Cisco IOS Embedded Event Manager (EEM)

(system) #4

can I use my Hotmail email ?

(Rene Molenaar) #5

EEM requires a smtp server that you can use to deliver e-mail to. It’s best to use the SMTP server of your ISP or install one within your network.

(system) #6

thanks Rene, I used my company email (SMTP server) but I have got an issue that I attached before , I will do further search in Google
thanks for your help ,

(Rene Molenaar) #7

Make sure that your router can reach it (try this by pinging the IP address of the SMTP server) and see if it can resolve the hostname (ping the SMTP server address).

When that works, see if you are allowed to connect to it…just try a “telnet 25”. When it connects you know that the problem is not on your router. Maybe you are not allowed to send e-mail through the SMTP server…

(system) #8

thanks Rene,

i got the concept so easily. I tested all the above example in GNS3 and its working fine.I will able to tune some configuration and see them in action.

(Rene Molenaar) #9

Hi Akhilesh,

You are welcome. If you understand the concept and some simple examples then you are set. You’ll be able to make more complex examples as well…

Rene

(Thomas K) #10

Rene,

Great lesson as always. Can you please elaborate a little more on what these two commands in fact do in one of the examples above?

 

action 3.0 puts "$_cli_result"
action 4.0 set $_exit_status "0"

Also I thought the following below stated to execute the command (not the "0")?
action 4.0 set $_exit_status "1"

Many thanks,
Thomas
(Rene Molenaar) #11

Hi Thomas,

Glad to hear you like it :slight_smile: Let’s take a closer look at this config:

event manager applet SHOW_RUN_NO_INTERFACES
event cli pattern “show run” sync yes
action 1.0 cli command “enable”
action 2.0 cli command “show run | exclude interface”
action 3.0 puts “$_cli_result”
action 4.0 set $_exit_status “0”

Let’s take a look at it line-by-line:

event cli pattern “show run” sync yes

We want to match the “show run” command so that’s out pattern. The “sync yes” part means that EEM will run before this command is executed.

action 1.0 cli command “enable”
action 2.0 cli command “show run | exclude interface”

These are the commands that we will run when we have a match for “show run”. We go to enable and then run “show run | exclude interface”.

action 3.0 puts “$_cli_result”

This line is required to print the output of the commands we run to the active TTY, we need it since we want to see the output of “show run | exclude interface”.

action 4.0 set $_exit_status “0”

The exit status determines if we want to run the command or not. If you set this to 0, then we don’t run the “show run” command. If you set it to 1 then it will run “show run”.

In our example, we don’t want the user to run “show run” but we want them to see “show run | exclude interface” instead. That’s why you need the 0, we need to prevent them from running “show run”. If you set it to 1 then “show run” will also be executed.

Does this help?

Rene

(Roland W) #12

great job on explaining the exit_status Rene! I can across a question that mentioned entry_status. Any explanations or examples on “entry_status”

(Rene Molenaar) #13

Hi Roland,

I don’t have an example but entry status can be used to check if a previous policy has ran before. There are three possible values:

0: previous policy was succesful
not=0: previous policy failed
undefinded: no previous policy executed

So I guess you can run a script and check for the result of a previous script, Based on results of the first script a variable will be set and you can use this in your script.

Rene

(Mohan B) #14

Excellent Lesson Keymaster!! More and More I dig excellent lessons here, I wish how much it would be useful to see final configuration, LIKE you have in some of the lessons. I know it would be lot of tasks but that was really helpful feature.

(Rene Molenaar) #15

Hi Mohan,

Good to hear you like it. For all new lessons I’m uploading the final configurations and someone is helping me to create them for my older material. It will be added later :slight_smile:

Rene

(shaun y) #16

Hi rene

I can’t see the whole command for CLi Event example action 3.0 and 4.0 could you please print the full command as i’m trying to learn how this works thanks.

(Rene Molenaar) #17

Hi Shaun,

What exactly would you like to see?

Rene

(UMANG S) #18

As you mentioned that EEM can be very useful in real life examples like hiding a username/password or encrypted the plain text password. Can you show an example where you can hide or encrypt the plain text password in EEM script?

(Rene Molenaar) #19

Something like this could do the job:

event manager applet SHOW_RUN_NO_PASSWORD
 event cli pattern "show run" sync yes
 action 1.0 cli command "enable"
 action 2.0 cli command "show run | exclude password"
 action 3.0 puts "$_cli_result"
 action 4.0 set $_exit_status "0"

Rene

(ALFREDO V) #20

Hi Rene,

Is there any way to configure on layer 3 switches an script to shut down ports and enable ports on a schedule basis.

(Lazaros Agapides) #21

Hello Alfredo

Yes, it is possible to shutdown and enable specific ports based on time. The following example may shed some light on this:

When using EEM, you must create two applet timer policies, one to “shutdown” and the other to “no shutdown”. In the following example, the port will be shutdown every day at midnight, and brought back up every day at 8 am.

event manager applet shutdown_port
event timer cron cron-entry "0 0 * * *"
action 1.0 cli command "enable"
action 2.0 cli command "config t"
action 3.0 cli command "interface FastEthernet1/0/1"
action 4.0 cli command "shut"
action 5.0 cli command "end"
action 6.0 syslog msg "Interface FastEthernet1/0/1 has been shutdown"

event manager applet noshut_port
event timer cron cron-entry "0 8 * * *"
action 1.0 cli command "enable"
action 2.0 cli command "config t"
action 3.0 cli command "interface FastEthernet1/0/1"
action 4.0 cli command "no shut"
action 5.0 cli command "end"
action 6.0 syslog msg "Interface FastEthernet1/0/1 has been restored"

Keep in mind that this will work only if you are running IOS 12.2(40)SE or higher. Also it’s a good idea to have NTP configured on the switch when implementing time based scripts.

I hope this has been helpful!

Laz

(ALFREDO V) #22

Hi Lagapides,
I follow the steps you provided but it doesn’t work. See what I collect.

show clock: 16:19:24.374 PDT Fri Mar 17 2017
Version 12.2(53)SE2

TEST#sh event manager policy registered
No.  Class     Type    Event Type          Trap  Time Registered           Secu  Name
1    applet    user    timer cron          Off   Fri Mar 17 16:17:07 2017  none  shutdown_port
 cron entry {18 16 * * *}
 maxrun 20.000
 action 1.0 cli command "enable"
 action 2.0 cli command "config t"
 action 3.0 cli command "interface gigabitEthernet 0/3"
 action 4.0 cli command "shut"
 action 5.0 cli command "end"
 action 6.0 syslog msg "Interface FastEthernet1/0/1 has been shutdown"

2    applet    user    timer cron          Off   Fri Mar 17 16:17:19 2017  none  noshut_port
 cron entry {20 16 * * *}
 maxrun 20.000
 action 1.0 cli command "enable"
 action 2.0 cli command "config t"
 action 3.0 cli command "interface gigabitEthernet 0/3"
 action 4.0 cli command "no shut"
 action 5.0 cli command "end"
 action 6.0 syslog msg "Interface FastEthernet1/0/1 has been restored"

Please advise

(Rene Molenaar) #23

I just tried this in Cisco VIRL and it is working here:

event manager applet shutdown_port
 event timer cron cron-entry "57 12 * * *"
 action 1.0 cli command "enable"
 action 2.0 cli command "config t"
 action 3.0 cli command "interface FastEthernet1/0/1"
 action 4.0 cli command "shut"
 action 5.0 cli command "end"
 action 6.0 syslog msg "Interface FastEthernet1/0/1 has been shutdown"

A few minutes later:

R1#   
*Jul  6 12:57:00.360: %SYS-5-CONFIG_I: Configured from console by  on vty0 (EEM:shutdown_port)
*Jul  6 12:57:00.365: %HA_EM-6-LOG: shutdown_port: Interface FastEthernet1/0/1 has been shutdown