×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

help with simple applet.

Unanswered Question
May 8th, 2012
User Badges:

Was given this applet by Cisco Tac,  waiting to hear from them as well;


event manager applet capture_cpu_spike

event snmp oid 1.3.6.1.4.1.9.2.1.56 get-type next entry-op ge entry-val 85 exit-time 600 poll-interval 1

action 1.0 cli command "enable"

action 1.1 syslog msg "CPU Utilization is high"   

action 1.2 cli command "term exec prompt timestamp"

action 1.3 cli command "sh proc cpu sorted | redirect flash:cpu_info.txt"

action 1.4 cli command "show interface | redirect flash:interface_info.txt"

action 1.5 cli command "term no exec prompt timestamp"

action 1.6 syslog msg "CPU Utilization is Low"


Probelm is that it creates the files on the flash;


Directory of flash:/


    1  -rw-    55809628  Feb 22 2011 15:06:38 +00:00  c2800nm-advipservicesk9-mz.124-20.T.bin

    4  -rw-          31   May 8 2012 06:42:34 +00:00  cpu_info.txt

    3  -rw-          31   May 8 2012 06:42:36 +00:00  interface_info.txt

    2  -rw-         736  Feb 26 2010 10:11:24 +00:00  vlan.dat


but when you check the contents of the files,  both say;


JNJSILJ1RR2203#more cpu_info.txt

Command authorization failed.


What's up????


Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Joe Clarke Tue, 05/08/2012 - 00:12
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

You need to configure:


event manager session cli username USER


Where USER is a username authorized to run all of the CLI commands in your applet.

jhryder Tue, 05/08/2012 - 00:57
User Badges:

Ok,  tried this butr am still getting same;


username EEM privilege 15


event manager session cli username EEM


event manager applet capture_cpu_spike

event snmp oid 1.3.6.1.4.1.9.2.1.56 get-type next entry-op ge entry-val 85 exit-time 600 poll-interval 1

action 1.0 cli command "enable"

action 1.1 syslog msg "CPU Utilization is high"   

action 1.2 cli command "term exec prompt timestamp"

action 1.3 cli command "sh proc cpu sorted | redirect flash:cpu_info.txt"

action 1.4 cli command "show interface | redirect flash:interface_info.txt"

action 1.5 cli command "term no exec prompt timestamp"

action 1.6 syslog msg "CPU Utilization is Low"



Just to be sure tried this also;


username USER privilege 15

event manager session cli username USER

Joe Clarke Tue, 05/08/2012 - 01:12
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

Does your AAA configuration look to the local user database first?  If not, then you need to configure the EEM user on your AAA server.

jhryder Tue, 05/08/2012 - 01:25
User Badges:

So what if i tried my TACACS id.  I am not automatically in enable mode however,  I have to do enable then the enable p/w?


Can EEM accomodate something like that?

Joe Clarke Tue, 05/08/2012 - 01:27
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

Your user name will be fine.  EEM doesn't need passwords.  It will use the username for authorization only.

jhryder Tue, 05/08/2012 - 01:32
User Badges:

Apologize,  but i am confused.   My TACACS id doesn't have level 15 privileges by default,  only when i go in enable mode?

Joe Clarke Tue, 05/08/2012 - 01:36
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

Right, that's fine.  Your applet's first CLI command is "enable" so the policy will enter enable mode using your username.  As long as you can run the commands in your applet, your username will be fine to use as the session CLI username.

jhryder Tue, 05/08/2012 - 01:46
User Badges:

It is WORKING,  THANK YOU VERY MUCH !!!!!!!!!!!!!

Actions

This Discussion

Related Content