Embedded Event Manager - SNMP - run TCL script

Similar Messages

• Monitoring PRI using Embedded Event Manager

  Hi,
  I am trying to use Embedded Event Manager to flag  when calls on a pri get above
  28 but its not working.  I found an OID which shows number of calls currently on
  the B Channels of a pri.  I dropped the threshold to two just to check it was
  functioning correctly.  Config below:
  event manager applet bchan-mon
  event snmp oid 1.3.6.1.4.1.9.10.19.1.1.11 get-type exact entry-op gt entry-val
  2 poll-interval 60
  action exceeded syslog priority critical msg "All Chanels in Use"
  I have done a debug and it says the OID is not found even though if i do a show
  snmp mib i see the OID.  Output below:
  Feb  9 08:35:58.097: fh_process_async: re=445EF694, timer_type=POLL
  Feb  9 08:35:58.097: snmp_entry_value_check: OID unavailable, value check
  skipped
  Feb  9 08:35:58.097: snmp_entry_value_check:Returning FALSE
  Feb  9 08:35:58.097: fh_process_async: update_t=0cron_tick: num_matches 0
  Has anyone successfullly used EEM to do this?
  Any help appreciated.
  Thanks
  Kev

  Hi Joe,
  I get this from an snmp walk:
  rh019654@c_nnm_u > snmpwalk lr2196 1.3.6.1.4.1.9.10.19.1.1.11
  cisco.ciscoExperiment.19.1.1.11.0 : Unsigned32: 0
  The device is a cisco 2851 and the IOS is C2800NM-SPSERVICESK9-M 12.4(18e).
  If i run a debug now after adding the 0 i dont get a OID error not found anymore but its still not flagging the message in the log when the amount of calls go above 2.  See below:
  Feb 10 09:43:17.774: fh_process_async: re=463448F0, timer_type=POLL
  Feb 10 09:43:17.774: snmp_value_uint_compare:op1=0 op2=2 ret=FALSE
  Feb 10 09:43:17.774: snmp_entry_value_check:Returning FALSE
  Feb 10 09:43:17.774: fh_process_async: update_t=0
  Thanks
  Kev

• Embedded event manager

  Hi team
  I had open a post in lan switching for this particular problem and the expert from that forum has given the solution of embedded event manager so i need a help from this forum.
  The probelm defination is==
  Cisco 6509 (Core switch) connected to firewall on uplink side and on downlink its connected to 2 diffrent Cisco 6509 switches (Distribution) layer.All these links have been configured as Routed link and not as SVI.Now issue is when both the downlinks (coming from both distribution) switches go down i want to make the uplink from core to firewall to go down so that other core switch will take over and transfer teh traffic.
  Attached diagram has details.tried configuring HSRP between 2 core switches but as teh links are routed link HSRP not working and both switches remain master but as on oppsite side Juniper firewall NSRP is implemented 2nd firewall not responding and core-2 ==fw2 link not transfer traffic.now when both the links of core go down link from core1-fw1 should go down so Fw2 will get active and will send traffic on link betwene core2-firewall2..please let me know what kind of configursation is required in EEM..

  Do the following (assuming you have a disk0:):
  mkdir disk0:/policies
  copy tftp://x.x.x.x/sl_intf_watch.tcl disk0:/policies
  config t
  event manager directory user policy disk0:/policies
  event manager environment intf_watch_interfaces TenGigabitEthernet9/1,TenGigabitEthernet9/3
  event manager environment intf_watch_uplink GigabitEthernet1/2
  event manager policy sl_intf_watch.tcl
  Where x.x.x.x is the IP address of your TFTP server.
  After that, the policy is registered, and waiting for the interfaces to go down.

• How to run .tcl scripts with VTK?

  I have a bunch of .tcl scripts that use VTK. How do I run them? I have tcl/tk/vtk installed, but when I try to run `tclsh script.tcl` it outputs errors about VTK. On other distros i saw a binary named `vtk` that could run .tcl scripts out of the box. Is there something like this on Arch?
  Thanks.

  Hi, vtk is in community. It should supply the tcl bindings. I once was the maintainer when it was in AUR. It works here with the tcl examples that come with the vtk package. Have not tested the version in community yet.

• Running tcl script in parallel with vi code

  i need to run a tcl script from within a vi but i don't want to be blocked by tcl script. right now when i call tcl script within my vi using "system exec" vi, the rest of the code in my vi does not get executed until tcl script exits. i need to run tcl script in parallel.
  an equivalent operation in unix can be done by running a script in background using &.
  any ideas how to do it in labview.

  Go to your help menu and select Show Context Help. Move your mouse over the function. You'll now see the help for the function and you can read what the input called 'wait until completion? (T)' means.

• Embedded Event manager scripting help

  Hello,
  I'm looking into a way to do the following:
  If pinging of BGP peer detects packet loss, or circuit flapping, lets say 5 flaps in 60 secs, then I'd like the bgp peering to go into admin down state.
  Would be nice if it also recovered on its own when 1hour or X of stability was detected.
  Thank you

  I found a good doc and think i'll be going with this:
  IP SLA 3
     icmp-echo X.X.X.X  source-interface GIGXXXX
  IP SLA schedule  3 life forever  start-time now
  track 3 ip sla 3  reachability
  delay up XX
  event manager applet  WAN_DOWN
  event track 3 state  down
  action 1.0 syslog msg "Packet loss  or Primary WAN cct loss detected"
  action 2.0 cli command  "enable"
  action 3.0 cli command "config  t"
  action 4.0 cli command "router bgp XXXXX"
  action 5.0 cli command "neighbor X.X.X.X shut"
  action 6.0 cli command  "end"
  action 7.0 syslog msg "BGP neighbor  placed in Admin Down because of packet loss to  Peer"
  event managet applet  wan_up
  event track 3 state  up
  action 1.0 syslog msg "WAN network  restored"
  action 2.0 cli command  "enable"
  action 3.0 cli command "config  t"
  action 4.0 cli command "router bgp XXXXX"
  action 5.0 cli command "no neighbor  x.x.x.x shut"
  action 6.0 cli command  "end"
  action 7.0 syslog msg "BGP neighbor  was brought up due to sustained comm with Peer"

• Problem with Embedded Event Manager and Object Tracking

  Hi,
  I have a 2801 running c2801-advipservicesk9-mz.124-24.T2.bin. It has the following configuration:
  track 300 list boolean or
  object 10
  object 11
  object 12
  object 13
  event manager applet clear_ipsec_tunnel
  event track 300 state down
  action 1.0 cli command "enable"
  action 2.0 cli command "clear crypto session"
  action 3.0 syslog msg "IPSec tunnel has been cleared by clear_ipsec_tunnel applet"
  My problem is that after the tracked object number 300 transitions from an up state to a down state, nothing happens. It seems like the applet doesn't work with object tracking. Here's what I see in logs:
  Dec  7 21:52:32.236 MCK: %TRACKING-5-STATE: 12 ip sla 12 reachability Up->Down
  Dec  7 21:52:37.236 MCK: %TRACKING-5-STATE: 13 ip sla 13 reachability Up->Down
  Dec  7 21:52:57.236 MCK: %TRACKING-5-STATE: 10 ip sla 10 reachability Up->Down
  Dec  7 21:53:07.236 MCK: %TRACKING-5-STATE: 11 ip sla 11 reachability Up->Down
  Dec  7 21:53:07.996 MCK: %TRACKING-5-STATE: 300 list boolean or Up->Down
  That's it. For some reason, the applet won't execute the CLI commands when the EEM applet is triggered. Am I doing something wrong or I have encountered some bug? Thanks.

  jclarke,
  Today I added the router into the tacacs server database and the applet started working just fine by using my login name. So the working configuration looks like this:
  event manager session cli username "my login name"
  event manager applet clear_ipsec_tunnel
  event track 300 state down maxrun 30
  action 1.0 cli command "enable"
  action 2.0 cli command "clear crypto session"
  action 3.0 syslog msg "IPSec tunnel has been cleared by clear_ipsec_tunnel applet"
  Then I tried to use a login name from the local database that has "privelege 15" access and of course the debug output showed me this:
  Dec  8 18:12:58.203 MCK: %TRACKING-5-STATE: 300 list boolean or Up->Down
  Dec  8 18:12:58.203 MCK: fh_track_object_changed: Track notification 300 state down
  Dec  8 18:12:58.203 MCK: fh_fd_track_event_match: track ED pubinfo enqueue rc = 0
  Dec  8 18:12:58.215 MCK: fh_send_track_fd_msg: msg_type=64
  Dec  8 18:12:58.215 MCK: fh_send_track_fd_msg: sval=0
  Dec  8 18:12:58.219 MCK: %HA_EM-6-LOG: clear_ipsec_tunnel : DEBUG(cli_lib) : : CTL : cli_open called.
  Dec  8 18:12:58.227 MCK: %HA_EM-6-LOG: clear_ipsec_tunnel : DEBUG(cli_lib) : : OUT : Router>
  Dec  8 18:12:58.227 MCK: %HA_EM-6-LOG: clear_ipsec_tunnel : DEBUG(cli_lib) : : IN  : Router>enable
  Dec  8 18:12:58.747 MCK: %HA_EM-6-LOG: clear_ipsec_tunnel : DEBUG(cli_lib) : : OUT : Command authorization failed.
  Dec  8 18:12:58.747 MCK: %HA_EM-6-LOG: clear_ipsec_tunnel : DEBUG(cli_lib) : : OUT :
  Dec  8 18:12:58.747 MCK: %HA_EM-6-LOG: clear_ipsec_tunnel : DEBUG(cli_lib) : : OUT : Router>
  Dec  8 18:12:58.747 MCK: %HA_EM-6-LOG: clear_ipsec_tunnel : DEBUG(cli_lib) : : IN  : Router>clear crypto session
  Dec  8 18:12:58.771 MCK: %HA_EM-6-LOG: clear_ipsec_tunnel : DEBUG(cli_lib) : : OUT :                                  ^
  Dec  8 18:12:58.771 MCK: %HA_EM-6-LOG: clear_ipsec_tunnel : DEBUG(cli_lib) : : OUT : % Invalid input detected at '^' marker.
  Dec  8 18:12:58.771 MCK: %HA_EM-6-LOG: clear_ipsec_tunnel : DEBUG(cli_lib) : : OUT :
  Dec  8 18:12:58.771 MCK: %HA_EM-6-LOG: clear_ipsec_tunnel : DEBUG(cli_lib) : : OUT : Router>
  Dec  8 18:12:58.775 MCK: %HA_EM-6-LOG: clear_ipsec_tunnel: IPSec tunnel has been cleared by clear_ipsec_tunnel  applet
  Dec  8 18:12:58.775 MCK: %HA_EM-6-LOG: clear_ipsec_tunnel : DEBUG(cli_lib) : : CTL : cli_close called.
  So I guess this problem arises when you have command authorization enabled and the tacacs server is not reachable or something like that. I have tried to find a way to use the local database instead of using the aaa server but didn't succeed. Although I have found an interesting workaround. Here it is:
  Link: http://blog.ioshints.info/2007/05/command-authorization-fails-with-eem.html
  Workaround found after reading the "Executing IOS commands from Tcl shell" from the "Tclsh on Cisco IOS tutorial".
  On the above article it is mentionned that the ios_config command is executed inside the context of another VTY line (also found with the AAA debug). The workaround is to define the FIRST VTY line with "transport input none" to prevent ssh or telnet to grab it and to configure the aaa authorization without any command authorization for this line.
  Kind regards
  Christian Chautems
  Looks great, but I am not quite sure how to "configure the aaa authorization without any command authorization for this line".
  Anyway, jclarke thank you so much for taking your time to look into my problem and for your help.

• Embeded Event Manager on cisco 3560 switch

  Can someone help me please? I have EEM configured on cisco 3560 switch. The configuration is below. I want that switch inform me through email when device with particilular IP address become unavailable. For some reason this configuration is not good and I can't tell why. I already try to debug this with debug event manager action mail but didn't see any output .
  ip sla 11
  icmp-echo ip address
  frequency 20
  ip sla schedule 11 life forever start-time now
  event manager applet device-TEST
  event snmp oid 1.3.6.1.4.1.9.9.42.1.2.9.1.6.11 get-type exact entry-op lt entry-val "2" poll-interval 20
  trigger occurs 5 period 120
  action 02.0 mail server "ip address" to "[email protected]" from "[email protected]" subject "device is down"

  The mail part looks good, I'm not sure you are hitting the trigger right.
  Why not do a track on the ip sla instead of the snmp stuff?
  Here's a good example of that.
  https://learningnetwork.cisco.com/blogs/network-sheriff/2009/06/19/writing-your-first-eem-applet

• Cisco Embedded Event Manager Issue

  Hello Experts,
  I have taken the following sample EEM from
  https://learningnetwork.cisco.com/blogs/network-sheriff/2009/06/19/writing-your-first-eem-applet
  The intention is to send a notification to an email address about a network problem. I have modified it bit for illustrative purposes. You will see that there are various show commands.
  Can someone please show me how to email the show commands instead just appending them to the directory called "server_unreachable"?
  TechWiseTV4506(config)#eve
  nt manager environment _email_server 172.16.1.44 (<-my Post Cast server)
  TechWiseTV4506(config)#event manager environment _email_to [email protected]
  TechWiseTV4506(config)#event manager environment _email_from [email protected]
  event manager applet email_server_unreachable
  event track 10 state down
  action 1.0 syslog msg "Houston we have a problem. Ping failed, server unreachable!"
  action 1.1 cli command "enable"
  action 1.2 cli command "del /force flash:server_unreachable"
  action 1.3 cli command "show clock | append server_unreachable"
  action 1.4 cli command "show ip arp 172.16.1.55 | append server_unreachable"
  action 1.5 cli command "show ip route 172.16.1.55 | append server_unreachable"
  action 1.6 cli command "show interface FastEthernet0/1/1 | append server_unreachable"
  action 1.7 cli command "more flash:server_unreachable"
  action 1.8 mail server "$_email_server" to "$_email_to" from "$_email_from" subject "Server Unreachable: ICMP-Echos Failed" body "$_cli_result
  action 1.9 syslog msg "Server unreachable alert has been sent to email server!"
  Cheers
  Carlton

  This applet will actually email the results.  However, in order to get all of the output together, it uses the server_unreachable file as an accumulator buffer.  That file could be deleted as action 2.0:
  action 2.0 cli command "delete /force flash:server_unreachable"
  But that is already there in action 1.2, so it's not really needed.
  What will happen is the applet will more the file to collect all of the output.  That aggregated output will be stored in the $_cli_result variable.  The result is that the body of your email will contain the consolidated command output.

• Cisco Embedded Event Manager Book

  Hello All,
  Can someone let me know if they're any books currently available which I focused purely on Cisco EEM?
  I would very much like to learn/practice EEM. I appreciate there is a lot of samples here, however I would like a more structured approach to learning EEM.
  Cheers
  Carlton

  There is no book dedicated to EEM.  The "Tcl Scripting for IOS" book from Cisco Press does cover EEM in some detail, though.

• How to run tcl scripts with arguments on OMBPlus

  Hi,
  I am trying to deploy mappings from OMBPlus. I could do it by saving step by step commands to a tcl file and run it on OMBPlus as
  source e:\\mi\\test.tcl
  Contents of test.tcl is:
  =======================
  OMBCONNECT owbdesigner/owbdesigner@humistst:1521:mistst
  OMBCC 'S80_DWH_PROJECT'
  OMBCONNECT RUNTIME 'CONN_MISTST' USE PASSWORD 'owbruntime'
  OMBCC 'S80_OWBTARGET'
  OMBCREATE TRANSIENT DEPLOYMENT_ACTION_PLAN \
  'CRE_MAP' ADD ACTION 'MAPPING_DEPLOY' \
  SET PROPERTIES (OPERATION) \
  VALUES ('CREATE') SET REFERENCE MAPPING \
  'DWH_BA_MAPPING'
  OMBDEPLOY DEPLOYMENT_ACTION_PLAN 'CRE_MAP'
  puts "Mapping Deployed..."
  OMBDISC
  ===========================
  Now i want to pass mapping name as argument/parameter, so that my script can work dynamically. I tried following in test.tcl:
  OMBCONNECT owbdesigner/owbdesigner@humistst:1521:mistst
  set mapname [lindex $argv 1]
  OMBCC 'S80_DWH_PROJECT'
  OMBCONNECT RUNTIME 'CONN_MISTST' USE PASSWORD 'owbruntime'
  OMBCC 'S80_OWBTARGET'
  OMBCREATE TRANSIENT DEPLOYMENT_ACTION_PLAN \
  'CRE_MAP' ADD ACTION 'MAPPING_DEPLOY' \
  SET PROPERTIES (OPERATION) \
  VALUES ('CREATE') SET REFERENCE MAPPING \
  '$mapname'
  OMBDEPLOY DEPLOYMENT_ACTION_PLAN 'CRE_MAP'
  puts "Mapping Deployed..."
  OMBDISC
  and, run it as follows on OMBPlus
  source e:\\mi\\test_map.tcl DWH_BA_MAPPING
  then it is giving error for invalid arguments.
  Can anybody help me to sort it out.
  Many Thanks.
  Deepali

  As Jorg said, you can pass command line arguments when you start OMBPlus.
  If you want to pass parameters from within OMB, just create a proc and then run it...
  proc deployMap {mapName} {
       set mapName [string toupper $mapName]
       OMBCONNECT owbdesigner/owbdesigner@humistst:1521:mistst
       OMBCC 'S80_DWH_PROJECT'
       OMBCONNECT RUNTIME 'CONN_MISTST' USE PASSWORD 'owbruntime'
       OMBCC 'S80_OWBTARGET'
       OMBCREATE TRANSIENT DEPLOYMENT_ACTION_PLAN \
            'CRE_MAP' ADD ACTION 'MAPPING_DEPLOY' \
            SET PROPERTIES (OPERATION) \
            VALUES ('CREATE') SET REFERENCE MAPPING \
            '$mapname'
       OMBDEPLOY DEPLOYMENT_ACTION_PLAN 'CRE_MAP'
       puts "Mapping Deployed..."
       OMBDISC
  }Run it like this
  deployMap <map_name>You can automatically load the proc when you start OMBPlus but putting it into ombinit.tcl (or put it in another file and put "source myprocs.tcl" at the bottom of ombinit.tcl).

• Cisco embedded event manager applet

  Hi everyone,
  Can someone please confirm me if we can use cisco eem applet in ASA firewall. I know its for sure used in IOS but whta bout firewall? if yes then please help me out.
  Thanks in advance.

  i want to log-off a vpn tunnel if the VPN tunnel gets stuck. Can it be done on ASA firewall?

• Embedded Event Manager Versions on Routers

  Hello Community,
  Can someone please tell me if its possible to load a EEM version on a 3600 higher than 2.1 or on a 3700 higher than 2.2?
  Cheers
  Carlton

  The EEM version is fixed to the IOS.  See https://supportforums.cisco.com/docs/DOC-8799 on how to figure out what version is available on your device.  EEM 2.2 requires 12.4(2)T or higher and 2.3 requires 12.4(11)T or higher.

• Creating a job that runs a Tcl script

  Hi,
  We currently have a scheduled job running a Tcl script on a 8.1.7 DB. My question is, can I still use the same setup in 10g DB (i.e. creating a job that runs Tcl script)? If I can, how am I gonna do it?
  Thanks,
  howie

  It depends on how you scheduled the job in 8.1.7 DB.
  By Cronjob? Yes you can do the same to connect to 10g
  By DBMS_JOB?. Yes you can do it in 10g and in addition, can improve it with DBMS_SCHEDULER
  Via OEM? Yes in can use Enterprise Manager to create a Job that runs the Script.

• Batch processing with Script Events Manager

  Hello all,
  I use the Script Events Manager to run a group of actions on a single file during the file open event.
  This workflow works well when dealing with a small quantity of files.
  Is there an efficient way to apply simultaneously a group of actions to folder of images?
  The PSCC Batch processor, Image Processor and Image Processor Pro only allow the use of one action at a time.
  I have try creating a combo action which includes a group of actions to run in the Batch Processor and Image Processor.
  When doing so I receive an error message from the Image processor and dialogs that from the Batch processor that suspend
  the program activity. I have had no luck with a combo droplet as well.  

  My system has 8 Gb of Ram and 4 processors. I doubt it's the system. I've had problems with CS Master Collection since day one. My main complaint is the ******* tabs and interface. Everything is so chunky. CS2 was smooth as butter. They keep making their products use more RAM and it's ridiculous. The tabs don't help, they only make life harder.
  Thanks for the suggestions, I was hoping not to have to reinstall PS, but looks like it's the only option.