I'm having some issues with an NCM Policy rule we use in an audit and am hoping I could get some assistance.
The rule is intended to search router configurations for logging destinations. The rule should be violated if:
- It is missing our primary logging destination ("logging 1.1.1.1" or "logging host 1.1.1.1" is missing).
- Has any other logging destination present ("logging ?.?.?.?" but not "logging 1.1.1.11" or "logging host ?.?.?.?" but not "logging host 1.1.1.1).
Can anyone recommend a way to handle this?
I thought I had a rule that worked properly but the "Alert on the rule below if String is Found/String is Not Found" alters the outcome of the rule.
How is the "Alert on the rule below if" variable related to the "MUST/MUST NOT CONTAIN" option in the Advanced Rule definition. Seems like the first option should not be applicable if the second option is used.
