I am running into an issue when trying to track STIG compliance of Cisco devices using NCM. Is there a way for me to write a rule that checks for a string on specific interface types? Finding just the string in the configuration file does me no good. I need to know if the string is on all or certain interface types. If someone could give me an example, I would greatly appreciate it. One example of what I am trying to do is: If interface contains 'Interface Vlan' , config must contain 'no ip redirects'. I can build the rule to identify this, but I cannot get it to remediate it. If interface Vlan10 doesn't have it, I want the remediation script to add the correct config on it.
↧