Validating a set of commands
A job with the Scan Syntax action verifies the syntax of commands in a template or in the script generated by correcting a rule. BMC Network Automation interacts with the actual device to verify the commands without changing the configuration of the device. This approach reliably verifies the set of commands against the hardware configuration, OS version, and current operating state of the device. The Scan Syntax action can also be performed as part of a Deploy to Active action.
When a Scan Syntax action reports an error, you should consider this as a potential syntax error and examine the error report, the transcript, and your script closely to verify if there really is an error. Many devices are sensitive to the features or components being enabled or created prior to being used, or to something being added when it already exists or deleted when it does not exist. The device might report a syntax error when the individual command is verified (for example, by adding a "?" to the end) that it would not report should your entire script be executed in sequence. BMC Network Automation verifies (but does not execute) each command in your script as a standalone command, free of any surrounding context you might have included in your script.
This topic includes the following sections:
For more generic information about job creation, see Creating a job.
To run a Scan Syntax action
- On the Add Job page, select Add Action > Span Actions > Scan Syntax.
Enter information in the following fields:
(Optional) Annotation assigned to the action.
Select a realm, group, multiple devices, or a single device for the Scan Syntax action. When the Network Span is Realm or Group, you can use Filter Devices to select which devices to include in the action.
When the action is triggered in an event-based policy, additional options include: Same as Triggering Realm, Same as Triggering Group, Same as Triggering Device.
- In the Configuration field, select the configuration for which to verify syntax for each device in the selected network span:
- Target: Verify the syntax of the target configuration associated with the device. This option can check any manually-entered commands in the target.
- Template: Verify the syntax of the selected template. If the template uses runtime parameters, click Params and assign values to the parameters. This option can check the manually-entered command strings in a template, and check substituted values.
- Remediate With: Verify the syntax of the script built by BMC Network Automation to make the device compliant with the selected rule sets or rules. Under certain conditions, BMC Network Automation can make the configuration compliant based on the rule grammar and device type. This option can check the manually-entered commands in the rule grammar or in the template of a corrective action, and check substituted values.
- Remediate With All Assigned: Verify the syntax of the script built by BMC Network Automation to make the device compliant with all assigned rule sets. Under certain conditions, BMC Network Automation can make the configuration compliant based on the rule grammar and device type.
Select any of the following options as relevant:
Ignore Any Rule Conflicts
If remediating multiple rules, ignore any conflicts between corrections in different rules. By default such conflicts are not ignored, and cause the action to fail to generate the compliant configuration, since conflicts usually lead to incorrect syntax or unexpected changes. Ignore conflicts only when you have verified that the conflicts would not cause syntax errors or invalid results.
Use Auxiliary Interface When the selected network span is a device, this option selects the auxiliary interface for connecting to the device. When this option is not selected or when the span is not a device, the primary interface is used.
- Click OK to add the action to the job.
The results of the Scan Syntax action can be viewed from the Job Details page. The To display the syntax errors report section shows sample Scan Syntax results for a template.
Additional information regarding remediation
Only certain Deploy to Active corrective actions in a rule are considered by a Scan Syntax span action. Any corrective action that is a Deploy to Stored, Deploy OS Image, or custom action is ignored when running a Scan Syntax action. The goal of the Scan Syntax action is to check what a Deploy to Active action would push. Thus, it looks for the Deploy to Active corrective actions and allows you to preview those scripts.
A Deploy to Active corrective action that is for an ad-hoc template is also ignored by a Scan Syntax action, since Scan Syntax does not support ad-hoc templates.
A device need not be actively in violation of a rule for that rule's Deploy to Active corrective actions to be used in generating Scan Syntax sub-actions.
The Scan Syntax span action expands into one or more Scan Syntax sub-actions, each of which checks the script resulting from one corrective action. For example, you might have selected to remediate some rules whose corrective action pushes a template and other rules that push a compliant configuration. These would be represented as two sub-actions under the top-level Scan Syntax action. You can observe this action and sub-action hierarchy on the Preview Sub-Actions and Scripts page, the Job Details page, and the Job Summary report.
To display the syntax errors report
- On the row of the completed job, click
The Job Details report is displayed. .
- In the per-device results table, select the Syntax Error link to review the errors as reported by the device in the template or compliant configuration. The link appears only if errors were detected on a particular device.
The Syntax Error report indicates which command lines have syntax errors or are not supported by the device.