I have created playbooks for Ansible Network Device Backups. It is important to keep your device configurations backed up in the event of a hardware failure. Check out my GitHub for these Ansible playbooks. Some folks are starting to use Git for device backups as it provides diffs and backup capability. For those who don’t have this kind of infrastructure available to them, I have written some playbooks that will do local backups to .txt files that can be displayed on a web server for easy browsing. In some environments IT Security won’t allow configs to be backed up in a cloud setting or have other requirements, so this allows network administrators to host their backups on any internal Linux box they can run Ansible on.
These jobs backup the device, clean up dynamic pieces of the config like last configuration time, and other bits that might normally change from day to day (to prevent false positives on config changes), and outputs a diff as a .html file by comparing today’s backup with yesterday’s. If there are changes since yesterday, the job dumps the .html colored diff file out to a directory on your AWX/Ansible host as well.
I like to throw these up on an Nginx web server with a basic username and password to view since there can be sensitive information. This makes viewing easy, and you can also quickly grep through the backups on the server to monitor compliance in your configurations or look for bad config settings.
https://github.com/bile0026/Palo_Alto_Backups