Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

Network Change & Configuration Management

Reply

RAW XML Policy - multiple interface checks

New Member
Posts: 1
1560     0

We currently have a rule that checks to see if a shutdown script is set for ports that use MAB. The script checks for GigabitEthernet interfaces. Due to some recent changes we also need to have it check TenGigabitEthernet interfaces as well. I tried to tweak a few things but with no luck.

 

Below is the current xml:

 

<PolicyRuleLogic editor="raw-xml" xmlns='http://www.infoblox.com/NetworkAutomation/1.0/ScriptXml'>
<Assign variable='device-config'>
<Expr method='running_config_text'/>
</Assign>
<Assign variable='intface'>
<Expr value=''/>
</Assign>
<ConfigBlockCheck block-start='^interface' boundary-method='indent'>
<Expr op='matches'>
<Expr variable='_block'/>
<Expr value='GigabitEthernet(.*)'/>
</Expr>
<Assign variable='intface'>
<Expr variable='_match_1'/>
</Assign>
<If>
<ConfigFileCheck op='contains-all'>mab</ConfigFileCheck>
<Then>
<Assign variable='event-line'>
<Expr op='concat'>
<Expr value=' event syslog pattern &quot;%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet'/>
<Expr variable='intface'/>
<Expr value=', changed state to down&quot;'/>
</Expr>
</Assign>
<If>
<Expr op='matches'>
<Expr variable='device-config'/>
<Expr variable='event-line'/>
</Expr>
<Then>
<Assign variable='event-config'>
<Expr op='concat'>
<Expr value=' action 1.3 cli command &quot;interface GigabitEthernet'/>
<Expr variable='intface'/>
<Expr value='&quot;'/>
</Expr>
</Assign>
<If>
<Expr op='matches'>
<Expr variable='device-config'/>
<Expr variable='event-config'/>
</Expr>
<Then>
</Then>
<Else>
<Return>
<PolicyRuleFail>
<Expr op='concat'>
<Expr value='Shutdown script not set correctly for port GigabitEthernet'/>
<Expr variable='intface'/>
</Expr>
</PolicyRuleFail>
</Return>
</Else>
</If>
</Then>
<Else>
<Return>
<PolicyRuleFail>
<Expr op='concat'>
<Expr value='Shutdown script not set correctly for port GigabitEthernet'/>
<Expr variable='intface'/>
</Expr>
</PolicyRuleFail>
</Return>
</Else>
</If>
</Then>
</If>
</ConfigBlockCheck>
<PolicyRulePass>Shutdown scripts are configured correctly.</PolicyRulePass>
</PolicyRuleLogic>

Re: RAW XML Policy - multiple interface checks

Superuser
Posts: 115
1561     0

Try the following

 

Change this

<Expr value='GigabitEthernet(.*)'/>

to

<Expr value='GigabitEthernet(.*)|TenGigabitEthernet(.*)'/>

 

Follow me on LinkedIn: https://www.linkedin.com/in/sifbaksh
Twitter: https://twitter.com/sifbaksh

https://sifbaksh.com
Showing results for 
Search instead for 
Did you mean: 

Recommended for You