Thu, Apr 06, 2023 at 12:11:26PM +0000, Adam Thompson: > Just a reminder that the "set" output cannot always be uploaded directly to a > PA in a disaster scenario, only the XML can be used for that. You can try to > paste in the "set" output through either the serial port or an SSH session > once you have a network, but that is known to not always work 100% on all > versions of PAN-OS. (The commands are not always generated in the correct > order, and outright circular dependencies often exist.) > > OTOH, good luck having a human read and understand XML or JSON diffs, so > you're kind of stuck between a rock and a hard place... > > We used to solve this by backing up the same config twice, once in each > format. PITA but it worked.
There is probably a hack that can be used to collect both. the easiest way would be a 'show config running' command that is slightly different in its text, such as an additional argument. "show config running | no-more". Is there such a thing? Anything else will require changes to how rancid manages the command list, so that it doesnt drop the duplicate. _______________________________________________ Rancid-discuss mailing list [email protected] https://www.shrubbery.net/mailman/listinfo/rancid-discuss
