Hi, > Try kiwi cattools works well and will send you a detailed list of > changes.not very expensive
I've also heard good things about this tool. we also run RANCID - but also have our own suite of config harvesting tools that use telnet/SSH with 'expect' - to grab various things - running-config, environment, version etc into different directories. very nice and trivial to then check for any end devices that dont have a particular option enabled etc. we also use TACACS+ on all our devices (switches, routers, ASAs) so that all user logins are recorded and all user actions on the devices are logged. was working on a way of grabbing the config from a device after a 'configure terminal' had been run (caught by TACACS+) - otherwise we really only operate on the coarse grain of one hour between each poll. load isnt too bad for this sort of thing.. far far lower than SNMPing them for the traffic stats. we also have a manually entered changelog system (one reason why i wanted some other backend auto-log system) which must be used. changes without changelog entry are not tolerated. alan _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
