Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
868
Views
0
Helpful
2
Replies

Question about "show configuration" in CLI

danielsomerfield
Level 1
Level 1

‎02-07-2011 02:31 PM - edited ‎03-01-2019 09:49 AM

I need to track configuration changes to a UCS 6120 XP and it seems the most thorough way to do it I have found is the "show configuration" command. I diff the results of this versus a prior call. I have a couple of questions about this mechanism:

- Are there changes that can be made that won't be reflected in the "show configuration"? For example, if someone updates the firmware, that won't be reflected. It seems I would have to issue a "show package" or "show image" in the firmware scope. Are there other things like this that indicate configuration changes that wouldn't be captured by the "show configuration" command?

- Related to this: is it safe to use the "show configuration" and compare it? Are there cases where the results would be different, even if nothing has changed? This seems not to be the case, however, I have dealt with device configurations where the order of the configuration elements are not deterministic. So you reboot the machine and the configuration "changes". So far, I have not seen that happen in this case, but I am wondering if that is something I need to worry about.

Thanks much!

0 Helpful
2 Replies 2

abbharga
Level 4
Level 4

‎02-08-2011 11:24 AM

Hi Daniel,

A few points which might help you with this:

1) Its safe to use the show configuration command,

2) Any changes made from the GUI are saved / commited right away

3) Any change made from the CLI needs to be saved / commited using the "commit-buffer" command.

     i) If you make a change in the CLI, you will see a "*" indicating a pending commit e.g. "B /security/ldap* "

     ii) This difference can be verified using the command : show configuration pending.


e.g:

I tired making a change to my ldap config from the CLI:

B /security/ldap # set filter uid=userid

B /security/ldap* # show detail

B/security/ldap* # show configuration pending

scope ldap

+    set filter uid=userid
exit

Hope this helps!

./Abhinav

0 Helpful

danielsomerfield
Level 1
Level 1
In response to abbharga

‎02-08-2011 11:54 AM

Thanks for the response. I am less interested in changes made that not yet committed, than I am in changes that have previously been committed and comparing those to the current state. I have the mechanism for storing prior versions in place, so I am not worried about that, it is more whether a "show configuration" at the root is entirely comprehensive and deterministic in content and order.

For example, if I do the following:

# show configuration > configuration-before.txt

# scope chassis 1

# enable locator-led

# commit-buffer

# top

# show configuration > configuration-after.txt

A diff between configuration-before.txt and configuration-after.txt shows that they are the same, meaning that the locator-led setting isn't part of the configuration. Granted, this isn't a terribly important piece of configuration informtaion for my needs, but my concern is that there are other settings that I have to capture in other scopes that don't show up from a "show configuration" issues at the top level.

Is this a valid concern?

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card