Watch and record all changes to Cisco Router Configurations.
- Download config-monitor for POSIX systems such as Unix, Linux, Mac OS X, BeOS, etc.
- Install wherever you feel is appropriate.
- Write a list of routers to monitor. This is a file in the same directory called
router-list with one DNS name or one IP address per line.
- On each of the routers, add the following config:
ip rcmd rcp-enable
ip rcmd remote-host USER IP_ADDRESS USER enable
With both instances of
USER replaced by the username config-monitor is running as, and IP_ADDRESS replaced by the IP address of the machine it is running on.
If you are in a DNS-free environment, you probably also want to add
no ip rcmd domain-lookup.
- Usually run out of cron, either once a day or once an hour.
Note that it will report any changes to standard output, so cron will mail them off to the owner of the cron job. Look up your local cron's manuals for instructions on how to override the default mail target. You may also want to run as a different user and have a .forward file to send the email to an appropriate group of people.
Note the system creates one directory for each router. In that directory are a number of files:
current - Working file.
last - Last known good configuration.
- yyyymmdd - Last known good config from that day.
This gives you a historical record of all configurations over time.
Contact email@example.com for further