EEM - "action" not taken on another router with similar IOS

Answered Question
Jun 9th, 2010

[Question origionally in "Network Infrastructure"->"WAN, Routing, Switch" forum. Asked to post it in here.]

Hi !

I been running a test script to  verfiy EEM on our Cisco 6506 core switches. While the desired results  are obtained on our Test 6506 device. Exactly similar config fails to  produce desired results on the Production one. The config is as follows:

rtr 10
type echo protocol ipIcmpEcho  7.7.7.7
timeout 1000
frequency 3
request-data-size 32
rtr  schedule 10 life forever start-time now
!
event manager applet  EEM_Test2_DOWN
event snmp oid 1.3.6.1.4.1.9.9.42.1.2.9.1.6.10  get-type exact entry-op eq entry-val 1 exit-op eq exit-val 2  poll-interval 3
action 1.1 cli command "enable"
action 1.2 cli  command "show ip int bri | inc 7.7.7.7"
action 1.3 syslog msg "EEM  Test CLI Results: show ip int bri - $_cli_result"
action 1.4 cli  command "configure terminal"
action 1.5 cli command "no ip route  6.6.6.0 255.255.255.0 5.5.5.5"
action 1.6 syslog msg "EEM Test CLI  Results: no ip route - $_cli_result"
!
event manager applet  EEM_Test2_UP
event snmp oid 1.3.6.1.4.1.9.9.42.1.2.9.1.6.10 get-type  exact entry-op eq entry-val 2 exit-op eq exit-val 1 poll-interval 3
action 1.1 cli command "enable"
action 1.2 cli command "show ip int  bri | inc 7.7.7.7"
action 1.3 syslog msg "EEM Test CLI Results:  show ip int bri - $_cli_result"
action 1.4 cli command "configure  terminal"
action 1.5 cli command "ip route 6.6.6.0 255.255.255.0  5.5.5.5"
action 1.6 syslog msg "EEM Test CLI Results: ip route -  $_cli_result"

!

The IOS running on the two 6506 is:

    Test_6506: Version 12.2(18)SXF11,  RELEASE SOFTWARE (fc1)

   Prod_6506: Version 12.2(18)SXF15, RELEASE SOFTWARE (fc1)

Test 6506  Results:

===============

Test#show  logging | inc EEM_Test2_

Jun  9 13:28:59.897: %HA_EM-6-LOG: EEM_Test2_DOWN: EEM Test  CLI Results: show ip int bri - Loopback7                   7.7.7.7         YES manual administratively down down
Jun  9  13:28:59.921: %HA_EM-6-LOG: EEM_Test2_DOWN: EEM Test CLI Results: no ip  route - %No matching route to delete

Test#show ip route | inc  6.6.6.0


Test#show ip int bri | inc 7.7.7.7
Loopback7                   7.7.7.7         YES manual administratively down down


After bringing  interface Loopbackup7 UP:


Test#show logging | inc EEM_Test2_
Jun  9 13:30:52.843:  %HA_EM-6-LOG: EEM_Test2_UP: EEM Test CLI Results: show ip int bri -  Loopback7   7.7.7.7         YES manual  up       up
Jun  9  13:30:52.867: %HA_EM-6-LOG: EEM_Test2_UP: EEM Test CLI Results: ip route  -

Test#show ip route | inc 6.6.6.0
S       6.6.6.0 [1/0] via 5.5.5.5


Test#show ip int bri | inc 7.7.7.7
Loopback7                   7.7.7.7         YES manual up                    up

Prod 6506  Results:

==============

PROD#show  logging | inc EEM_Test2_

Jun  9 13:55:00.208: %HA_EM-6-LOG: EEM_Test2_DOWN: EEM  Test CLI  Results: show ip int bri - PROD#
Jun  9 13:55:00.432: %HA_EM-6-LOG:  EEM_Test2_DOWN: EEM Test CLI Results:  no ip route -                ^

PROD#show ip route | inc 6.6.6.0

PROD#show ip int bri |  inc 7.7.7.7
Loopback7                   7.7.7.7         YES manual  administratively down down

After bringing interface  Loopbackup7 UP:

PROD#show logging | inc EEM_Test2_

Jun  9 13:57:24.704: %HA_EM-6-LOG:  EEM_Test2_UP: EEM  Test CLI Results: show ip int bri - PROD#
Jun  9  13:57:24.928: %HA_EM-6-LOG: EEM_Test2_UP: EEM Test CLI Results:  ip  route -                  ^

PROD#show ip route | inc 6.6.6.0

PROD#show ip int  bri | inc 7.7.7.7
Loopback7                   7.7.7.7         YES  manual up                    up

Why don't  the "action" statements get executed in the Production 6506. Is this  because of version difference i.e. SXF15 on PROD but SXF11 on TEST.  There is a "^" sign right below the name of the router in the logs. Does  this indicates some error?

Thanks

Regards, Rashid.

I have this problem too.
0 votes
Correct Answer by Joe Clarke about 6 years 6 months ago

Without seeing the full config, my guess is that the production switch has AAA command authorization configured, and you need to add:

event manager session cli username USER

Where USER is a username who is authorized to run all of the CLI commands in your EEM policies.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Joe Clarke Wed, 06/09/2010 - 17:55

Without seeing the full config, my guess is that the production switch has AAA command authorization configured, and you need to add:

event manager session cli username USER

Where USER is a username who is authorized to run all of the CLI commands in your EEM policies.

seabird505 Thu, 06/10/2010 - 19:25

Thanks Joe ! That does the trick. Test system just had Enable password while Prod one authentication is through TACACS.

Actions

This Discussion