Netshot Configuration and Compliance Management Software
We live in a time of intent, automation, orchestration and a lot of wonderful tools that promise to make the life of network engineers easier.
Sometimes reality is simpler and maybe less fascinating, real problems need to be solved quickly with a small budget.
The specific case I discuss here is a medium network, around a hundred devices. The problem is to create an inventory of all the devices, backup configurations and verify all the boxes have the correct syslog, ntp and timezone configuration.
Netshot has many features, I used:
- Configuration backup and history
- Network Inventory
- Configuration compliance
- Change automation
Start the configuration creating device credentials
then run a network scan to add/discover devices
After the scan it is useful to create groups based for example on device model
Compliance feature is simple but powerful. After a configuration backup it runs a check against some parameters to verify ii matches some criteria.
For example to test all the devices have the correct NTP server the test is very simple
The compliance report show devices not matching the rule
Detail of the specific switch compliance
After checking compliance it is possible to run some command on the devices to apply some changes and make them compliant
Netshot allows to schedule tasks like subnet scan, configuration snapshot and compliance check to automatically run the scripts
In this post I discussed only a few features of NetShot. It is possible to contribute to the project, source code is available on Github.
Netshot is easy and fast to install and configure and provides a set of tools that help a network admin to manage devices configuration. It is not meant to be a replacement of products like Cisco DNA Center or Solarwinds Orion but it is a very useful tool.
There is a feature request for LibreNMS to implement the same compliance feature of NetShot, it would be very welcome indeed.