I'm having issues with writing "Advanced Custom Criteria" that works to run compliance checks on each port of a Cisco switch.
Basically, I would like to write the criteria to check if an interface has all the correct ISE configuration on each port unless an exception for that port is met.
I feel a screenshot of my current compliance rule would explain this the best. I want it to check every config block that starts with "interface GigabitEthernet" and ends with a !
Unless the description in that config block has the words "*NO ISE*" within it, then compliance check should skip this config block.
I'm just describing my method I'm attempting but I'm open to any other ideas or methods the community has.
-Has anyone else done this before? if so, how?
-Is there anything wrong with my method that's causing it not to work?
-The config block part works if the port has ISE configured but I cannot get the exception to work.
-I may need to use regular expressions in my criteria to create wildcards to make it match correctly?
thanks in advance!