I would argue that, as in the example below, if a device is changing its bootflash every hour, then you likely have a bug in the operating system. The ASAs used to do that, but the bug was corrected in a later revision of the OS.

While it may be easy to replace the command being sent to the device, what is the effect on the rancid code downstream? While I cannot speak authoritatively about the contents of the source code, I do believe there are lines of code that are dependent on specific output strings from previous commands.

"For once you have tasted flight you will walk the earth with your eyes turned skywards, for there you have been and there you will long to return."
-Leonardo da Vinci

From: rancid-discuss-***@shrubbery.net [mailto:rancid-discuss-***@shrubbery.net] On Behalf Of Valeriy Simonov
Sent: Monday, September 20, 2010 1:38 AM
To: rancid-***@shrubbery.net
Subject: [rancid] Replace commands for specific hosts

Hello!

Rancid is great, but there are some situations, when some hosts make too much noise and we can't do anything with that. For example, some Cisco device update their flash too frequent, or some scripts make changes to some ACLs several times a hour. It's too annoying to receive that changes every hour, even if that information has no value. The solution could be simple: just avoid some commands or replace them. I've decided to make a patch for that.

First, we should add some parameters in rancid.conf file:
HOST_REPLACE_CMD=""; export HOST_REPLACE_CMD
HOST_REPLACE_CMD="$HOST_REPLACE_CMD 10.1.1.1, 'show flash', 'show flash | exclude bootflash',"; export HOST_REPLACE_CMD
HOST_REPLACE_CMD="$HOST_REPLACE_CMD 10.2.2.2, 'show flash', 'show flash | exclude bootflash',"; export HOST_REPLACE_CMD
HOST_REPLACE_CMD="$HOST_REPLACE_CMD 10.3.3.3, 'more system:running-config', 'more system:running-config | section exclude standard ist$',"; export HOST_REPLACE_CMD

That parameters are telling script to replace 'show flash' command for hosts 10.1.1.1 and 10.2.2.2 with 'show flash | exclude bootflash' to scrub bootflash info completely, and replace 'more system:running-config' for host 10.3.3.3 with 'more system:running-config | section exclude standard ist$' to exclude standard access-list with name ist from the resulting file. You should use that replacements with certainty that you will not lose some valuable information.

Number of replacements is not limited, just be sure not to skip a comma after last quote in each line (do not place comma after a double quote!).

Next, we should apply a patch to rancid file with the name, ahem, 'rancid':
patchpatchpatchpatchpatchpatchpatchpatchpatchpatch

--- rancid.orig 2010-08-05 11:17:24.000000000 +0600
+++ rancid 2010-09-20 12:50:18.000000000 +0600
@@ -1929,6 +1929,22 @@
  {'show running-config' => 'WriteTerm'},
  {'write term' => 'WriteTerm'},
 );
+# Replace commands if host matches
+$host_replace_cmd = $ENV{HOST_REPLACE_CMD};
+@commandreplace = ();
+push(@commandreplace, $+) while $host_replace_cmd =~ m{'(.*?)'|(\S+),\s*}g;
+$cr_length = $#commandreplace;
+for($i = 0; $i <= $cr_length; $i = $i + 3) {
+ my $cr_host = $commandreplace[$i];
+ if ($host eq $cr_host) {
+ my $cr_cmdsearch = $commandreplace[$i + 1];
+ my $cr_cmdreplace = $commandreplace[$i + 2];
+ my ($index) = grep { defined $commandtable[$_]{$cr_cmdsearch} } 0..$#commandtable;
+ my $cr_function = $commandtable[$index]{$cr_cmdsearch};
+ splice(@commandtable, $index, 1, {$cr_cmdreplace => $cr_function});
+ }
+}
+
 # Use an array to preserve the order of the commands and a hash for mapping
 # commands to the subroutine and track commands that have been completed.
 @commands = map(keys(%$_), @commandtable);

patchpatchpatchpatchpatchpatchpatchpatchpatchpatch

Check that everything's working fine by running "rancid -d hostname" and checking it's output. I would be glad if this patch or some similar logic will be in the next release of rancid.

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
CONFIDENTIALITY NOTICE
Attention: The information contained in this email and/or attachments is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any system and destroy any copies.

For example, latest IOS versions of Cisco ASR1000 make tracelogs and a
generate lot of syslog messages when I enable archive log config. For now, I
couldn't found any solution for that (disabling log config is not an option
due to our policy). Also you have ignored case when specific ACL is changing
constantly. With current rancid, there are no escape from lots of reports
every period, and important information can be buried under all that
non-valuable changes.

As for line dependancy, I think that's can be a rare case, and after all it
should be a user responsibility. Suggested workflow is "make command
replace, test impact, leave satisfacted or repeat all above". Most paranoid
and foolproof solution can be a way to exclude specific commands for
specific hosts completely, but it has less flexibility. In my solution, we
can add "exclude .|^$" to scrub unwanted command output or change
unsupported command to some stub.

And we can add some logic to change parser function for command output, that
will give us more options.

Anyway, output filtering is a feature that I find unfortunately missing in
such a great tool as rancid.

I would argue that, as in the example below, if a device is changing
its bootflash every hour, then you likely have a bug in the operating
system. The ASAs used to do that, but the bug was corrected in a
later revision of the OS.