Monitoring Unsaved IOS Device Changes with Nagios

It never fails:  you make a bunch of important changes to a network device, then a phone call or urgent issue interrupts you before you ‘copy run start’.  Your device runs happily along until the next unexpected power outage or IOS crash, at which point your changes go poof.  Not good if the old configuration no longer lets you access the device remotely (you do have out-of-band access, right?)

After the most recent incident of this at $DAYJOB, I wrote a plugin for our Opsview server (which runs on top of Nagios) to check the “last changed” and “last saved” times of a device using SNMP.

It’s not perfect:  notably because IOS updates the “last changed” time every time you enter/exit config mode, whether you actually made any changes or not.  This is a recipe for false positives.  Unfortunately, there’s no easy way around this without the plugin actually downloading the device configs and comparing them.  Given the multitude of authentication and other challenges this would present, I’m happy to let tools like Rancid and Solarwinds NCM solve them instead of making the plugin much more complex.

Available on GitHub here.