On Thu, 12 May 2005, Glynn Stanton wrote:
If you anticipate doing a lot of this kind of monitoring in the future you may want to take a look at the "expect" programming language http://expect.nist.gov/ , which has very simple "send"/"expect" constructs. E.g. send "show acl 101/r" expect "access-list .." etc. Perl also allows similar although is probably not quite as easy to pick up if you've never done this kind of thing before.
Essentially you'd write a quick script to telnet or ssh to the router "send" your commands, expect a result and do something based on that result. As I said, its worth the time investment and you'll find once you get the script done you can just reuse it for many other tasks.
Kind of silly to state using an expect script or any other "script" for that matter considering the assumption that, it seems he is not trusting someone (as mentioned in another post), so I would take it that this script would run from where? Not only that, you would go through hell configuring encrypting the password on an expect script for the script to decrypt, then send. Now, not only that, but then what? How would you configure it to monitor something say in real time? You would likely have to use the diff and grep commands for parsing, and a whole bunch of other things to get it to just monitor a change, not a guarantee you will find out who changed it without some major scripting as opposed to using accounting ala TACACS+ spawn ssh username@router.company.org.net.whatever expect "Password: " send "secret\r" expect "something" send "something\r" expect $RESPONSE_FROM_ROUTER spawn $WHAT_DO_YOU_SPAWN_TO_COPY_WHAT_YOU_SEE Expect would be worthless in my opinion. Why reinvent the "kick their asses to accounting mode" wheel. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo GPG Key ID 0x0D99C05C http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x0D99C05C sil @ infiltrated . net http://www.infiltrated.net "How a man plays the game shows something of his character - how he loses shows all" - Mr. Luckey