R12.1-JA-2025June05

Define and Test

In the Define and Test window, you can edit the retrieved config to make changes to the Golden Config. And define match pattern rule, message & severity, apply-to-device, instance condition for the Golden Config verification.

  1. Add a Name to the Golden Config.
  2. Golden Config Template: While creating the Golden Config, the configuration data is brought over for adjustments. And you can replace the data with parameters/variables to enhance the template matching capability:

    • Match Pattern: Define the pattern to compare target config against the golden config template. The functionality is same as in NI.
    • Insert Parser Variable: You can replace certain data with a variable from the current Config Parser.
    • Insert Golden Parameter: You can insert a variable from the golden parameter (Base Parameter or Config Parameter) that is defined based on match condition. To create additional conditions in the config template, set the variables sourcing from the ADT.
      1. Select  an config parser from the left side of the pane, go to Input Variable Setting and open the menu .
      2. Click Select ADT and choose an ADT Table.
      3. Choose a column to be used as the Device Column from the drop-down menu.
      4. Pair the ADT column with the variable in the parser table, to pass the value.

        5. The final Golden config Template will be:

  3. Template Settings: In the Template Settings, you can define the Alert Message, Success Message, applicable device groups, and applicable instance condition for the current Golden Config Template.
    1. Alert Message: The severity level can be defined to display whenever an alert is generated. Security levels are categorized into Severity1 and other levels.
    2. Success Message: Define the Success Message to appear upon successful completion.

      3. Both the Alert Message and Success Message can include the main variables such as Parser Variable, Golden Parameter Information, ADT Table Variables, Match Pattern Return Values.

    3. Apply to Device: Define the applicable devices via selected device group. The current template will be applied to these devices.

    4. Apply to Instance: Only the instances matching with this condition will be verified against the golden config template.
      You can configure the condition with variables from ADT to enhance the data from the parser table. To use the data from ADT, define the key from the ADT and parser table and pair them together. Multiple keys can be configured to specify the correspondence with parser table.

  4. Test Golden Config: Select the devices from the following data sources for testing and view the results.
    1. Select the devices from:
      • From Other Devices: Choose from the system's standard device selection window.
      • All Devices in Scope: Select all devices within the current Apply to Device Scope for testing.
    2. Upon selection of the test devices, Click Test to verify the data from the current baseline against these devices. The result will be displayed as X Alerts on Y Devices along with the Verified Time.

      Instance: If the instance is set with multiple Table Columns as the Instance Key, it will be displayed as (value1, value2).

  5. View Test Results: Select an item from the results to display the matching patterns between Target Config and Golden Config computed for the device.
    Matching pattern lines will be highlighted in green color and the the unmatched pattern lines will be highlighted in red color.

    6. On the right side, Template Parameter displays the values of the current Variable used in the Golden Template, including the parser variables and golden parameters. The results will be displayed with the comparison between the target Variable of the current Device and the Golden Config computed for the device using Match Patterns.

  6. Log Information: You can access the log information from Execution Log. It includes the instances that did not match the filter conditions and a corresponding message to facilitate troubleshooting will be printed.
  7. Export: The displayed and filtered results can be exported as a csv file using the feature .
  8. Map: You can draw the devices from the results pane to the map and view the device information. It will display the devices with alerts, and other device information to look into.
  9. View Retrieve Data: You can view all the data retrieved from the parser variable, base parameter and ADT. It will be easy to understand the variables reason for the matching devices.
  10. Add to Device Group: This function will add the devices listed in the results to a group. You can filter the results by alerts or severity and then add them into a device group.

The final Define and Test Golden Config will be:


Method 2: Reverse Engineering from Group of Devices Golden Config Pane on Map