I wish to discover the percentage of ports in my network that are missing four specific lines of code on them. I'll use this to provide Management with a high-level view of how much progress has been made towards getting these lines on every switch port.
I believe the best way to accomplish this is to either create an Informational Compliance Report that shows ports that either HAVE the four specific lines of code on them, or that DO NOT HAVE those lines.
I understand how to build and use Compliance Reports that search for config lines in an entire switch's configuration file. But I don't know how to refine the search to ensure every switchport in the switch has those four lines.
I've referenced this SW document, but I don't understand how to fine tune the process to look for missing lines on every port: Manage policy rules
For example, a switchport should have these four commands on it:
- switchport mode access
- spanning-tree portfast edge
- switchport voice vlan
- switchport port-security maximum 2
A fully-loaded Cisco 4510 chassis switch, or a stack of eight Cisco 3850 switches, would each have 392 copper switch access ports. If you figure I have 80,000 switchports on my network, the information discovered by this Compliance Report should show what percent of ports are correctly configured.
Do you know how to accomplish this per-port config inspection on multiple switches using NCM's Compliance Report? And if so, would you kindly describe the process to me, with screen shots and examples?
Or, is there a different way to accomplish this using something other than NCM's Compliance Report? I'm open for anything that can accomplish this task.
Yours,
Rick Schroeder