Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

Network Change & Configuration Management

Reply

Config Search with "Does Not Match" followed by a regex

[ Edited ]
New Member
Posts: 1
3792     0

I'm trying to identify routers and switches that don't have logging configured, but using "Does Not Match" with the value "logging" won't work as there are many configuration variants with the work logging in them like "no logging console" where the same device doesn't have a logging server configured.  Normally I'd put a regex in there like 'logging [0-9]+'.  Will NetMRI's config search "Does Not Match" take a regular expression of some kind?

 

EDIT: I've tried that and it doesn't seem to work as anticipated

Re: Config Search with "Does Not Match" followed by a regex

Superuser
Posts: 115
3792     0

NetMRI does not like the + or the * Smiley Happy

 

Try this - 

logging \d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}
Follow me on LinkedIn: https://www.linkedin.com/in/sifbaksh
Twitter: https://twitter.com/sifbaksh

https://sifbaksh.com

Re: Config Search with "Does Not Match" followed by a regex

Expert
Posts: 69
3792     0

I find the documentation lacking on how each of the search operators work.  What exactly do each of these do/differ?

  contains

  matches

  does not match

  regex

 

Does "regex" require the "/" delimiters or is that implicit or optional?

Can one use a "/regex/" for either of the other three?

 

Re: Config Search with "Does Not Match" followed by a regex

Superuser
Posts: 115
3792     0

contains

Means does this line of config exists

 

matches, I think the same as contains (might have to test this one)

 

does not match

I love this lone exmaple if every device should have "logging 10.10.10.1"

use this to seach and it will show you all the devices that does not have it configured

 

regex you can use any form of RegEx in here example for a basic SNMP RO seach use the following

snmp-server community .* RO
 
This will return all the SNMP strings configure with RO
snmp-server community Infoblox RO, snmp-server community RO RO test, snmp-server community demo RO, snmp-server community public RO
You can use regex with the others
Follow me on LinkedIn: https://www.linkedin.com/in/sifbaksh
Twitter: https://twitter.com/sifbaksh

https://sifbaksh.com

Re: Config Search with "Does Not Match" followed by a regex

Expert
Posts: 69
3793     0

Thanks Sif,

 

I have *assumed* the explanations you give but have run into situations where I wasn't sure which one to use or not to use, and how the pattern matching is done.  I got a strong hint from the XML policy operator definitions and I presume that what we generate via UI in the logic builder utilizes those.  But it sure would be helpful to have a direct correspondence.  E.G., why have "contains" and "matches"?  Why isn't there a "doesn't contain"?  And if those accept regex, why have a separate "regex" operator?

Showing results for 
Search instead for 
Did you mean: 

Recommended for You