ncat_report.1p

Langue: en

Version: 2004-08-05 (debian - 07/07/09)

Section: 1 (Commandes utilisateur)

NAME

ncat_report - produce reports from ncat output.

SYNOPSIS

ncat_report [OPTIONS] xxx.ncat_out.txt [yyy.ncat_out.txt ...]

DESCRIPTION

ncat_report reads a rules file (default /etc/ncat.conf) and one or more ncat output files. It produces text and HTML reports ($config.html, $config.ncat_report.txt) listing rules violations found per the config file. It also produces ``fix'' files ($config.ncat_fix.txt) that are suitable for cut-and-pasting to fix problems identified where possible.

OPTIONS

-r, --rules
The "--rules" flag allows the specification of an alternate rules file.
-s, --sortorder=value
The "--sortorder" flag allows the specification of the field that reports are sorted by. Possible values are ``importance'' (default), ``passfail'',``rule'',``device'',``line'',``instance''.
-V, --version
The "--version" option displays the current program version.

RETURN VALUE

0 - success >0 - some error occurred

FILES

  $config                        - the config file that was pulled
  $config.ncat_out.txt           - a passwd style file with raw results
  $config.ncat_fix.txt           - commands to correct problems found
  $config.ncat_report.txt        - a simple text report with statistics
  $config.html                   - an HTML version of the report w/fixes
  rules.html                     - an HTML version of the rules applied
  index.html                     - an index of the rules and html files
 
 

NCAT OUTPUT FILE SYNTAX

The ncat output file is formatted to be friendly for import to spreadsheets and databases. It is series of colon delimited records, one per line. The first line contains field names. Each succeeding line contains individual records. Lines beginning with ``#'' are comments and should be ignored.
Individual fields are
"
  Config:type:rule:Instance:Line "

where
     * Config is the name of the config that was checked.
 
 
     * Type is "Forbidden" to indicate that a forbidden rule was found
       or "Required" to indicate that a required rule was missing.
 
 
     * Rule is name of the rule per the ncat rules file.
 
 
     * Instance defines, for non-global rules, which instance
       of a class (lines, interfaces) violated the rule, for
       example "Serial0/0" or "vty".
 
 
     * Line indicates the line of the original config where
       the violation was detected.
 
 

CAVEATS

BUGS

Yes.

SEE ALSO

   bin/ncat_report               - this program
   bin/rat                       - audit tool main program
   bin/router-snarf              - the config puller
   bin/ncat                      - the audit tool
   etc/ncat.conf                 - file containing audit rules
 
 

AUTHOR

George M. Jones <gmj@users.sourceforge.net>

CREDIT WHERE CREDIT IS DUE