ANLIK KONFİGURASYON DEĞİŞİKLİĞİ (network configuration manager)

Adım 1: Ağ cihazınızdan solarwinds'e syslog yönlendirmesi

Her cihazı, Orion sunucusuna syslog veya trap verilerini gönderecek şekilde yapılandırın. Aşağıda açıklandığı gibi bir komut dosyası kullanarak birden fazla cihazı yapılandırabilirsiniz. Ayrıca, Enable Syslog - Cisco IOS şablonu gibi bir yapılandırma değiştirme şablonu da kullanabilirsiniz.

Cihazlarınız Kiwi Syslog Sunucusuna veya üçüncü taraf bir sistem günlüğüne veya tuzak alıcısına zaten syslog veya trap mesajları gönderiyorsa, bu adımı atlayıp 2. Adım ile devam edebilirsiniz.

SolarWinds, Cisco cihazlarını trap mesajları değil, syslog mesajları gönderecek şekilde yapılandırmanızı şiddetle tavsiye eder. Cisco cihazları, bir kullanıcı yapılandırma moduna girdiğinde trap mesajları gönderir, ancak kullanıcı çıkarken göndermez. Bu nedenle, Cisco cihazlarını trap mesajları gönderecek şekilde yapılandırırsanız, bir kullanıcının yapılandırma moduna bir sonraki girişine kadar bir değişiklik hakkında bilgilendirilmezsiniz.

1. My Dashboards > Network Configuration > Configuration Management.

2. Cihazları seçin ve sonra Execute Script'e tıklayın.

3. Syslog mesajı gönderimi için ilgili cihazlara gerekli komut girişleri yapılır

4. Execute tıklanır.

5. Transfer Status tıklanır.

6. Action kısmında, Execute Script seçilebilir.

7. Status/Details kolonu altında Show Script Results'a tıklayın.

You can remove device configurations by running a command with no in front of it. For example, no set logging server {ip_address} removes that target from the remote logging stream.

Step 2: Configure rules to detect config change notifications

Configure rules to detect syslog or trap messages that indicate a config has been changed. You might need different rules for different device types. Each rule should include an action to execute RTNForwarder.exe, which downloads the config and determines what changed.

The message text used to trigger the rule should be from a message received after all the changes made in the session have been completed, for example when exiting configuration mode.

See the appropriate instructions below, depending on the message type and what product you use to manage syslog or trap messages:

You have Cisco IOS and ASA devices that send syslog messages

You have Log Analyzer or Orion Log Viewer

You do not have Log Analyzer, and your devices send syslog messages to the Orion server

You do not have Log Analyzer, and your devices send trap messages to the Orion server

Your devices send messages to Kiwi Syslog Server

Your devices send messages to a third-party syslog or trap receiver

Step 3: Create the account that NCM uses to access devices and download configs

When a config change is detected, NCM must be able to access the device and download the latest config so that it can determine what changed. Use the Config Changes page to create the Windows account that NCM uses to create and run RTCD-related download jobs.

1. Open the Real-Time Change Detection page:

   1. In the Orion Web Console, click Settings > All Settings.

   2. Under Product Specific Settings, click NCM Settings.

   3. Under Real-Time Change Detection, click Configure Real-Time Change Detection.

1. Click the Config Changes link in Step 3. The Config Changes page opens.

2. Select Enable these account credentials to access all NCM-managed devices.If the check box is disabled, then the Device Login & User Account Credentials option is set to Global - Device Level. To change this option, click the Security link to open the Security page, and then select Individual - User Level.

3. Enter the credentials that NCM can use to access devices and run RTCD-related download jobs.

4. If you want the email message NCM generates to include the syslog or trap message that signaled a config change, select Include syslog/trap message.

5. Click Submit.

Step 4: Specify config comparison and email notification options

When a config change is detected, NCM accesses the device, downloads the modified config file, and compares it to an existing config file to determine what changed. NCM then emails the specified recipients to notify them of the changes. Complete the following steps to specify config comparison and email notification options.

1. Open the Real-Time Change Detection page.

2. Click the Config Downloads and Notification Settings link in Step 4.
   

3. Under Previously Downloaded Config File, select the type of config file that NCM should download for comparison when a config change is detected.

4. Under Baseline Config File, select the config file you want NCM to use for comparison when it determines what changed.

5. Select the desired Email Notification Options.

6. Enter the Sender Name and Subject for NCM to use in RTCD email notifications, and specify at least one recipient. The Reply Address is optional. Email notification fields can include the following types of variables (also called macros). For example, use ${DateTime} to include the date and time in the Subject.
   

   • Global

   • Node

   • Date and time

1. Click Submit.

Step 5: Enter NCM SMTP server details

The email server settings you enter here are used to send notifications regarding RTCD, config change approvals, and running jobs. For information on config change approvals, see Approval system for device configuration changes

1. Open the Real-Time Change Detection page.

2. Click the NCM SMTP Server link in Step 5.
   

3. Enter the fully qualified domain name (FQDN) or IP address of the mail server.

4. Enter the port number on which the mail server handles messages.

5. Select None or Password as the Authentication method.

6. Enter a user name and password.

7. Click Submit.

Step 6: Enable real-time config change notification

1. Open the Real-Time Change Detection page.

2. Under Enable Real-Time Config Change Notifications, click Enable.

3. Click Submit.