call, or maybe no NACM rule were hit due to misconfiguration.

 

Does exist some capabilities to debug it?

 

Thanks.

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
vleijon
Cisco Employee
Cisco Employee

‎02-06-2020 09:05 AM

From the NSO admin guide: “For the rule processing to be written to the devel log, the /ncs-config/logs/developer-loglevel entry in ncs.conf must be set to trace.”

It also says “log-if-permit – If this leaf is present, an entry is written to the developer log for a matching request also when action is permit. This is very useful when debugging command rules.”

I haven’t tried either of these options, but hopefully it is enough for your case.

View solution in original post

1 Reply 1

Go to solution
vleijon
Cisco Employee
Cisco Employee

‎02-06-2020 09:05 AM

From the NSO admin guide: “For the rule processing to be written to the devel log, the /ncs-config/logs/developer-loglevel entry in ncs.conf must be set to trace.”

It also says “log-if-permit – If this leaf is present, an entry is written to the developer log for a matching request also when action is permit. This is very useful when debugging command rules.”

I haven’t tried either of these options, but hopefully it is enough for your case.

Customers Also Viewed These Support Documents