|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Real network failure causes Was: What do you want your ISP to block today?
On Thursday, Sep 4, 2003, at 09:59 Canada/Eastern, Ian Mason wrote: The best diagnostic tool I've ever had is a script I cobbled together over two hours one night. Once an hour, it simply collected all the router configs across the network, did a 'diff' between the current and last config, and if there were changes, emailed them to me, along with a TACACS+ log summary that showed who had logged into which router when.There are a couple of tools I know about which will do the first part (the config diffing part). Both are easy to extend if you wanted to include other bits (such as tac-plus log summaries). http://www.shrubbery.net/rancid/ http://buffoon.automagic.org/dist/ciscoconf-1.1.tar.gz I wrote ciscoconf. I would recommend that everybody use rancid instead. Experience with this quickly taught me to check these summary change logs whenever a problem was escalated to me. Most times the problem was related to a config change, not an external cause. Further experience taught me to look out for one particular engineers name in the logs but that's another story. Amen to all that. Joe
|