Creating dynamic scheduled compliance jobs (wildcard issue?)

Unanswered Question
Aug 11th, 2008
User Badges:

We've been trying to use the baseline templates to run on a schedule and we think that at the time of the job creation, RME selects the devices and makes a static list. Is this correct?

We created a scheduled job, then deleted a device that was part of the first run of that job. In the second run, the removed device not only appeared on the report but was reported as compliant. How could that be? If the job is run against the config archive, and if the device was deleted, then shouldn't the config be deleted as well?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Joe Clarke Mon, 08/11/2008 - 11:27
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

It depends on the version of RME, and what you selected when you created the job as to how job membership is defined. In recent versions of RME, when you get the part of the job creation task where you can select devices, you will see two radio buttons at the top of the window. The default is Device Selector. However, if you select Group Selector, you will be able to choose a group on which the job will run. As the group changes, the job's membership will change as well.

The fact that the device was reported as compliant may be an issue with the fact that it no longer existed. It's hard to saw what commands need to be added or removed if the config is no longer present. The job log should have more details.

philip.r.hayes Mon, 08/11/2008 - 11:45
User Badges:

We have RME 4.0.6 in LMS 2.6.

So picking devices using the device selector and wildcards results in a static list.(?) The only way to create dynamic lists would be by setting up a gazillion groups; yes/no?

Joe Clarke Mon, 08/11/2008 - 11:55
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

You're still picking devices, so this would be static, yes. RME 4.0.6 does not provide the group selector interface (RME 4.1 and higher only).

philip.r.hayes Mon, 11/24/2008 - 13:36
User Badges:

We have been looking into using backend scripting with, hopefully, cwcli. But so far no luck.

But what is really bothersome is that Cisco's documenation states that the Group Selector is how to select devices dynamically. You say that it's not in the version we are running?

Here's the 'scrubbed' URL:


Personally I feel that I should be able to open a TAC case that would force Cisco to fix the flaw. I could care less what version I have if the helpfile states that I should be able to do it. IMHO...

Joe Clarke Mon, 11/24/2008 - 14:36
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

RME 4.0.6 only presents the device selector. I see no where in this document that it mentions the group selector.

philip.r.hayes Mon, 11/24/2008 - 14:43
User Badges:

Interesting. When I pasted in the URL, it didn't show the same thing I saw the first time. But, towards the bottom, I clicked on "Running A Compliancy Check" and it came up with this: (sorry about any formatting issues)

Running Compliance Check

To execute a compliance check:

Note View Permission Report (Common Services > Server > Reports) to check if you have the required privileges to perform this task.

1. Select Resource Manager Essentials > Config Mgmt > Archive Mgmt > Baseline Templates.

The Baseline Templates dialog box appears.

Select the template and click Compliance Check.

The Select Devices dialog box appears.

2. Select either:

* Device Selector, if you want to schedule a job for static set of devices. See Using RME Device Selector for information on how to use RME Device Selector.


* Group Selector, if you want to schedule a job for dynamic group of devices.

The job is scheduled only for the devices that are present in the selected group at the time when the job is run. The customizable group selector for jobs evaluate static groups also as dynamic during run time.

You can see the "Group Selector" reference above.

But, if you have any ideas on how to accomplish this at the command line, I'm listening.

Joe Clarke Mon, 11/24/2008 - 14:47
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

Yes, I see it. This is a documentation bug. The documentation was most likely imported from RME 4.1.


This Discussion