07-23-2009 09:59 PM
Hello this is my first ever post, so please bear with me if my tech lingo is below par.
I am very new to Tcl(Tool command language) and I need to create a policy for a CAT6500 to generate a 'syslog snmp-trap strdata "message to server"' when a specific syslog msg occurs. Now I've tried the Applet SNMP_Trap_Generation_Applet which works a treat, however I need to be more specific about which syslog messages get sent to the server.
Here's some pseudo code to try explain what I'm looking for.
::cisco::eem::event_register_syslog pattern .*-SP-.*
# Get the syslog message that caused the event to trigger
#
array set arr_einfo [event_reqinfo]
set syslog_msg $arr_einfo(msg)
# Check if syslog msg is = "LINK-SP-3" or "LINEPROTO-SP-5"
# If it is exit and don't send to trap to server
# Else
# Send snmp-trap message
if {$syslog_msg = "LINK-SP-3" | $syslog_msg = "LINEPROTO-SP-5" } {
action_syslog msg "blah blah"
exit
}else {
action_syslog snmp-trap strdata "SP log error on Catalyst"
}
As you can see the pattern .*-SP-.* is what I'm looking for in the syslog however I don't want to generate a snmp-trap for 2 specific patterns "LINK-SP-3" or "LINEPROTO-SP-5".
Any help out there would be great.
Solved! Go to Solution.
07-26-2009 10:56 PM
07-23-2009 10:29 PM
Your pseudo-code is very close. This is what you want:
if { ! [regexp {LINK-SP-3} $syslog_msg] && ! [regexp {LINEPROTO-SP-5} $syslog_msg] } {
action_snmp_trap strdata "SP log error on Catalyst"
}
07-26-2009 10:22 PM
Thanks jclarke but I just realized that I'm going to need a loop to exclude any other syslog messages in the future. Do you have any idea how I would go about this? Here's some more code to try explain what I need:
::cisco::eem::event_register_syslog pattern .*-SP-.*
# fetch the syslog message that caused the event to trigger
#
array set arr_einfo [event_reqinfo]
set syslog_msg $arr_einfo(msg)
# Build array of error messages
set errLog(1) "LINK-SP-3"
set errLog(2) "LINEPROTO-SP-5"
set errLog(3) "LINEXXX-SP-7"
set errLog(4) "LINEXXX-SP-2"
# Loop through array and compare to syslog_msg
# If msg exists in array set flag to 1
set flag = 0
foreach item $errLog {
if { [regexp {$item} $syslog_msg] } {
set $flag = 1
}
}
if {$flag = 0} {
action_snmp_trap strdata "SP log error on Catalyst"
}
My coding is terrible but I hope you understand what I'm trying to achieve.
07-26-2009 10:31 PM
07-26-2009 10:56 PM
07-26-2009 11:10 PM
Hi thanks for the quick reply. It looks easy the way you have it coded. I have one question, just before the loop there is the line "set found 0" is this necessary? If so could you explain why?
07-26-2009 11:11 PM
No, that line can be removed.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: