DX NetOps

Hi Community

I want to explore the option to verify a piece of configuration which depends on 2 devices using the vnmsh with the help of perl. My goal is to verify the following condition. An interface ip of device 1 should be present as an access-list entry in device 2. I don't worry about where the output goes, I'm happy with text to screen at this stage.

Momentarily I'm stuck on many levels... first challenge is to read the actual configuration as I think this is the only method to see the access-list. So I went into the database looking for a config;

./show children mh=0x123465 gives a number of child HostConfiguration models, one with the relation HANS_LAST_KNOWN_CONFIG. This must be the one I want. I run a show attributes for that model handle and I'm sure attribute 0x82002b HasConfigFile contains the data. The problem is that it is not humanly readable 12.35.0.e3.b9.2a.67.0.b.65.2.35 etcetera.... I was once told that configurations are stored in gzipped format but it was too long ago to know for sure

Eitherway, It would be nice to make some readable text from this HostConfiguration model.

Hello Hans,

you are right - the host configuration data is not save in "plain text" - which is a potential security weakness and also may cause huge "attribute" string-lenght. As the Spectrum database is limited the data is - say - compressed. As I see your interest is related to data from two devices - and you would like to build up a logical function.

Please have a look to the NCM functionality - which allows to export the device configuration data during "capture" into a flat ascii file.

Find this per "Configuration Manager" - Contents: Information tab - Subview "Export Configuration" -- here you may enable to "Export Unique and Global Sync Configurations" - and set the "export directory".

Once this is done you will get "native ascii" files in that directory which may become the source for your perl-scripting.

Cheers, Joerg

Hi Joerg,

thanks for this insight. I am aware of the export configuration data feature and I already make use of it for other purposes. As a (junior) programmer I find it a bit harder to match device model to correct host configuration file (for sure not impossible) compared to reading it from the database directly. Therefor my investigation for database use.

I understand that searching for config pieces in the spectrum database directly can be very resource intensive, therefor I want to offload it from spectrum to a perl script. I would only need to read the data once from spectrum and the rest will be done with perl.

I'm already working on the solution as you describe but I'm still curious wether or not it is possible for a spectrum user to achieve this...

Hi Hans,

The configuration is stored encrypted for security reasons.

Displaying the configuration in OneClick it goes through a renderer.

I am not aware of a way to view the configs via CLI.

Thanks,

Matt