Command Input and Exclude Regex not working - Config Diff Plugin on v4.0.7

[gabewinch]

NetBox version What version of NetBox are you currently running? v4.0.7

Describe the bug The config-diff plugin is only sending show version | i Version and show running-config to cisco_iosxe platform config devices.

When specifying the command, or optional exclude regex in the platform config of the plugin itself, the username only goes to the device and runs the following:

enable terminal length 0 terminal width 512 show version | i Version show running-config

To Reproduce Steps to reproduce the behavior:

1. Go to Config Diff Plugin > Compliance > Platform Settings

2. Include the device platform that is being used, and configure, like so

   

3. Create Configuration Request and collect diffs

4. Notice that Config Compliance only shows the output of "show running-config", regardless of the input on the command of the platform setting

Expected behavior The expectation is to collect configuration of the device based on the command input in the platform setting and exclude regex for that platform setting.

Screenshots

[miaow2]

Hi @gabewinch, thanks for opening the issue.

Configuration Request does not use command from Platform Setting, it always collects full config, because it is needed for the correct configuration management process that is handled by scrapli-cfg.

Do you have in custom scripts ConfigDiffScript script under Customization > Scripts? This script uses PlatformSetting for rendering diff

[gabewinch]

Hello @miaow2,

Thank you for your response. I apologize if I'm not using the plugin correctly... I do have the ConfigDiffScript. Is there a way to modify this to create a gathered config that I can more easily maintain?

[miaow2]

Is there a way to modify this to create a gathered config that I can more easily maintain?

I am sorry, but I don't understand your question clearly. Do you want to know only how to find diff (between rendered config in NetBox and device configuration) or push rendered configuration from NetBox to devices?

[gabewinch]

Let me try to explain my use case a bit better -

I'm okay with how NetBox renders the config template for diffing against the gathered (actual) configuration, no problems with that. What I want to do is filter out lines/sections of config from the device's gathered (actual) configuration. This is so that I don't have to structure the configuration template in NetBox to include any device-unique configuration, such as crypto keys, secrets serial numbers, interfaces, etc.

I'm trying to create a structure where I can have a large list of similar devices that should have the same "base" configuration, and I can have this plugin mark devices as compliant by only matching this base configuration, and not the entire output of show running-config.

Please let me know if that makes sense, happy to explain further and show my setup.

[miaow2]

You started in the right way with creating Platform Setting, your next steps:

• define in Platform Setting Exclude regex field list of regex patterns that match config lines you want to exclude
• run ConfigDiffScript on your devices (devices should be with assigned Primary IP, Platform)
• check Config Compliances for diffs

Feel free to ask any questions, I will help you

[gabewinch]

So, here is where I begin to have some issues:

It seems whatever I put in the Exclude Regex field, the config in the Diffs section of the Configuration Request is not modified. I have tried many different combinations, including partial matches with regex wildcards (.*).

In this example, I have tried filtering the following string (config line):

vrf definition Mgmt-vrf

WIth the following regular expression (though simple, checked this against regex101):

vrf.definition.*

As you can see below, the line is not filtered from the actual config:

Is there something here that I should be doing differently? Thanks!

[miaow2]

please, don't use Configuration Request till you want to configure devices

just run ConfigDiffScript and check Config Compliances as I said

ConfigDiffScript uses Exclude Regex field

[gabewinch]

Okay - I was using the Collect Diffs button to get the actual configs from the devices after modifying the platform setting. Here is what I have under Scripts (not clickable):

And this (under the Edit button):

I tried to add the script manually here, but ran into a permissions issue saving the script into the scripts directory, according to the page. I checked the directory manually via CLI as well, and the script already seems to exist there. Maybe I have done something wrong in my install?

[miaow2]

Yes, you have some problems with plugin installation, but I have fix for that, you should go to nbshell

find config_diff ScriptModule

>>> ScriptModule.objects.all()
<RestrictedQuerySet [<ScriptModule: config_diff>]>

so I have only one object, so get this object by

>>> module = ScriptModule.objects.all()[0]

and then create Script object

>>> Script.objects.create(module=module, name="ConfigDiffScript")

after that script will appear in scripts list Customization > Scripts

now you can run script on your devices and get diff

I hope that will help you

[gabewinch]

Hi @miaow2,

Thanks so much for the explainer. The script and regex line filters are now working for me.

Is there any chance in the future there will be functionality to get the output of specific commands from a device, such as "show run | section router" or others? This would be really helpful in my scenario.

Thanks again,

[miaow2]

Is there any chance in the future there will be functionality to get the output of specific commands from a device, such as "show run | section router" or others

Do you want to find a diff only for the router configuration section?