ciscoconfd [ -s facility ] [ -p pidfile ] [ -u user
] [ -g group ] [ -t seconds ] -r program logfile...
This program has been compiled successfully on FreeBSD 2.2.6-RELEASE, Linux
RedHat 4.2, Solaris 2.5.1, IRIX 5.3 and HP/UX 10.20. Feedback regarding other
platforms is welcome.
ciscoconfd will tail a number of specified log files, which contain lines
in syslog format originating from a Cisco router. Whenever a line containing
the magic token `%SYS-5-CONFIG_I' is found, an external process is
spawned to retrieve the configuration.
ciscoconfd is very light on system resources, and spends
the vast majority of its time sleeping. In between successive reads of log
files, file descriptors are freed. Log rotation is dealt with in an elegant
This external process is passed two parameters: the first
indicates the name of the router which logged the configuration change, and
the second is the entire log message containing the magic token.
Options for ciscoconfd are as follows:
ciscoconfd sends log messages to the specified syslog facility using the
- -s facility
- Set the syslog facility to which ciscoconfd will send its own diagnostic
messages. Default is "daemon". See "LOGGING"
- -p pidfile
- Instructs ciscoconfd to store the pid of the log-monitoring child process
in decimal in the named file. If not specified, no pid file will be
- -u user
- Causes ciscoconfd to set the uid of the log-monitoring child process to
that of the specified username or decimal uid. If not specified, the uid
when invoked will be preserved.
- -g group
- Causes ciscoconfd to set the gid, similarly to the option. If not
specified, the gid when invoked will be preserved.
- -t interval
- Sets the interval between searches of the log files to the specified
number of seconds. Defaults to 600 seconds (10 minutes).
- -r program
- Sets the retrieval program to the specified fully-qualified pathname. This
program will be executed whenever a configuration change has been logged
by a router. See ciscoconfr(8) for an example retrieval program. This
parameter is mandatory.
ciscoconfd -s local6 -t 60 -r /usr/local/bin/ciscoconfr /var/log/cisco.log
- Too much detail; probably not worth storing unless there is a
- Informational messages relating to routine operation, such as noticing
when a log file has rotated, or spotting a configuration change.
- Messages relating to non-fatal (but undesirable) conditions, such as a log
file being mysteriously absent.
- Messages relating to badly-phrased command-line options.
- Serious messages relating to fatal problems, e.g. an inability to allocate
store or to fork.
ciscoconfd -s local3 -p /var/run/ciscoconfd.pid -t 60 -r
1.00 (6 Apr 1998)
More recent versions may be available; check for details at
If a router configuration has changed several times within the specified
interval, it will only be fetched once. The log message passed to the
retrieval program corresponds to the first "%SYS-5-CONFIG_I" entry
found for a particular router.
Joe Abley <firstname.lastname@example.org>