Use Case


Network Configuration Management
Powered by StackStorm

Situation: A Network Operator Makes a Change

  • A network operator makes a change to the configuration of a network device but may not have thought to reflect that change in the configuration management database (CMDB).
  • A monitoring Syslog service like Solarwinds, ELK Stack or Splunk would capture and log the change but not perform any CMDB query to ensure consistency.
  • Over a period of time a "Configuration Drift" will develop whereby the actual configuration of various network devices and the CMDB configuration data will differ.
  • Ultimately, there are potentially serious security and compliance risks introduced by an accumulating "Configuration Drift" in the absence of a more automated approach to ensuring the actual and intended configurations are accurately reflected in the CMDB.

Manual Change Management

The Conventional Workflow Approach

Manual Process: 2-4 Stressful Hours for Network Operations (see Figure 1 below).

A user recognizes that a service has gone down and creates a ServiceNow ticket. Service Ops assigns the ticket to NetOps with a Priority 1.

NetOps team members now manually start diagnostics, discovering that an interface is down. Remediation action is performed to bring up the interface.

NetOps team now either updates the ticket if successful or continues running diagnostics to discover why the interface went down, staying as a priority level 1 task. The ServiceNow record is then updated and closed.

Figure 1 – Manual Interface Outage Response's Composer Solution provides a completely automated solution to this problem. Orchestral Composer's event-driven architecture can automatically execute a "Configuration Drift" workflow in response to the "event" of a change in the configuration of a network device.  Composer's event-driven architecture ensures that any configuration change is captured and synchronized with the Configuration Management Database (CMDB) upon operator approval and in accordance with applicable policies.
Maestro + Composer: 20-40 Stress Free Seconds (see Figure 2 below).

Automated Change Management

Figure 2 – Maestro + Composer Automated Event Driven Network Remediation

Composer Event-Driven Change Management

  1. Composer monitors the Syslog service, such as SolarWinds, ELK Stack, Splunk or similar for the specific "event" of a configuration change.
  2. Once a config change has been detected, Composer will initiate a "Config Drift" workflow that begins with a query check of the Configuration Management Database (CMDB).
  3. Composer retrieves from the CMDB the stored configuration of the target (i.e changed) device and brings this data into the "Config Drift" workflow.
  4. Leveraging the hundreds of available device integrations, Composer will then extract the running config of the target/changed device.
  5. Next, Composer performs a diff to compare the stored device configuration against the changed device configuration with the result captured for audit purposes.
  6. Composer will then prompt the operations team via Chatops, email or similar alerting tool to make them aware of the change and provide them an opportunity to decide which config to retain.
  7. Should the operations team choose to retain the CMDB config, then Composer will create an IT Service Management (ITSM) ticket with high priority to replace the running config with the stored CMDB config.
  8. If the operations team chooses to retain the changed config, then Composer will update the CMDB with the changed config to ensure that the actual running config is correctly captured in the CMDB.
  9. Finally, the audit trail of this operation is saved by Composer by opening an ITSM ticket and attaching the related data.

Composer Benefits

Increased network security
All network devices are automatically kept in compliance with security policies and best practices, reducing risks and costs while saving time.
Full audit visibility
The full scope of device config changes are captured along with operator interventions to ensure audit visibility and policy compliance.
Reduced troubleshooting time
With real-time awareness of changes in device configurations, operators no longer need to invest time searching for the source of config changes.

Getting Started

Orchestral's solutions are available as free 30-day Proof of Value evaluations. To get started, just click the "FREE TRIAL" button at the top of this page and complete the Trial Request Form. If you'd like to see a demo first, just click the "Book a Demo" button below to book a date/time that works best for you. Otherwise, you can get started by emailing us at

Ready to see for yourself?

We'd love to show you how enables you to address a broad spectrum of orchestration & automation challenges.
Book a Demo