Knowing when Compliance runs
Before diving into compliance, below are the actions that trigger network compliance.
- A NetYCE job changes the configuration. A configuration backup during the job would trigger the NCCM poller.
- NetYCE can also be notified about the configuration change through syslog message. The configuration is then retrieved and appended to the NCCM history.
- The device is scheduled to have its configuration periodically fetched by the NCCM poller.
In each of these cases the NCCM can detect a configuration change which will trigger the Compliance test for the device. If no configuration changes were detected, the compliance will not be triggered.
Troubleshooting Compliance Status
If there are deviations observed specific to a node and policy, it can be tested using the "Test" button under the Policy section of Compliance.
Viewing Compliance daemon logs
We can refer to the logs through GUI as below:
(1) Admin -> System -> Debugging -> (2) yce_nccmd.log: follow
Same file can be accessed via CLI going to the logs path with:
go logs
and accessing the yce_nccmd.log or other historical files as below.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article