Operational Defect Database
BugZero updated this defect 58 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
VMware | 324738
VoyenceControl: How do I capture sections of config with preconditions when there are no obvious boundaries between sections?
Last update date:
3/22/2024
Affected products:
Smart Assurance - NCM
Affected releases:
No affected releases provided.
Fixed releases:
No fixed releases provided.
Description:
Symptoms
How do I capture sections of config with preconditions when there are no obvious boundaries between sections?Building regex tests against Nortel VLANsBuilding regex tests against Cisco access lists
Resolution
An example of a configuration section with no "obvious" boundaries can be seen in Nortel VLAN or Cisco CatOS access list configurations. There are no decisive or obvious boundaries to build your begin-with and end-with patterns against to properly split the groupings. For example, Nortel VLAN configurations will begin after a comment line, will have groupings of one or more lines prefixed with the same VLAN number, will only roll the VLAN number between groupings, and then end with another comment line: #vlan 1 option onevlan 10 option onevlan 10 option twovlan 10 option threevlan 20 option onevlan 20 option two# In comparison, Cisco IOS interfaces are simple to split because they always start and end with "interface" and "!" respectively. These boundaries are obvious: !interface ethernet 1/10 desc my interface!interface ethernet 2/10 desc my interface! In order to separate and process each vlan grouping from the vlan example, you can use the following syntax in your precondition: Begin-with: ^vlan (\d+) End-with: ^((?!vlan \1 )"#) This makes use of a capture group, a negative lookahead and a back reference . The VLAN number is captured in the begin-with precondition via "(\d+)". The end-with precondition uses a negative lookahead "(?!)" to match anything that is not "vlan \1". The back reference "\1" recalls the characters matched by the first capture group. By using the back reference inside the negative lookahead, the end-with pattern will only stop grouping at a VLAN line that is not the same VLAN number matched from the begin-with pattern, or a trailing comment line. It has the affect of splitting the example configuration into three pieces: vlan 1 option one vlan 10 option onevlan 10 option twovlan 10 option three vlan 20 option onevlan 20 option two From here you can begin crafting check patterns and remedies to process against the VLAN groupings, but there are a few other things that allow this to work that should be pointed out: The beginning-of-line anchor "^" is used to make the pattern only match from the beginning of the line. This practice is done to overcome situations where the pattern you want to match also appears in an unrelated section of the config further down. In the negative lookahead "(?!vlan \1 )" note that there is a space after the back reference "\1". Without this, there is the potential pitfall that the VLAN number from the capture group would match a subset of a following VLAN number that is in fact different. The example exhibits this scenario; without the space added the precondition would group VLAN 10 with VLAN 1 because both begin with "vlan 1". The ""#" piece of the pattern means to alternatively match a comment "#". It is isolated from the negative lookahead to allow the lookahead to only concern itself with not matching the same VLAN number. If the alternation was inside the lookahead, the precondition would group the entire VLAN section together because it could continue matching lines that did not begin with "#".
Related Information
Regex or RegEx stands for Regular Expression.More information on Regex syntax is available in the VoyenceControl Online User's Guide under the topic "Using RegEx". Please see Solution ID 11362 for details on how to access and search the VoyenceControl Online User's Guide.
