OS name mismatch across cluster members-paloaltonetworks-panos
Indeni will identify when two devices are part of a cluster and alert if the OS installed is different.
Install the correct versions of software on each device.
How does this work?
This script uses the Palo Alto Networks API to retrieve the software name and version installed on the device. indeni then compares the result to the same script run on other members of the same cluster.
Why is this important?
Two or more devices which operate as part of a single cluster must be running the same version of software.
Without Indeni how would you find this?
Manual tracking by an administrator is usually the only method for knowing when two devices are not running the same version of software.
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/parsers/src/panw/panos/show-system-info-monitoring.ind
// Deprecation warning : Scala template-based rules are deprecated. Please use YAML format rules instead. package com.indeni.server.rules.library.templatebased.crossvendor import com.indeni.server.rules.RuleContext import com.indeni.server.rules.library.templates.SnapshotComparisonTemplateRule import com.indeni.server.rules.RemediationStepCondition /** * */ case class cross_vendor_compare_osname() extends SnapshotComparisonTemplateRule( ruleName = "cross_vendor_compare_osname", ruleFriendlyName = "Clustered Devices: OS name mismatch across cluster members", ruleDescription = "Indeni will identify when two devices are part of a cluster and alert if the OS installed is different.", metricName = "os-name", isArray = false, alertDescription = "The members of a cluster of devices must have the same OS's installed.\n\nThis alert was added per the request of <a target=\"_blank\" href=\"http://il.linkedin.com/pub/gal-vitenberg/83/484/103\">Gal Vitenberg</a>.", baseRemediationText = "Install the correct versions of software on each device.")( RemediationStepCondition.VENDOR_CISCO -> """| |1. Check that the vPC peers have the same NX-OS version except during the non-disruptive upgrade, that is, In-Service Software Upgrade (ISSU). |2. Execute the "show version" NX-OS command and check the installed NX-OS version across the vPC peer switches. |3. Schedule a Maintenance Window for NX-OS upgrade in order the vPC peer switches have exact the same NX-OS version. |NOTE: The vPC could be established between the vPC peers with not exact the same NX-OS name but several problems will be faced when new features are configured. For instance FEX-mismatch SW log message will be generated if you try to connect a FEX via vPC to a pair of vPC switches with different SW version. In this case the FEX will be operational only from one of the vPC peer switches.""".stripMargin )