Debug mode enabled-cisco-nxos
Vendor: cisco
OS: nxos
Description:
Indeni will alert if one of the debug mechanisms on a device is enabled when the default is for it to be disabled.
Remediation Steps:
Turn off the debug as soon as possible.
How does this work?
This script logs in to the Cisco Nexus switch using SSH and retrieves the status of running debugs. In normal operation there should not be any debugs enabled.
Why is this important?
Enabling debugging on a Cisco Nexus device enables the system administrator to get low-level information about the system’s operation. This functionality is often used for troubleshooting and it has a high potential impact on CPU utilization and system stability. It is highly undesirable to keep debugging enabled for extended periods of time.
Without Indeni how would you find this?
An administrator would detect enabled debugging by logging in to the device or by monitoring syslog messages in case debug level logging has been enabled.
nexus-show-debug
name: nexus-show-debug
description: Nexus show debug
type: monitoring
monitoring_interval: 59 minutes
requires:
vendor: cisco
os.name: nxos
comments:
debug-status:
why: |
Enabling debugging on a Cisco Nexus device enables the system administrator to get low-level information about the system's operation. This functionality is often used for troubleshooting and it has a high potential impact on CPU utilization and system stability. It is highly undesirable to keep debugging enabled for extended periods of time.
how: |
This script logs in to the Cisco Nexus switch using SSH and retrieves the status of running debugs. In normal operation there should not be any debugs enabled.
can-with-snmp: false
can-with-syslog: true
steps:
- run:
type: SSH
command: show debug
parse:
type: AWK
file: show_debug.parser.1.awk
cross_vendor_debug_on_vsx
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/crossvendor/cross_vendor_debug_on_vsx.scala