I need a report that will show the number of violations each device has.
I need to inventory the various profiles currently configured on nearly 700 devices. (All devices are from the same vendor, and the majority as the same, or very similar models... if it were to matter...)
Currently, I have only been able to find a report that will count, and show me the devices/nodes that match the policy rule to the device config.
Currently, I am able to get a total count of devices/nodes that contain at least 1 violation.
In the screenshot below, I can see that 60 devices, out of nearly 700, are in violation.
I can click on the little blue icon, and expand out the tree to see a bit more info.
Everything up to this point is perfectly fine, as it is, and works as it should.
Now, I can see the numerous violations for that single device I clicked the icon for.
I need a count of those violations, per device.
So, in the example screenshot below, there are 60 devices in violation.
Device 1 of 60 has 15 individual violations of the policy.
So, each device has XX number of violations of the policy.
Now, for the sake of the example, let's say each of the 60 devices contain 15 violations.
This report would need to show me that we have 60 devices in violation (out of 685), and within those 60 devices, we have a total of 900 individual violations.
device1 =15 violations
device2 =15 violations
device3 =15 violations
etc...
This would allow us to see potential customer impact, per each different profile, if maintenance were to be performed.
This would also allow us to find, fix, and remove leftover, incorrect, and old profiles.
I have included a small example of a sample config for the devices requiring this policy report.
There are a total of 48 DSL interfaces.
A device could possibly have 0-48 violations.
The goal is to create various rules, one per each of the different dsl and access profiles.
This should give us approximately 20 different rules.
I need to be able to see the number of devices/nodes that currently have any violations. (This part already works, as it is the default behavior)
Also, I need to be able to see the number of times each rule is violated per device.
EXAMPLE RULES/VIOLATIONS:
dsl profile STANDARD
dsl profile BB1.5M
dsl profile BB5
access profile BASIC
access profile BB1.5
access profile BB5
EXPECTED RESULTS:
dsl profile STANDARD 3
dsl profile BB1.5M 2
dsl profile BB5 0 (In the case where a profile did not exist on the node, it would be preferred to simply omit the rule from the results, if possible)
access profile BASIC 3
access profile BB1.5 2
access profile BB5 1
interface dsl 19 info Description "text possibly entered here" dsl profile STANDARD service 1 pvc 0/35 access profile BASIC override profile mac limit 2 shutdown exit shutdown exit ! interface dsl 20 info Description "Sometimes there is a name here" info Description2 "Sometimes there are numbers here" info Description3 "Sometimes there is nothing here, as seen below, on ports 21 & 22" dsl profile STANDARD service 1 pvc 0/35 access profile BASIC override profile mac limit 2 shutdown exit shutdown exit ! interface dsl 21 shutdown exit ! interface dsl 22 dsl profile BB1.5M service 1 pvc 0/35 access profile BASIC override profile mac limit 2 no shutdown exit no shutdown exit ! interface dsl 23 dsl profile STANDARD service 1 pvc 0/35 access profile BB1.5 override profile mac limit 2 no shutdown exit no shutdown exit ! interface dsl 24 dsl profile BB1.5M service 1 pvc 0/35 access profile BB5 override profile mac limit 2 no shutdown exit no shutdown exit !
The standard, default, compliance report ALMOST does this, out of the box.
The only thing I think it is missing, is counting the number of lines/violations per device, when you expand the tree on the results.
If anyone out there know how to calculate that last step, please let me know.
If there is already a way to get these results, then I surely apologize for being a big ol' dummy.
Either way, I am thankful for the assistance.
Thank you,
-Will