Cisco sanitizing configuration tool. It removes passwords, keys, certs and other sensitive data from text config files.
Use this tool to sanitize extracted configurations files before you send them to audit (Ex: TAC)
'show tech-support' is good, but sometimes you need to remove more sensitive data from the configurations
This tool will scan a folder with all its sub-folders and sanitize every file from that tree.
But it will never modify the source files, instead it will create another folder with sanitized files.
Info: The result will be another folder next to the source called "<configurations folder>_sanitized"
To change the file search filter modify "SET FILTER=" in script file
To add/modify/remove sanitizer syntax edit the awk file inside bin folder
Usage: cisco-config-sanitizer.bat "<configurations folder>"
If there are sensitive data still leaking after sanitizing, please let me know.
Right now it does fit my needs, but may or may not yours ;)
Features
- Works with multiple Cisco devices config files (Routers/Switches/Firewalls)
- Removes known sensitive data from config files
- Doesn't alter source files. Always creates a new folder with sanitized files
- Command line tool