Script-Filter: $Vendor in ["Cisco","Juniper","Citrix"] ####################### Action: Get Logging Action-Description: This first action gathers up the list of current logging statements in the running config and initializes variables to be used in the script. Action-Commands: SET: $UpdateMade = "no" SET: $GotLogIOS = "no" SET: $GotLogNXOS7K = "no" SET: $GotLogNXOS5K = "no" SET: $GotLogJuniper = "no" SET: $GotLogCitrix = "no" SET: $datacenter = "123" SET: $syslog = getListValue(syslog,datacenter,$datacenter,syslogserver,"NOTFOUND") Action-Commands:{$sysDescr like /(IOS|NX-OS)/} sho run | inc logging Action-Commands:{$Vendor eq "Juniper"} configure show system | display set | match syslog Action-Commands:{$Vendor eq "Citrix"} show run | grep syslog Output-Triggers: Check LogIOS Check LogNXOS7K Check LogNXOS5K Check LogCitrix Check LogJuniper ############## Trigger: Check LogIOS Trigger-Description: This section looks for the existence of the required logging statements that belong in each config. One Trigger for each. Trigger-Filter: $sysDescr like /IOS/ and $syslog ne "NOTFOUND" Trigger-Template: logging $syslog Trigger-Commands: SET: $GotLogIOS = "yes" ############## Trigger: Check LogNXOS7K Trigger-Description: This section looks for the existence of the required logging statements that belong in each config. One Trigger for each. Trigger-Filter: $sysDescr like /NX-OS/ and $Model like /N7K/ and $syslog ne "NOTFOUND" Trigger-Template: logging server $syslog [0-9] Trigger-Commands: SET: $GotLogNXOS7K = "yes" ############## Trigger: Check LogNXOS5K Trigger-Description: This section looks for the existence of the required logging statements that belong in each config. One Trigger for each. Trigger-Filter: $sysDescr like /NX-OS/ and $Model like /N5k/ and $syslog ne "NOTFOUND" Trigger-Template: logging server $syslog [0-9] Trigger-Commands: SET: $GotLogNXOS5K = "yes" ############## Trigger: Check LogJuniper Trigger-Description: This section looks for the existence of the required logging statements that belong in each config. One Trigger for each. Trigger-Filter: $Vendor eq "Juniper" and $syslog ne "NOTFOUND" Trigger-Template: syslog host $syslog Trigger-Commands: SET: $GotLogJuniper = "yes" ############## Trigger: Check LogCitrix Trigger-Description: This section looks for the existence of the required logging statements that belong in each config. One Trigger for each. Trigger-Filter: $Vendor eq "Citrix" and $syslog ne "NOTFOUND" Trigger-Template: add audit syslogAction.*$syslog.* Trigger-Commands: SET: $GotLogCitrix = "yes" ################### Action: Add Missing Logging Destinations Action-Description: If the log destination was missing add it to the appropriate device. Action-Filter: $UpdateMade eq "no" and $syslog ne "NOTFOUND" Action-Commands:{$GotLogIOS = "no" and $sysDescr like /IOS/} conf t logging $syslog SET: $UpdateMade = "yes" Action-Commands:{$GotLogNXOS7K eq "no" and $sysDescr like /NX-OS/ and $Model like /N7K/} conf t logging server $syslog 6 use-vrf management SET: $UpdateMade = "yes" Action-Commands:{$GotLogNXOS5K eq "no" and $sysDescr like /NX-OS/ and $Model like /N5k/} conf t logging server $syslog 6 SET: $UpdateMade = "yes" Action-Commands:{$GotLogJuniper eq "no" and $Vendor eq "Juniper"} set system syslog host $syslog any informational SET: $UpdateMade = "yes" Action-Commands:{$GotLogCitrix eq "no" and $Vendor eq "Citrix"} add audit syslogAction syslog-server $syslog -logLevel EMERGENCY ALERT CRITICAL ERROR WARNING NOTICE INFORMATIONAL -logFacility LOCAL7 -timeZone LOCAL_TIME add audit syslogPolicy syslog-server ns_true syslog-server bind system global syslog-server SET: $UpdateMade = "yes" ############################ Action: End and Write Memory Action-Filter: $UpdateMade eq "yes" Action-Commands:{$sysDescr like /IOS/} end write mem Action-Commands:{$sysDescr like /NX-OS/} end copy run start Action-Commands:{$Vendor eq "Juniper"} commit exit exit Action-Commands:{$Vendor eq "Citrix"} save ns config