Login banner mismatch across cluster members-juniper-junos

Login banner mismatch across cluster members-juniper-junos
0

Login banner mismatch across cluster members-juniper-junos

Vendor: juniper

OS: junos

Description:
Indeni will identify when two devices are part of a cluster and alert if the login banner setting is different.

Remediation Steps:
Review the settings of each device in the cluster and ensure they are the same.

How does this work?
This script retrieves the login banner by running the command “show configuration system login message” command via SSH connection the the device.

Why is this important?
The login banner is used to warn any illegal login attempt.

Without Indeni how would you find this?
An administrator can log in the device to run the same command to retrieve this information.

junos-show-configuration-login-message

name: junos-show-configuration-login-message
description: JUNOS show the login message in the configuration
type: monitoring
monitoring_interval: 60 minute
requires:
    vendor: juniper
    os.name: junos
comments:
    login-banner:
        why: |
            The login banner is used to warn any illegal login attempt.
        how: |
            This script retrieves the login banner by running the command "show configuration system login message" command via SSH connection the the device.
        without-indeni: |
            An administrator can log in the device to run the same command to retrieve this information.
        can-with-snmp: false
        can-with-syslog: false
steps:
-   run:
        type: SSH
        command: show configuration system login message
    parse:
        type: AWK
        file: show-configuration-login-message.parser.1.awk

cross_vendor_compare_login_banner

// Deprecation warning : Scala template-based rules are deprecated. Please use YAML format rules instead.

package com.indeni.server.rules.library.templatebased.crossvendor

import com.indeni.server.rules.RuleContext
import com.indeni.server.rules.library.templates.SnapshotComparisonTemplateRule
import com.indeni.server.rules.RemediationStepCondition


/**
  *
  */
case class cross_vendor_compare_login_banner() extends SnapshotComparisonTemplateRule(
  ruleName = "cross_vendor_compare_login_banner",
  ruleFriendlyName = "Clustered Devices: Login banner mismatch across cluster members",
  ruleDescription = "Indeni will identify when two devices are part of a cluster and alert if the login banner setting is different.",
  metricName = "login-banner",
  isArray = false,
  alertDescription = "The members of a cluster of devices must have the same login banner settings.",
  baseRemediationText = "Review the settings of each device in the cluster and ensure they are the same.")(
  RemediationStepCondition.VENDOR_CISCO ->
    """|
      |1. Use the "show banner mtod" command to display the configured MOTD banner.
      |2. Review the output of each device in the cluster and ensure that are same across the cluster.
      |3. For more information please review  the following CISCO Configuration guide:
      |https://www.cisco.com/c/m/en_us/techdoc/dc/reference/cli/n5k/commands/banner-motd.html""".stripMargin
)