09-24-2009 03:51 PM
How can I set up a filter so that ciscoworks will not telnet into a device to copy the configuration after a config trap is received
09-24-2009 03:54 PM
Go to RME > Tools > Syslog > Automated Actions, and disable the Config Fetch action.
09-24-2009 04:27 PM
Sorry Joe, I need this for just 2 devices. People are constantly making changes (minor) and we may get as many as 20 configurations archived per day. I should have stated that the first time.
09-24-2009 04:32 PM
This cannot be done reliably. If you modify the Config Fetch AA just to enable it for certain devices, it will ONLY be enabled for those devices. If you add any new devices, they will not be included unless you re-modify the AA.
09-24-2009 04:35 PM
I should add that if you don't want to see the config change messages at all in your reports for these devices, you could setup a message filter which drops SYS-5-CONFIG_I messages for just these two devices. RME will then not fetch the configs, but you lose the ability to report on such syslogs.
The filter can be defined under RME > Tools > Syslog > Message Filters. The pattern would be:
Facility : SYS
Sub-Facility : *
Severity : 5
Mnemonic : CONFIG_I
Description : *
09-24-2009 04:39 PM
You lost me. What does AA stand for? I see the config fetch is enabled but that is for all devices. So we cannot tell ciscoworks to not process messages (config) from a particular devices or devices?
09-24-2009 04:42 PM
AA stands for Automated Action. No, you cannot easily tell RME to process config change syslog messages for all devices except a certain few. However, you can easily define a message filter to prevent config change messages from ever reaching the RME database for a select set of devices.
09-24-2009 04:44 PM
OK...I wrote my reply before you posted the message filter option. We tried that and it did not work. We went back into the device, added the "snmp-server location" in the config and ciscoworks user still telneted in the device to get the config.
09-24-2009 04:46 PM
Post the NMSROOT/MDC/tomcat/webapps/rme/WEB-INF/classes/com/cisco/nm/rmeng/csc/data/filters.dat.
09-24-2009 04:51 PM
I wish I could but the network is closed. What should I look for? If you don't mind walking me through it.
09-24-2009 05:08 PM
The file is not easy to read. If you cannot post it, then open a TAC service request, and include it. If you cannot do that, it will be very hard to determine why filtering is not working. I suspect a bug which may be fixed in a later version of RME.
09-24-2009 05:13 PM
Will do. I will go that route. Thanks Joe.
09-24-2009 05:18 PM
When you open the SR, include the raw syslog message found in your syslog.log file. That plus the filters.dat should show the problem quite clearly.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide