Debug mode enabled-juniper-junos
Vendor: juniper
OS: junos
Description:
Indeni will alert if one of the debug mechanisms on a device is enabled when the default is for it to be disabled.
Remediation Steps:
Turn off the debug as soon as possible.
How does this work?
This script identifies which component is enabled with traceoptions by running the command “show configuration | display set | match traceoptions” via SSH connection to the device.
Why is this important?
Traceoptions are enabled for debugging purpose to troubleshoot some issues. But the traceoptions also have negative impact on the device.
Without Indeni how would you find this?
An administrator could log on to the device to run the command “show configuration | display set | match traceoptions” to collect the same information.
junos-show-configuration-display-set-match-traceoptions
name: junos-show-configuration-display-set-match-traceoptions
description: JUNOS identify which component is enabled with traceoptions
type: monitoring
monitoring_interval: 10 minute
requires:
vendor: juniper
os.name: junos
product: firewall
comments:
debug-status:
why: |
Traceoptions are enabled for debugging purpose to troubleshoot some issues. But the traceoptions also have negative impact on the device.
how: "This script identifies which component is enabled with traceoptions\
\ by running the command \"show configuration | display set | match traceoptions\"\
\ via SSH connection to the device. \n"
can-with-snmp: false
can-with-syslog: false
steps:
- run:
type: SSH
command: show configuration | display set | match traceoptions
parse:
type: AWK
file: show-configuration-display-set-match-traceoptions.parser.1.awk
cross_vendor_debug_on
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/crossvendor/cross_vendor_debug_on.scala