Just for anyone interested in the final design I came up with, it is outlined below:
- I watch the active flows file, if it changes, say from a deployment, the following steps done
- Capture the 'global' flow details, md5 sum them, save this in database if unique
- Capture each 'flow' tab content, md5 sum each in turn, if different from those in database, add to database
- Audit phase looks for changed global md5 and any changed per flow md5 sums, for a given device, if either has changed from past history, i.e. what is expected from a declared 'standard' for global/flows md5 sums, applicable notification is done
All data used for md5 sum calculations is pulled via the Admin API.
I would publish the flow, but since it has several SQL queries and depends on SQL database structure unique to the solution, not sure it would be of benefit. What is interesting, is that if I wanted to save the flow and global content, data, this could be enhanced to be the basics of a per flow incremental backup/restore solution. Not to say that capture of the entire flows file in total is not completely legit as well for backup and restore efforts.
