Auditing Configurations

A Junos Scope administrator can perform configuration audits on one or more devices simultaneously, provided the device configuration exists in the repository. An administrator can maintain a master router configuration for each managed device and compare this record with the actual individual device configuration.

For any managed device, Junos Scope administrators can tag a configuration revision in its repository as a "master" (or any free-text description), then compare (or audit) it with another configuration revision. Comparisons can also be made with the “Running” and “Head Revision” configurations. "Running" is the current configuration which Junos Scope will obtain from the router. "Head Revision" is the most recent revision of a configuration file in the repository. If the "Running" option is selected, Junos Scope attempts to obtain the running configuration from the router, compare it with the latest revision in repository, and archive it as the "Head Revision" if they are different, before using it for comparison. If no difference is detected, the "Running " configuration is equivalent to the "Head Revision" configuration.

The source file and target files for audit are identified by different tag names. Once the audit configuration operation is complete the administrator can view any differences between the source and target configurations across all selected devices.

To audit configurations, follow these steps:

  1. In the Junos Scope main window, click Configuration > Repository > Audit Configurations. The Select devices, tags, and time dialog box appears.
    Image audit_config_slctdevtagtime.gif
  2. Select the Group or Select Device(s) option button.
  3. Select the group or devices that you want from the Group or Select Device(s) list box. Shift+click to select multiple devices from the Select Device(s) drop-down list box.
  4. Select the source tag and the target tag to be used for comparison, from the Source Tag and Target Tag list boxes.
  5. In the Comment text box, type an optional descriptive comment about the audit that you want to perform.
  6. Select when you want the audit to occur by clicking the appropriate option button:
    • Now—(Default) Performs an audit immediately after you confirm it.
    • Select Schedule—Performs an audit at the scheduled time interval.
    • Save Operation as—Select to save the audit operation to run at a later time. Click Save Operation as, then type an operation name in the text box.
  7. Click Compare. The Confirm selections dialog box appears.
    Image audit_config_confslct.gif
  8. Confirm the selections you made are correct and click Finish to audit the configurations. Click Previous to return to the Select devices, tags and time dialog box and change your selection.
    • If you selected Now in Step 6, auditing occurs immediately and the View Status Records dialog box appears.
      Image s001489.gif
    • If you selected to save the archive operation, you return to the Configuration > Repository menu. To view the saved operation, click Settings > Saved Operations.
    • If you selected a schedule, archiving occurs when the operation is scheduled to be run.

      The View Status Records dialog box lists the audit status by Operation name, Operation Type, Device Name, Report Name, User, Status, Start time, Last Updated Time and Message.

  9. Click the Click to view differences link in the message column to compare the different configuration revisions.