Features enabled do not match across cluster members-juniper-junos

Features enabled do not match across cluster members-juniper-junos

Vendor: juniper

OS: junos

Description:
Indeni will identify when two devices are part of a cluster and alert if the features they have enabled are different.

Remediation Steps:
Review the licensing and enabled features or modules on each device to ensure they match.

How does this work?
The script runs the “show system license” command via SSH to retrieve the features enabled on the device.

Why is this important?
Many features require licenses to enable them.

Without Indeni how would you find this?
An administrator would need to log into each device individually and run commands necessary to get licensing information.

junos-show-system-license-features

name: junos-show-system-license-features
description: Retrieve features enabled on the SRX device.
type: monitoring
monitoring_interval: 1440 minute
requires:
    vendor: juniper
    os.name: junos
    product: firewall
comments:
    features-enabled:
        why: "Many features require licenses to enable them. \n"
        how: |
            The script runs the "show system license" command via SSH to retrieve the features enabled on the device.
        can-with-snmp: false
        can-with-syslog: false
        without-indeni: |
            An administrator would need to log into each device individually and run commands necessary to get licensing information.
        vendor-provided-management: The features enabled can be retrieved from the
            command line and GUI.
steps:
-   run:
        type: SSH
        command: show system license | display xml
    parse:
        type: XML
        file: show-system-license-features.parser.1.xml.yaml

cross_vendor_features_enabled_comparison_non_vsx

// Deprecation warning : Scala template-based rules are deprecated. Please use YAML format rules instead.

package com.indeni.server.rules.library.templatebased.crossvendor

import com.indeni.server.common.data.conditions.{Equals => DataEquals}
import com.indeni.server.rules.library.templates.SnapshotComparisonTemplateRule
import com.indeni.server.rules.RemediationStepCondition

/**
  *
  */
case class cross_vendor_features_enabled_comparison_non_vsx() extends SnapshotComparisonTemplateRule(
  ruleName = "cross_vendor_features_enabled_comparison_non_vsx",
  ruleFriendlyName = "Clustered Devices: Features enabled do not match across cluster members",
  ruleDescription = "Indeni will identify when two devices are part of a cluster and alert if the features they have enabled are different.",
  metricName = "features-enabled",
  metaCondition = !DataEquals("vsx", "true"),
  isArray = true,
  alertDescription = "Devices that are part of a cluster must have the same features enabled. Review the differences below.",
  baseRemediationText = "Review the licensing and enabled features or modules on each device to ensure they match.")(
  RemediationStepCondition.VENDOR_CISCO ->
    """|
       |1. Execute the "show feature" and "show license-usage" NX-OS commands to review the enabled features and licenses per vPC peer switch.
       |2. Both vPC peer switches should have the same licenses installed and features activated.
       |3. For more information please review  the following CISCO  NX-OS guides:
       |https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/best_practices/cli_mgmt_guide/cli_mgmt_bp/features.html
       |https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/nx-os/licensing/guide/b_Cisco_NX-OS_Licensing_Guide/b_Cisco_NX-OS_Licensing_Guide_chapter_01.html""".stripMargin
)