[rancid] Re: cisco Last configuration change by

Sam Munzani smunzani at comcast.net
Thu Sep 4 17:55:30 UTC 2008


I haven't done this my self but one of guy during my last training class 
mentioned that they developed something in house that does following.
1. On rancid box, load and configure net-snmp trap receiver.
2. Configure snmptrapd.conf with proper trap-handler like below.
traphandle OID-of-config-change-trap /usr/local/bin/rancid-run-wrapper.sh

What this did is whenever he received a config trap it triggered rancid 
wrapper script that just executes rancid-run to that perticular device 
only. I don't have such needs so I never tried it my self but he claimed 
it worked well for him.

Catch-22: If somebody goes "config t" and exits, it will generate a trap 
and trigger rancid regardless of if he made any changes or not. However 
he didn't care about it because his environment was pretty static and 
rarely people logged in.

Something to think about.

Sam
> On Thu, Sep 04, 2008 at 06:13:17PM +0400, Smirnoff Alexander wrote:
>   
>> I track with AAA, but in case with rancid I will receive changes and who
>> made it in one place.
>>     
>
>  This is the problem:
>
>  1. Dan makes a change, X, wr mem
>
>  2. Bogdan makes a change, Y, wr mem
>
>  3. rancid runs, collects the configs, mails the diffs
>
>     - you see changes X + Y
>
>     - you see a line that says the config and NVRAM was last changed by Bodgan
>
>   

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080904/8ad61d43/attachment.html 


More information about the Rancid-discuss mailing list