Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cisco ASA - Missing capture of Software Compile Date #387

Closed
jvanderaa opened this issue Mar 8, 2019 · 0 comments · Fixed by #470
Closed

Cisco ASA - Missing capture of Software Compile Date #387

jvanderaa opened this issue Mar 8, 2019 · 0 comments · Fixed by #470
Labels
enhancement PR Submitted

Comments

@jvanderaa
Copy link
Contributor

ISSUE TYPE
  • Bug Report
TEMPLATE USING

cisco_asa_show_version.template

Value VERSION (\S+)
Value DEVICE_MGR_VERSION (\S+)
Value IMAGE (\S+)
Value HOSTNAME (\S+)
Value UPTIME (.+)
Value HARDWARE (.+)
Value MODEL (\S+)
Value FLASH (\S+)
Value List INTERFACES (\S+)
Value LICENSE_MODE (.+)
Value LICENSE_STATE (.+)
Value MAX_INTF (\d+)
Value MAX_VLANS (\d+)
Value FAILOVER (\S+)
Value CLUSTER (\S+)
Value SERIAL (\S+)
Value LAST_MOD (.+)

Start
  ^.*Software\sVersion\s${VERSION}
  ^Device.+\s${DEVICE_MGR_VERSION}
  ^System image file.+"${IMAGE}"
  ^${HOSTNAME} up ${UPTIME}
  ^Hardware:\s+${HARDWARE},
  ^Model Id:\s+${MODEL}
  ^Internal.+Flash,\s${FLASH}
  ^ \d+:.\S+\s${INTERFACES}.*
  ^License mode:\s${LICENSE_MODE}
  ^.+License State:\s${LICENSE_STATE}
  ^Maximum Physical.+:\s${MAX_INTF}
  ^Maximum VLANs.+:\s${MAX_VLANS}
  ^Failover\s+:\s${FAILOVER}
  ^Cluster\s+:\s${CLUSTER}
  ^Serial Number:\s${SERIAL}
  ^.+last modified by\s${LAST_MOD}
SAMPLE COMMAND OUTPUT

Cisco Adaptive Security Appliance Software Version 9.8(3)21 <context>
Firepower Extensible Operating System Version 2.4(1.103)
Device Manager Version 7.8(2)

Compiled on Tue 07-Aug-18 23:18 PDT by builders

fw002 up 114 days 18 hours
failover cluster up 700 days 16 hours

Hardware:   FPR4K-SM-12

License mode: Smart Licensing

Licensed features for this user context:
Failover                          : Active/Active  
Encryption-DES                    : Enabled        
Encryption-3DES-AES               : Enabled        
Carrier                           : Disabled       
AnyConnect Premium Peers          : 0              
Other VPN Peers                   : 500            
AnyConnect for Mobile             : Enabled        
AnyConnect for Cisco VPN Phone    : Enabled        
Advanced Endpoint Assessment      : Enabled        
Cluster                           : Enabled        
              

Failover cluster licensed features for this user context:
Failover                          : Active/Active  
Encryption-DES                    : Enabled        
Encryption-3DES-AES               : Enabled        
Carrier                           : Disabled       
AnyConnect Premium Peers          : 0              
Other VPN Peers                   : 500            
AnyConnect for Mobile             : Enabled        
AnyConnect for Cisco VPN Phone    : Enabled        
Advanced Endpoint Assessment      : Enabled        
Cluster                           : Enabled        

Configuration last modified by thatperson at 09:15:45.959 EST Mon Dec 12 2018
SUMMARY

One thing that will be helpful is the ability to capture the Software Compile date, this is a better way to judge the age of the code rather than looking specifically at the code version. Code version alone doesn't quite give you how old it is.

STEPS TO REPRODUCE

Just a new capture.

EXPECTED RESULTS

Proposing adding the following to a PR coming soon.

Value COMPILE_DATE (\d+-\w+-\d+)

^Compiled on \w+\s+{COMPILE_DATE}.*
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement PR Submitted
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Updates as requested
Fixes 387. Added a context firewall raw input, and added parsing for …
2 participants
@jvanderaa @FragmentedPacket