Check Type: SHOW_CONFIG_CHECK

This check in many ways audits the same settings audited by the CONFIG_CHECK .audit check. However, the format of the configuration audited is different. SHOW_CONFIG_CHECK audits the configuration in its default format.

For example, here is the configuration in the default format:

admin> show configuration system syslog

user * {

any emergency;

}

host 1.1.1.1 {

any none;

}

file messages {

any any;

authorization info;

}

file interactive-commands {

interactive-commands any;

}

This check is not recommended unless you need greater flexibility over CONFIG_CHECK. As each SHOW_CONFIG_CHECK .audit check results in a separate command being executed on the Juniper device, the process can result in more CPU overhead and take longer to complete. This check exists to provide flexibility to the auditor, and support a future use case that may not be efficiently audited using a CONFIG_CHECK.