[65450] in North American Network Operators' Group
Re: [Activity logging & archiving tool]
daemon@ATHENA.MIT.EDU (Alexei Roudnev)
Wed Nov 26 01:19:40 2003
From: "Alexei Roudnev" <alex@relcom.net>
To: "Dan Lockwood" <dlockwood@shastalink.k12.ca.us>,
"joshua sahala" <joshua.ej.smith@usa.net>,
"Priyantha" <priyantha@wightman.ca>, <nanog@nanog.org>
Date: Tue, 25 Nov 2003 22:20:18 -0800
Errors-To: owner-nanog-outgoing@merit.edu
I created _Cisco repository_ about 1 year ago, using Expect, cvs and CVSWEB,
for free, and since this, we did a few installation and are really happy
with it (we save all Cisco configs, including routers, 6509 switches, PIX-es
and this crazy VPN devices...). This is a simple tool, with the web
interface, allowing to save config (1 click and passphrase),
save many configs in 1 click, see change log, compare configs, send changes
to manager (I do not use it -:)) and so on.
It consists of:
- FreeBSD (which is main monitoring system - it is easierst system to
manage)
- Expect (port)
- standard FreeBSD tftpd in 'chroot IP' mode
- very simple web script
- webcvs (port)
- apache (I use part of snmpstat installation)
(I am thinking about getting all our staff together as some kind of
priofessional service or consulting, with all components _opensource_, and
using knowledge _how to get it all together_).
----- Original Message -----
From: "Dan Lockwood" <dlockwood@shastalink.k12.ca.us>
To: "joshua sahala" <joshua.ej.smith@usa.net>; "Priyantha"
<priyantha@wightman.ca>; <nanog@nanog.org>
Sent: Tuesday, November 25, 2003 12:53 PM
Subject: RE: [Activity logging & archiving tool]
If you are in a Cisco shop you might consider Secure ACS. We use ACS to
log all of our changes and have very good success with it.
Unfortunately it is not free.
Dan
-----Original Message-----
From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of
joshua sahala
Sent: Tuesday, November 25, 2003 11:45 AM
To: Priyantha; nanog@nanog.org
Subject: Re: [Activity logging & archiving tool]
"Priyantha" <priyantha@wightman.ca> wrote:
>
> In my company, there are several technical guys make changes to the
> existing network and it's very difficult to keep track of what we did
> when, etc.
i feel your pain - except when it was happening, they weren't as
technical as they thought they were...
> I'm looking for a simple tool, in which each and every one has to
> manually record whatever (s)he has done or any incident (s)he observed
> so that the tool archives that data someway. Later, in case if someone
> needs, (s)he should be able to search for that archive by date, by
> person, by a random phrase, etc.
rancid (http://www.shrubbery.net/rancid) and
cvs-web (http://stud.fh-heilbronn.de/~zeller/cgi/cvsweb.cgi/)
rancid does nice proactive checking of device configs, and cvs-web is
a pretty front end to look through change history
for tracking:
request tracker (http://www.bestpractical.com/rt/) - it is a ticketing
system, but you could probably customize it to fit your needs
netoffice (http://sourceforge.net/projects/netoffice/) - haven't used
it personally, but it looks like it might work too
track+ (http://sourceforge.net/projects/trackplus/) - same as netoffice
of course, nothing will work unless everyone uses it, so you have to
have clear, concise policies for change management, and then enforce
them.
hth
/joshua
> Any help in this regard is appreciated,
>
> Priyantha Pushpa Kumara
> ---------------------------------------
> Manager - Data Services
> Wightman Internet Ltd.
> Clifford, ON
> N0G 1M0
> Fax: 519-327-8010
>
>
>
"Walk with me through the Universe,
And along the way see how all of us are Connected.
Feast the eyes of your Soul,
On the Love that abounds.
In all places at once, seemingly endless,
Like your own existence."
- Stephen Hawking -
