DNS servers configured do not match requirement-cisco-asa

DNS servers configured do not match requirement-cisco-asa
0

DNS servers configured do not match requirement-cisco-asa

Vendor: cisco

OS: asa

Description:
Indeni can verify that certain DNS servers are configured on a specific device.

Remediation Steps:
Update the configuration of the device to match the requirement.

How does this work?
This script login into the ASA using SSH and retrieves the DNS servers configuration by using the output of the “show running-config dns” command. The output includes the list of the device’s DNS configured servers.

Why is this important?
This metric shows the list of the configured DNS servers. DNS allows a device to resolve a name to an IP address. For example, an application or website may be associated with many IP’s and DNS allows the client to use a name or FQDN to reach it. If a device is clustered then it would be expected to have the same DNS servers configured on all members of the cluster.

Without Indeni how would you find this?
An administrator would need to login into the device and use the “show running-config dns” command to identify if the DNS servers are configured.

cisco-asa-dns-servers

name: cisco-asa-dns-servers
description: ASA dns configured servers
type: monitoring
monitoring_interval: 30 minutes
requires:
    vendor: cisco
    os.name: asa

comments:
  dns-servers:
    why: |
        This metric shows the list of the configured DNS servers. DNS allows a device to resolve a name to an IP address. For example, an application or website may be associated with many IP's and DNS allows the client to use a name or FQDN to reach it. If a device is clustered then it would be expected to have the same DNS servers configured on all members of the cluster.
    how: |
        This script login into the ASA using SSH and retrieves the DNS servers configuration by using the output of the "show running-config dns" command. The output includes the list of the device's DNS configured servers.
    without-indeni: |
        An administrator would need to login into the device and use the "show running-config dns" command to identify if the DNS servers are configured.
    can-with-snmp: false
    can-with-syslog: false

steps:
-   run:
      type: SSH
      command: show running-config dns
    parse:
      type: AWK
      file: asa-dns-servers.parser.1.awk

crossvendor_compliance_check_dns_servers

// Deprecation warning : Scala template-based rules are deprecated. Please use YAML format rules instead.

package com.indeni.server.rules.library.templatebased.crossvendor.compliance

import com.indeni.server.rules.RuleContext
import com.indeni.server.rules.library.templates.MultiSnapshotComplianceCheckTemplateRule
import com.indeni.server.sensor.models.managementprocess.alerts.dto.AlertSeverity

case class crossvendor_compliance_check_dns_servers() extends MultiSnapshotComplianceCheckTemplateRule(
  ruleName = "crossvendor_compliance_check_dns_servers",
  ruleFriendlyName = "Compliance Check: DNS servers configured do not match requirement",
  ruleDescription = "Indeni can verify that certain DNS servers are configured on a specific device.",
  severity = AlertSeverity.WARN,
  metricName = "dns-servers",
  itemKey = "ipaddress",
  alertDescription = "The list of DNS servers configured on this device does not match the requirement. Please review the list below.",
  baseRemediationText = "Update the configuration of the device to match the requirement.",
  requiredItemsParameterName = "DNS Servers",
  requiredItemsParameterDescription = "Enter the DNS servers required, each one on its own line."
)()