Occasional Visitor
Re: Help for policy

Alot of my policy rules have the same conditions, find certain lines, but not any extra.  And my remediation scripts remove those extra lines.

 

Should look like this:

 

Condition 1: Config Text

- regular expression

 

Must contain only:

snmp-server host 192.168.1.10 RW_COMMUNITY

snmp-server host 192.168.0.10 RW_COMMUNITY

 

But must not have any additional lines containing:

^snmp-server host ([0-9].*)

 

 

 

Auto remediation script:

snmp-server host 192.168.1.10 RW_COMMUNITY

snmp-server host 192.168.0.10 RW_COMMUNITY

@foreach $matching_line$ in $condition_A_line_1$
no snmp-server host $matching_line.regex_group_1$
@end