cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
659
Views
5
Helpful
5
Replies

Ciscoworks LMS 3.2 - Compliance mgmt negation problem

tim.cooper
Level 1
Level 1

Hi,

Strange problem, that I am sure is being caused by me.

Basically trying to run an advanced Compliance mgmt job, looking for a set of pre-requisites (this is working) and then removing all non compliance SNMP community strings from a sample device.

I use two lines for this removal

- snmp-server community [#!testR[OW]mon#] [#.*#] [#.*#]
- snmp-server community [#!SNMP#] [#.*#] [#.*#]

From what I see, this should remove all snmp-server communities from a device other than "testROmon", "testRWmon" and "SNMP". Obvious caveat is that they would all need to have two words after this (in this case, these are ro or rw and an ACL).

When I run this it seems to try and remove twice as many snmp community strings as there actually are on the device config? So I guess the core questions are: -

1) Does the above look sound and would it do what I think

2) Does the Compliance management engine parse the entire config independantly for each line of the above and hence explain why I am getting more removals than I would expect or is there a problem somewhere?

Any help on this appreciated as its driving me nuts

1 Accepted Solution

Accepted Solutions

Joe Clarke
Cisco Employee
Cisco Employee

I think you probably want:

- [#snmp-server community (?!testR[OW]mon |SNMP ).*#]

View solution in original post

5 Replies 5

Joe Clarke
Cisco Employee
Cisco Employee

I think you probably want:

- [#snmp-server community (?!testR[OW]mon |SNMP ).*#]

Thanks Joseph,

Any chance of breaking the last bit down for me? What does the | and the ? do.

It's a negative lookahead assertion that checks to make sure that a community string is not either of those two patterns.  It will remove lines like:

snmp-server community public RO

Thanks Joseph,

So if I also wanted to remove all SNMP traps bar: -

snmp-server host 10.10.10.x (where x is any ip in the last octet)

From a device, would I use

- [#snmp-server host (!#10\.10\.10\..*#).#]

Or doesn't this make sense?

No, the pattern would be:

- [#snmp-server host (?!10\.10\.10\..*)#]

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco