CONFIG_CHECK
The CONFIG_CHECK check analyzes the configuration for regular expressions to identify if a configuration is set.
Usage
<custom_item>
type : CONFIG_CHECK
description : ["description"]
expect : ["lines to match against"]
(optional) cmd : ["command to run for additional content"]
(optional) regex : ["lines to filter"]
(optional) context : ["subcontext of config items to filter"]
(optional) not_expect : ["lines to match against"]
(optional) required : [YES|NO]
(optional) match_all : [YES|NO]
(optional) match_case : [YES|NO]
(optional) min_occurrences : ["numerical value"]
(optional) max_occurrences : ["numerical value"]
</custom_item>
| Property | Description |
|---|---|
| type: CONFIG_CHECK | This setting is used to evaluate the positive response from the configuration file. |
| expect | The expected value being positively evaluated from the configuration file. |
| cmd | A command sent to the target device to gather additional information not displayed with the default configuration. |
| regex | Used for filtering specific configuration lines for expect evaluation. Useful for reducing output for review. |
| context | Used to return only specific indented contexts in the configuration, such as interfaces or line information. |
| not_expect | The expected value being negatively evaluated from the configuration file. Useful for checking that telnet is not found in any line. |
| required | A value of NO allows a check to pass if the item is not found. Defaults to YES if not specified. |
| match_all | Setting match_all to YES requires the expectation to match all lines of text, and not just a single line of text. If match_all is set to the default of NO, only one line must match for the check to pass. |
| match_case | Setting match_case to YES makes the comparison to be case sensitive. If match_case is set to the default of NO, the comparison is case insensitive. |
| min_occurrences | Specify a number of minimum occurrences that must be met to obtain a passing result. Useful for matching against multiple NTP lines. |
| max_occurrences | Specify a number of maximum occurrences that must be met to obtain a passing result. Useful for matching against a target having no more than one username line, or multiple SNMP strings being set. |
Example
<custom_item>
description : "Login: ssh - v2 and later is enabled"
cmd : "show system security ssh"
regex : "SSH Protocol Version 2"
expect : "Enabled"
</custom_item>
<custom_item>
description : "Login: Telnet is disabled (IPv4)"
expect : "no telnet-server"
</custom_item>