Discussion:
[rancid] Rancid and Syslog-ng
Satyam Mathura
2009-06-02 22:14:58 UTC
Permalink
Guys,
Has anyone ever been successful with setting up rancid and syslog-ng so that
whenever a config change is written to memory, syslog-ng calls the rancid
executable for that host only?
Basically we're looking to have rancid query a device only when that
device's configuration has been modified.
Sam Munzani
2009-06-03 01:58:09 UTC
Permalink
Google search revealed this.

http://www.syslog.org/forum/syslog-ng/syslog-ng-to-trigger-rancid/

Thanks,
Sam
Post by Satyam Mathura
Guys,
Has anyone ever been successful with setting up rancid and syslog-ng
so that whenever a config change is written to memory, syslog-ng calls
the rancid executable for that host only?
Basically we're looking to have rancid query a device only when that
device's configuration has been modified.
------------------------------------------------------------------------
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Mr. James W. Laferriere
2009-06-03 03:45:10 UTC
Permalink
Post by Sam Munzani
Google search revealed this.
http://www.syslog.org/forum/syslog-ng/syslog-ng-to-trigger-rancid/
Thanks,
Sam
The link(*) there appears to continously fail in one way or another .

Is it possibly a News server that requires credentials to view .
Probably asking the wrong person that '?' .


(*) http://thread.gmane.org/gmane.comp.syslog-ng/2151/focus=2154
Post by Sam Munzani
Post by Satyam Mathura
Guys,
Has anyone ever been successful with setting up rancid and syslog-ng so
that whenever a config change is written to memory, syslog-ng calls the
rancid executable for that host only?
Basically we're looking to have rancid query a device only when that
device's configuration has been modified.
Twyl , JimL
--
+------------------------------------------------------------------+
| James W. Laferriere | System Techniques | Give me VMS |
| Network&System Engineer | 2133 McCullam Ave | Give me Linux |
| ***@baby-dragons.com | Fairbanks, AK. 99701 | only on AXP |
+------------------------------------------------------------------+
Gary T. Giesen
2009-07-21 20:56:37 UTC
Permalink
Another option I use is snmptt. There's an SNMP trap an IOS router can
send upon config change, and I use snmptt to run rancid against that
host when it receives such a trap.

GG
Post by Satyam Mathura
Guys,
Has anyone ever been successful with setting up rancid and syslog-ng so that
whenever a config change is written to memory, syslog-ng calls the rancid
executable for that host only?
Basically we're looking to have rancid query a device only when that
device's configuration has been modified.
Meli, Federico
2009-07-21 21:19:19 UTC
Permalink
Hello everyone;
I implemented the solution with the following syslog-ng modification and a script in perl. When the syslog receive a change configuration trap trigger the script. You should adapt it to your specific system. In this case the syslog translate the IP add from the hosts/DNS and I use that name. also I put the script in the log directory to avoid permit issues. Hopefully It will work for you.

Syslog.conf:

source net { udp(); };

filter f_change{ match("SYS-5-CONFIG_I: Configured"); };

destination df_change { program("perl /var/log/rancid.pl"
template("$HOST\n") );
};

log { source(net); filter(f_change); destination(df_change); };


Regards

Federico Meli
Global Crossing Americas Solution, Inc.

-----Original Message-----
From: rancid-discuss-***@shrubbery.net [mailto:rancid-discuss-***@shrubbery.net] On Behalf Of Gary T. Giesen
Sent: Tuesday, July 21, 2009 4:57 PM
To: Satyam Mathura; rancid-***@shrubbery.net
Subject: [rancid] Re: Rancid and Syslog-ng

Another option I use is snmptt. There's an SNMP trap an IOS router can
send upon config change, and I use snmptt to run rancid against that
host when it receives such a trap.

GG
Post by Satyam Mathura
Guys,
Has anyone ever been successful with setting up rancid and syslog-ng so that
whenever a config change is written to memory, syslog-ng calls the rancid
executable for that host only?
Basically we're looking to have rancid query a device only when that
device's configuration has been modified.
Sam Munzani
2009-07-23 13:09:34 UTC
Permalink
The problem I faced with this approach is when the syslog-ng triggers
the program, it memorizes that. So calling rancid-run script directly
doesn't work. You need a wrapper script for this directive to work. From
the configuration it looks like you have written rancid.pl wrapper. Can
you share that to the team?

Thanks,
Sam
Post by Meli, Federico
Hello everyone;
I implemented the solution with the following syslog-ng modification and a script in perl. When the syslog receive a change configuration trap trigger the script. You should adapt it to your specific system. In this case the syslog translate the IP add from the hosts/DNS and I use that name. also I put the script in the log directory to avoid permit issues. Hopefully It will work for you.
source net { udp(); };
filter f_change{ match("SYS-5-CONFIG_I: Configured"); };
destination df_change { program("perl /var/log/rancid.pl"
template("$HOST\n") );
};
log { source(net); filter(f_change); destination(df_change); };
Regards
Federico Meli
Global Crossing Americas Solution, Inc.
-----Original Message-----
Sent: Tuesday, July 21, 2009 4:57 PM
Subject: [rancid] Re: Rancid and Syslog-ng
Another option I use is snmptt. There's an SNMP trap an IOS router can
send upon config change, and I use snmptt to run rancid against that
host when it receives such a trap.
GG
Post by Satyam Mathura
Guys,
Has anyone ever been successful with setting up rancid and syslog-ng so that
whenever a config change is written to memory, syslog-ng calls the rancid
executable for that host only?
Basically we're looking to have rancid query a device only when that
device's configuration has been modified.
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
------------------------------------------------------------------------
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Meli, Federico
2009-07-23 13:58:55 UTC
Permalink
Sam,
I included the attach with the previous mail but here you have the script.

rancid.pl:
#########################

#!/usr/bin/perl
use warnings;
use strict;

# strip the priority
my $host;
$host=<>;

chomp($host);
$host=lc($host);

if ($host) {system("su - rancid -c \"/home/rancid/bin/rancid-run -r $host \" ");};


################

Federico Meli


From: Sam Munzani [mailto:***@comcast.net]
Sent: Thursday, July 23, 2009 9:10 AM
To: Meli, Federico
Cc: rancid-***@shrubbery.net
Subject: Re: [rancid] Re: Rancid and Syslog-ng

The problem I faced with this approach is when the syslog-ng triggers the program, it memorizes that. So calling rancid-run script directly doesn't work. You need a wrapper script for this directive to work.
Daniel Medina
2009-07-23 15:37:37 UTC
Permalink
Post by Meli, Federico
The problem I faced with this approach is when the syslog-ng triggers the
program, it memorizes that. So calling rancid-run script directly doesn't
work. You need a wrapper script for this directive to work.
Ryan Harden
2009-07-21 22:21:55 UTC
Permalink
Hello,

I accomplished this by using sec to watch the logs and spawn rancid for
the host that generated the log entry.

You might look into sec (Simple Event Correlator) as an option.

/Ryan
Post by Satyam Mathura
Guys,
Has anyone ever been successful with setting up rancid and syslog-ng so that
whenever a config change is written to memory, syslog-ng calls the rancid
executable for that host only?
Basically we're looking to have rancid query a device only when that
device's configuration has been modified.
------------------------------------------------------------------------
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
- --
Ryan M. Harden, BS, KC9IHX Office: 217-265-5192
CITES - Network Engineering Cell: 630-363-0365
2130 Digital Computer Lab Fax: 217-244-7089
1304 W. Springfield email: ***@illinois.edu
Urbana, IL 61801

University of Illinois - Urbana/Champaign
University of Illinois - ICCN
rancid-discuss-bounces@shrubbery.net</a> [mailto:rancid-discuss-bounces@shrubbery.net</a>] On Behalf Of Gary T. Giesen
1970-01-01 00:00:00 UTC
Permalink
Syslog.conf:

source net { udp(); };

filter f_change{ match("SYS-5-CONFIG_I: Configured"); };

destination df_change { program("perl /var/log/rancid.pl"
template("$HOST\n") );
};

log { source(net); filter(f_change); destination(df_change); };


Regards

Federico Meli
Global Crossing Americas Solution, Inc.

-----Original Message-----
From: <a class="moz-txt-link-abbreviated" href="mailto:rancid-discuss-***@shrubbery.net">rancid-discuss-***@shrubbery.net</a> [<a class="moz-txt-link-freetext" href="mailto:rancid-discuss-***@shrubbery.net">mailto:rancid-discuss-***@shrubbery.net</a>] On Behalf Of Gary T. Giesen
Sent: Tuesday, July 21, 2009 4:57 PM
To: Satyam Mathura; <a class="moz-txt-link-abbreviated" href="mailto:rancid-***@shrubbery.net">rancid-***@shrubbery.net</a>
Subject: [rancid] Re: Rancid and Syslog-ng

Another option I use is snmptt. There's an SNMP trap an IOS router can
send upon config change, and I use snmptt to run rancid against that
host when it receives such a trap.

GG

On 6/2/09, Satyam Mathura <a class="moz-txt-link-rfc2396E" href="mailto:***@gmail.com">&lt;***@gmail.com&gt;</a> wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Guys,
Has anyone ever been successful with setting up rancid and syslog-ng so that
whenever a config change is written to memory, syslog-ng calls the rancid
executable for that host only?
Basically we're looking to have rancid query a device only when that
device's configuration has been modified.

</pre>
</blockquote>
<pre wrap=""><!---->_______________________________________________
Rancid-discuss mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Rancid-***@shrubbery.net">Rancid-***@shrubbery.net</a>
<a class="moz-txt-link-freetext" href="http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss">http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss</a>
</pre>
<pre wrap="">
<hr size="4" width="90%">
_______________________________________________
Rancid-discuss mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Rancid-***@shrubbery.net">Rancid-***@shrubbery.net</a>
<a class="moz-txt-link-freetext" href="http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss">http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss</a></pre>
</blockquote>
<br>
</body>
</html>

--------------080606080200000000030508--
[mailto:= hrubbery.net] On Behalf Of Gary T. Giesen
1970-01-01 00:00:00 UTC
Permalink
Thanks,
Sam

Hello everyone;
I implemented the solution with the following syslog-ng modificatio=
n and a script in perl. When the syslog receive a change configuration trap=
trigger the script. You should adapt it to your specific system. In this c=
ase the syslog translate the IP add from the hosts/DNS and I use that name.=
also I put the script in the log directory to avoid permit issues. Hopeful=
ly It will work for you.

Syslog.conf:

source net { udp(); };

filter f_change{ match("SYS-5-CONFIG_I: Configured"); };

destination df_change { program("perl /var/log/rancid.pl"
template("$HOST\n") );
};

log { source(net); filter(f_change); destination(df_change); };


Regards

Federico Meli
Global Crossing Americas Solution, Inc.

-----Original Message-----
From: rancid-discuss-***@shrubbery.net [mailto:rancid-discuss-***@s=
hrubbery.net] On Behalf Of Gary T. Giesen
Sent: Tuesday, July 21, 2009 4:57 PM
To: Satyam Mathura; rancid-***@shrubbery.net
Subject: [rancid] Re: Rancid and Syslog-ng

Another option I use is snmptt. There's an SNMP trap an IOS router can
send upon config change, and I use snmptt to run rancid against that
host when it receives such a trap.

GG

On 6/2/09, Satyam Mathura <***@gmail.com> wrote:

Guys,
Has anyone ever been successful with setting up rancid and syslog-ng so tha=
t
whenever a config change is written to memory, syslog-ng calls the rancid
executable for that host only?
Basically we're looking to have rancid query a device only when that
device's configuration has been modified.


_______________________________________________
Rancid-discuss mailing list
Rancid-***@shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss


________________________________________
Loading...