Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
636
Views
0
Helpful
2
Replies

EEM - "action" not taken on another router with similar IOS

Go to solution
seabird505
Level 1
Level 1

‎06-09-2010 05:47 PM

[Question origionally in "Network Infrastructure"->"WAN, Routing, Switch" forum. Asked to post it in here.]

Hi !

I been running a test script to  verfiy EEM on our Cisco 6506 core switches. While the desired results  are obtained on our Test 6506 device. Exactly similar config fails to  produce desired results on the Production one. The config is as follows:

rtr 10
type echo protocol ipIcmpEcho  7.7.7.7
timeout 1000
frequency 3
request-data-size 32
rtr  schedule 10 life forever start-time now
!
event manager applet  EEM_Test2_DOWN
event snmp oid 1.3.6.1.4.1.9.9.42.1.2.9.1.6.10  get-type exact entry-op eq entry-val 1 exit-op eq exit-val 2  poll-interval 3
action 1.1 cli command "enable"
action 1.2 cli  command "show ip int bri | inc 7.7.7.7"
action 1.3 syslog msg "EEM  Test CLI Results: show ip int bri - $_cli_result"
action 1.4 cli  command "configure terminal"
action 1.5 cli command "no ip route  6.6.6.0 255.255.255.0 5.5.5.5"
action 1.6 syslog msg "EEM Test CLI  Results: no ip route - $_cli_result"
!
event manager applet  EEM_Test2_UP
event snmp oid 1.3.6.1.4.1.9.9.42.1.2.9.1.6.10 get-type  exact entry-op eq entry-val 2 exit-op eq exit-val 1 poll-interval 3
action 1.1 cli command "enable"
action 1.2 cli command "show ip int  bri | inc 7.7.7.7"
action 1.3 syslog msg "EEM Test CLI Results:  show ip int bri - $_cli_result"
action 1.4 cli command "configure  terminal"
action 1.5 cli command "ip route 6.6.6.0 255.255.255.0  5.5.5.5"
action 1.6 syslog msg "EEM Test CLI Results: ip route -  $_cli_result"
!

The IOS running on the two 6506 is:

    Test_6506: Version 12.2(18)SXF11,  RELEASE SOFTWARE (fc1)

   Prod_6506: Version 12.2(18)SXF15, RELEASE SOFTWARE (fc1)

Test 6506  Results:

===============

Test#show  logging | inc EEM_Test2_

Jun  9 13:28:59.897: %HA_EM-6-LOG: EEM_Test2_DOWN: EEM Test  CLI Results: show ip int bri - Loopback7                   7.7.7.7         YES manual administratively down down
Jun  9  13:28:59.921: %HA_EM-6-LOG: EEM_Test2_DOWN: EEM Test CLI Results: no ip  route - %No matching route to delete

Test#show ip route | inc  6.6.6.0


Test#show ip int bri | inc 7.7.7.7
Loopback7                   7.7.7.7         YES manual administratively down down


After bringing  interface Loopbackup7 UP:


Test#show logging | inc EEM_Test2_
Jun  9 13:30:52.843:  %HA_EM-6-LOG: EEM_Test2_UP: EEM Test CLI Results: show ip int bri -  Loopback7   7.7.7.7         YES manual  up       up
Jun  9  13:30:52.867: %HA_EM-6-LOG: EEM_Test2_UP: EEM Test CLI Results: ip route  -

Test#show ip route | inc 6.6.6.0
S       6.6.6.0 [1/0] via 5.5.5.5


Test#show ip int bri | inc 7.7.7.7
Loopback7                   7.7.7.7         YES manual up                    up

Prod 6506  Results:

==============

PROD#show  logging | inc EEM_Test2_

Jun  9 13:55:00.208: %HA_EM-6-LOG: EEM_Test2_DOWN: EEM  Test CLI  Results: show ip int bri - PROD#
Jun  9 13:55:00.432: %HA_EM-6-LOG:  EEM_Test2_DOWN: EEM Test CLI Results:  no ip route -                ^

PROD#show ip route | inc 6.6.6.0

PROD#show ip int bri |  inc 7.7.7.7
Loopback7                   7.7.7.7         YES manual  administratively down down

After bringing interface  Loopbackup7 UP:

PROD#show logging | inc EEM_Test2_

Jun  9 13:57:24.704: %HA_EM-6-LOG:  EEM_Test2_UP: EEM  Test CLI Results: show ip int bri - PROD#
Jun  9  13:57:24.928: %HA_EM-6-LOG: EEM_Test2_UP: EEM Test CLI Results:  ip  route -                  ^

PROD#show ip route | inc 6.6.6.0

PROD#show ip int  bri | inc 7.7.7.7
Loopback7                   7.7.7.7         YES  manual up                    up

Why don't  the "action" statements get executed in the Production 6506. Is this  because of version difference i.e. SXF15 on PROD but SXF11 on TEST.  There is a "^" sign right below the name of the router in the logs. Does  this indicates some error?

Thanks

Regards, Rashid.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee

‎06-09-2010 05:55 PM

Without seeing the full config, my guess is that the production switch has AAA command authorization configured, and you need to add:

event manager session cli username USER

Where USER is a username who is authorized to run all of the CLI commands in your EEM policies.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee

‎06-09-2010 05:55 PM

Without seeing the full config, my guess is that the production switch has AAA command authorization configured, and you need to add:

event manager session cli username USER

Where USER is a username who is authorized to run all of the CLI commands in your EEM policies.

0 Helpful

Go to solution
seabird505
Level 1
Level 1
In response to Joe Clarke

‎06-10-2010 07:25 PM

Thanks Joe ! That does the trick. Test system just had Enable password while Prod one authentication is through TACACS.

0 Helpful
Customers Also Viewed These Support Documents