Specifications
18
Ridgeline Concepts and Solutions Guide
295
When you view information about the configuration files that have been uploaded for a device in the
main Configuration Manager window, the display indicates whether a baseline file exists for the device.
The Configuration Manager enables you to create baseline configurations in several ways:
● You can upload a configuration file from a device using the Upload feature, but specify that it
should be saved as a baseline file
● You can select a saved configuration file and designate it as a baseline
● You can schedule an upload of files to be used as the baseline. This is a one-time schedule, not a
repeating schedule as is done for archival uploads. This enables you to have the baseline upload
performed at a time that will minimize the impact on your network load, without requiring
administrator intervention.
The baseline functions are accessible from the Config menu of the Configuration Manager, as well as by
selecting Configuration > Tasks > Baseline from the Too l s menu. If a baseline file exists for a device,
you will be able to view the baseline file using the configuration file Viewer. If both a baseline file and
another configuration file exists for the device, you will be able to compare the two files using a
Difference Viewer, if you have one installed on your system and have configured Ridgeline to use it.
Identifying Changes in Configuration Files
If you suspect there have been changes to a device’s configuration, or if you know there have been and
want to identify them, you can compare two uploaded configuration files, or to compare a
configuration file with the baseline file for the device. using a Difference viewer through Ridgeline’s
Diff command. For example, if you suspect malicious changes, you could perform a configuration
upload for the device and then compare that file with the last archived configuration.
In order to use this feature you must have a Difference Viewer, such as WinMerge for Windows, or
sdiff for Solaris, installed on your system. You must also specify the location of the Difference Viewer
using the Difference Viewer command, available from the Too ls menu. You cannot view differences
with a standard text editor.
Automatic Differences Detection
One powerful feature of Ridgeline is available through the combination of baseline files and the
scheduled archive feature. If a baseline file exists on the Ridgeline server for a device, then when
Ridgeline uploads an archive configuration file for the device, it will automatically compare the new
archive configuration with the baseline configuration, and create a report on those differences. In
addition, if differences are detected, Ridgeline will then upload the log file from the switch, and search
for log entries that could explain or be related to the configuration change. Ridgeline includes those log
entries in the report. Based on the log entries it may be possible to identify not only when the changes
were made, but also the identity of the user that made the changes.
Figure 250 shows an example of a report generated when Ridgeline detects a difference between an
archived configuration and the baseline configuration for a device. The report is created as a PDF file,
and you can configure Ridgeline to automatically email the file to recipients you designate.