Skip to content

App Overview

This document provides an overview of the App including critical information and import considerations when applying it to your Nautobot environment.

Note

Throughout this documentation, the terms "app" and "plugin" will be used interchangeably.

Description

The Operational Compliance app for Nautobot helps network teams avoid the "it was working before" problem by providing clear evidence of what changed and how. By comparing device state before and after changes, teams can quickly identify if their modifications broke critical services or introduced unexpected behavior.

Users define check definitions that specify a target platform, platform-specific commands to run (e.g., show ntp status for Cisco IOS, show ntp associations for Arista EOS), and comparison logic using check types like EXACT_MATCH, TOLERANCE, or REGEX. The app supports both structured data (via NAPALM getters) and CLI output (via TextFSM templates) with JMESPath expressions, more specifically the customized JMESPath implementation created in jdiff for data extraction.

The checks can be grouped into check groups for more complex validation workflows. Since the app uses the Nautobot Jobs feature, both the checks and the comparisons can be scheduled or audited. The checks can be imported from a Git repository, or created manually.

Audience (User Personas) - Who should use this App?

This app is designed for network engineers and automation engineers who need to validate the operational state of network devices before and after changes. It could also be used by network security teams to audit the impact of changes.

Nautobot Features Used

The app introduces the following data models:

  • Check
  • Check Command
  • Check Group
  • Check Output
  • Check Result

The app uses the following Nautobot features:

  • Device Inventory & Platform Models
  • REST / GraphQL API
  • Jobs
  • Git Data
  • Custom Fields

The app uses the following Nautobot plugins: