Arrow down

  • impact

    Why Forward?

    Our vendor-agnostic "digital twin" of your network is the most-awarded network modeling software of its kind.

    customer stories

    See why the world’s most critical networks depend on Forward Networks

    technology

    Learn what makes our platform so powerful: header space analysis, mathematical modeling, and all about Network Query Engine

  • company

    about us

    From the four founders to the most awarded network modeling software in its class

    careers

    Learn about what makes Forward unique and find open opportunities to put your skills and career goals to work for you

arrow down

  • discover forward

    forward enterprise

    Forward Networks’ flagship product, Forward Enterprise, delivers a vendor-agnostic “digital twin” of the network, designed for both cloud and on-prem networks

    recognized by gartner

    Read the Garner Reports

    Featured in Gartner research publications and industry reports, Forward Enterprise remains at the forefront of technological innovation.

  • platform highlights

    network security

    Delivering vulnerability management, attack surface management, and stronger security posture through the digital twin model

    multi-cloud

    Gain end-to-end visibility, service assurance and continuously audit your entire cloud estate with Forward Enterprise and Forward Cloud

    network data intelligence

    True network reliability, agility, and security by collecting and organizing network data to make it useful and actionable

Arrow down

  • solutions

    overview

    Forward Networks can help solve a spectrum of network challenges. Explore by use case, technology or industry.

    federal solutions

    Forward Enterprise provides unified visibility across agency estates, ensures network resiliency, and expedites remediation

    Technology Partners

    API Integrations that enhance efficiency through seamless data exchange with the Forward Enterprise platform

    AI

    Learn how AI enhances the power of a network digital twin to deliver deeper insights, enhanced security, and smarter automation

  • solution examples

    universal iT

    Explore ways Forward Enterprise can improve Inventory management, change control, compliance + auditing, and workflow

    network security

    Delivering vulnerability management, attack surface management, and stronger security posture through the digital twin model

    multi-cloud

    Gain end-to-end visibility, service assurance and continuously audit your entire cloud estate with Forward Enterprise and Forward Cloud

    Network Operations

    Prevent configuration drift and expedite troubleshooting with unparalleled path verification

Arrow down

  • resources

    press room

    News articles, press release, and the latest downloadable content

    resource library

    Explore Forward Networks data sheets, whitepapers, ebooks, videos, and more

    events

    Talk one on one in-person or virtually with Forward product experts and technical architects

    blog

    Read the latest product updates, query tips, and customer use cases on the Forward Blog

    User Community

    Collaborate, learn, and grow: your hub for NQE, network visibility, and security.

    Customer Support Portal

    Need product support? Login to the Forward Networks Support Portal.

  • additional links

    webinars

    Join our experts as they explain solutions to current networking and cybersecurity challenges

    podcasts

    Seeking Truth in Networking: authentic conversations from the world of networking

    Get a demo
Arrow down

  • Digital Twin Technology

    What is a digital twin?

    Explore the mathematically-accurate modeling technology at the core of Forward Enterprise.

    The ROI of a Digital Twin

    The financial return on aligning your team, simplifying troubleshooting, ensuring compliance, and avoiding outages.

    Recognized by Gartner

    Read the Gartner Report

    Discover how to start increasing agility and lowering risk with network digital twin technology.

    See for yourself

    Network Digital Twin Webinar

    Top 5 network issuse a Digital Twin can solve in under a week.

    Network Digital Twin eBook

    Read Use Cases on how teams are boosting collaboration and efficiency with Digital Twin technology.

support
Get a demo
Forward Networks logo
menu
BLOG | Sep 23, 2025

Prevent Network Outages from Uncommitted Configs Using NQE

In Cisco environments, one missed write memory can spell disaster. Uncommitted changes, saved only in the running config but not in startup, can be wiped out during a reboot, causing outages and rollback failures. With Forward Networks’ Network Query Engine (NQE), teams can automatically detect discrepancies between running and startup configs across all Cisco devices, ensuring every critical change is properly saved.
Arica Beckstead
Arica Beckstead Customer Success Engineer 
Who should read this post?
  • Network engineers managing large fleets of Cisco devices
  • Operations teams responsible for configuration compliance
  • IT admins seeking to automate verification of saved device states
What is covered in this content?
  • How uncommitted configs cause risk and outages
  • An NQE script to automatically compare Cisco running vs. startup configs
  • A structured way to detect and report unsaved changes
  • How to integrate this check into your snapshot validation workflows

The Hidden Risk of Uncommitted Cisco Configs

Cisco devices don’t warn you before rebooting with unsaved changes. A missed write memory means the running config is lost—and the device reloads with an outdated startup config. That’s how critical updates disappear, outages happen, and incidents get escalated. Manually checking for this drift across hundreds or thousands of devices is tedious and error-prone.

Business Value of Config Drift Detection

  • Prevent Outages: Eliminate device reload surprises by detecting unsaved changes in advance
  • Enforce Operational Hygiene: Ensure all changes are properly committed across environments
  • Audit-Ready Insights: Capture and report drift with structure and precision
  • Scale Across the Network: Run a single query to check every device in your Cisco estate

How the NQE Script Works

This NQE script checks for differences between the startup and running configurations on Cisco devices. It filters out irrelevant lines (like timestamps or system boot info), compares both configs line by line, and reports any differences as violations.

It also labels:

  • Lines present in the running config but not in startup (uncommitted)
  • Lines present in the startup config but missing from running (removed)

Use this as a snapshot-based drift detector across your entire Cisco fleet.

Full Script Breakdown

Here’s the full NQE query provided by the Forward Networks community:

exceptionsList = [
  "Current Configuration ...",
  "",
  "boot system.*"
];

exceptions(line) = 
foreach item in exceptionsList 
where hasMatch(line, regex(item))
select line;

flatten(outer) =
  foreach list in outer
  foreach item in list
  select item;

config(device, show) =
foreach command in device.outputs.commands
where command.commandText == show
let response = parseConfigBlocks(device.platform.os, command.response)
  let text = (foreach line in response
      let lines = if length(line.children) == 0
          then [line.text]
          else [line.text] + flatten(foreach line1 in line.children
               select if length(line1.children) == 0
                   then [line1.text]
                   else [line1.text] + flatten(foreach line2 in line1.children
                        select if length(line2.children) == 0
                            then [line2.text]
                            else [line2.text] + flatten(foreach line3 in line2.children
                                 select if length(line3.children) == 0
                                    then [line3.text]
                                    else [line3.text] + flatten(foreach line4 in line3.children
                                         select if length(line4.children) == 0
                                            then [line4.text]
                                            else [""]))))
            foreach item in lines
            where item not in exceptions(item)
            select item)
foreach line in text 
select line            
;
foreach device in network.devices
let runningConfig = config(device, "show running-config")
let startupConfig = config(device, "show startup-config")
let uncommitted = runningConfig - startupConfig
let removed = startupConfig - runningConfig
select {
  violation: runningConfig != startupConfig,
  device: device.name,
  os: device.platform.os,
  uncommitted,
  removed
}

The output flags any differences and labels the device with a "violation": true tag if drift is detected. You can use this data for ticket generation, dashboards, or alerting workflows.

Check out the original Forward Networks community post to copy the full script and review usage tips:
Prevent Outages from Uncommitted Configs: Using NQE to Compare Cisco Running and Startup Configs

Industry Recognition

Winner of over 20 industry awards, Forward Enterprise is the best-in-class network modeling software that customers trust

Visit our press roomHear from Gartner

Customers are unanimous:
Forward Enterprise is a game-changer

From Fortune 50 institutions to top level federal agencies, users agree that Forward Enterprise is unlike any other network modeling software

Evaluate the reviewsChat with an expert

Most Recent

Browse all posts

Subscribe to our newsletter

Make sure you don't miss a post by signing up here for our monthly 'Moving Forward' newsletter
Top cross