<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
I haven't done this my self but one of guy during my last training
class mentioned that they developed something in house that does
following.<br>
1. On rancid box, load and configure net-snmp trap receiver.<br>
2. Configure snmptrapd.conf with proper trap-handler like below.<br>
traphandle OID-of-config-change-trap
/usr/local/bin/rancid-run-wrapper.sh<br>
<br>
What this did is whenever he received a config trap it triggered rancid
wrapper script that just executes rancid-run to that perticular device
only. I don't have such needs so I never tried it my self but he
claimed it worked well for him.<br>
<br>
Catch-22: If somebody goes "config t" and exits, it will generate a
trap and trigger rancid regardless of if he made any changes or not.
However he didn't care about it because his environment was pretty
static and rarely people logged in.<br>
<br>
Something to think about.<br>
<br>
Sam<br>
<blockquote cite="mid:20080904144311.GB38402@monkey.local" type="cite">
<pre wrap="">On Thu, Sep 04, 2008 at 06:13:17PM +0400, Smirnoff Alexander wrote:
</pre>
<blockquote type="cite">
<pre wrap="">I track with AAA, but in case with rancid I will receive changes and who
made it in one place.
</pre>
</blockquote>
<pre wrap=""><!---->
This is the problem:
1. Dan makes a change, X, wr mem
2. Bogdan makes a change, Y, wr mem
3. rancid runs, collects the configs, mails the diffs
- you see changes X + Y
- you see a line that says the config and NVRAM was last changed by Bodgan
</pre>
</blockquote>
<br>
</body>
</html>