Skip to content
Branch: master
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

check_mk Plugin: cisco_checkconfigsecurity


The idea of this plugin is to check a local directory containing Cisco configuration files.

CONFIGROOT = "/var/rancid/"
CONFIGSUB = "/configs/"

There are some validation routines which produce a warning if they fail.

def check_exectimeout(config):


Idle Timeout

Warn if the idle timeout is not 10 minutes.

Local user accounts

Warn if there are local useraccounts configured (e.g. because it's only permitted to use a central authentication instance)

VLAN 1 usage

Because of default usage of VLAN 1 on many devices this VLAN must not be used untagged in switchports.

Remote Syslog

Checks if there are remote syslog servers configured (remote_host_A, remote_host_B and remote_host_C). Customize if you have more or less servers to configure.


Just copy the file to the directory where the check_mk_agent is looking for local plugins (e.g. /usr/lib/check_mk_agent/local)

You can’t perform that action at this time.