About Command checks
NetYCE compliance can be used to validate state of device by issuing show commands.
Below is an example where we would be validating NTP status of a Cisco IOS device.
Not working CLI output:
CoreRouter#show ntp status
Clock is unsynchronized, stratum 16, no reference clock
nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**24
reference time is 00000000.00000000 (00:00:00.000 UTC Mon Jan 1 1900)
Working CLI output:
CoreRouter#show ntp status
Clock is synchronized, stratum 3, reference is 146.185.130.22
nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**24
reference time is D76513B4.66A4CDA6 (12:40:20.400 UTC Mon Jul 7 2014)
We can observe that the "unsynchronized" word in the command output would mean that the NTP is not working. So we shall prepare the policy to validate the NTP status using this condition.
Creating compliance policy, rules and condition:
Creating Policy
(1) Compliance -> (2) Policies -> (3) New -> (4) Name: NTP Test -> (5) Save
Creating Rule
Under Rule : (1) New -> (2) Name: ntp status -> (3) Rule type: Command -> (4) Vendor: Cisco_IOS -> (5) Command -> (6) Save
Creating Logic
(1) New -> (2) Must not contain : (3) unsynchronized -> (4) Lines contain regular expressions -> (5) Save
For testing the results, refer to the article: How to test Compliance Policy
For creating reports, refer to the article: How to create Compliance Reports
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article