EEM Script issue blocking show run

Answered Question
Mar 22nd, 2017
User Badges:
  • Purple, 4500 points or more
  • Cisco Designated VIP,

    2017 LAN

Hi

any TCL wizards out there may be able to help me with this script

We have huge menus running on our devices and I wanted to block the menu and alias syntax from the running config

I put this script together from bits on the forums and its working well , when you check sh run ... you don't see menu commands or alias

The issue is its not allowing the shortcut command anymore like sh run int g0/0/0 , instead it shows the whole sh run

I have tried a few things to alter it but getting no where

any help appreciated scripting's not my strong point thanks


This is what I have so far


event manager applet MenuBlock
 event cli pattern "show run" sync yes
 action 111 cli command "enable"
 action 112 cli command "show run | excl menu|alias"
 action 114 puts "$_cli_result"
 action 115 set _exit_status "0"

Correct Answer by Joe Clarke about 3 months 4 weeks ago

Ugh, CSC ate my square brackets.  You need:

event cli pattern "^show running-config*$" sync yes

After "running-config" and before the '*' there should be (open-square-bracket)(open-square-bracket):space:(close-square-bracket)(close-square-bracket).

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (6 ratings)
Loading.
Joe Clarke Wed, 03/22/2017 - 06:23
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

If you only want to stop "show running-config" then try this:

event cli pattern "^show running-config$" sync yes

Mark Malone Wed, 03/22/2017 - 06:39
User Badges:
  • Purple, 4500 points or more
  • Cisco Designated VIP,

    2017 LAN

Hi Joe

thanks for the response , im not trying to stop all the running config , just hide all the menu config and alias config


Problem is though now it blocks the menu and alias which is great and shows me all the rest of the config but it wont allow use to use a command like sh run int g0/0/0 anymore

If I run that or any other interface sh run int  it just shows the full running config and does not show just the interface running config 

Joe Clarke Wed, 03/22/2017 - 08:12
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

The pattern I gave you will only trip on "show run".  If you do "show run int ..." that will bypass EEM.

Mark Malone Wed, 03/22/2017 - 08:35
User Badges:
  • Purple, 4500 points or more
  • Cisco Designated VIP,

    2017 LAN

Thanks Joe I did apply that as below , now it still shows show run and I can still see the sh run int x/x which is great but its still allowing the menu to be seen in running-config as below

If I revert to the original it blocks the menu in running config but doesn't allow me to check a certain interface with sh run x/x


event manager applet MenuBlock
 event cli pattern "show running-config$" sync yes
 action 111 cli command "enable"
 action 112 cli command "show run | excl menu|alias"
 action 114 puts "$_cli_result"
 action 115 set _exit_status "0"
!
end

xbe-b100war01#   sh run int g0/0/0
Building configuration...

Current configuration : 138 bytes
!
interface GigabitEthernet0/0/0
 description Connection to xxxxxxxxxx gi1/0/48
 no ip address
 media-type rj45
 negotiation auto
end

xxxxxxxx#   sh run | i menu
menu NOC title ^CCCC Menu For NOC Operations Centre ^C
menu NOC prompt ^CCC Please Choose your selection: ^C
menu NOC text 1. Ping Jumpbox Reachability Menu

Joe Clarke Wed, 03/22/2017 - 08:43
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

Try this:

event cli pattern "^show running-config*$" sync "yes"

Mark Malone Wed, 03/22/2017 - 08:54
User Badges:
  • Purple, 4500 points or more
  • Cisco Designated VIP,

    2017 LAN

Thanks tried that as below still the same , it did not like the yes in quotes so I tried it without it too

event manager applet MenuBlock
 event cli pattern "show running-config*$" sync yes
 action 111 cli command "enable"
 action 112 cli command "show run | excl menu|alias"
 action 114 puts "$_cli_result"
 action 115 set _exit_status "0"
!
end

xbe-b100war01#sh run | i menu
menu NOC title ^CCCC Menu For NOC Operations Centre ^C
menu NOC prompt ^CCC Please Choose your selection: ^C



..........................................................

with quotes

xbe-b100war01(config)#no event manager applet MenuBlock
xbe-b100war01(config)#event manager applet MenuBlock
xbe-b100war01(config-applet)# event cli pattern "show running-config*$" sync "yes"
                                                                             ^
% Invalid input detected at '^' marker.


Correct Answer
Joe Clarke Wed, 03/22/2017 - 08:59
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

Ugh, CSC ate my square brackets.  You need:

event cli pattern "^show running-config*$" sync yes

After "running-config" and before the '*' there should be (open-square-bracket)(open-square-bracket):space:(close-square-bracket)(close-square-bracket).

Mark Malone Wed, 03/22/2017 - 09:08
User Badges:
  • Purple, 4500 points or more
  • Cisco Designated VIP,

    2017 LAN

Thanks Joe that worked perfectly really appreciate that

just add the full  script below here in case anyone else might need it in future


event manager applet MenuBlock
 event cli pattern "show running-config*$" sync yes
 action 111 cli command "enable"
 action 112 cli command "show run | excl menu|alias"
 action 114 puts "$_cli_result"
 action 115 set _exit_status "0"

David Reynolds Sat, 03/25/2017 - 11:17
User Badges:

Joe,


I've been reading your posts going back for many years, first post on this forum for me and I just wanted to say thanks for all the effort you've expended here.


I have implemented a very similar set of eem scripts, and 99% of everything is working perfectly.  I only have two issues.


1.  If I perform a "show run" and then don't either space to the bottom of the config (i.e. I just let it hang half way through displaying the running-config) then eventually it escapes the script and dumps the config....without eliminating the portions I wanted excluded).


2.  If I perform a "show run" and then enter my way down the config as opposed to using the space bar...then it seems the script enters empty lines between each line of config.


Any idea on how to fix these issues?


Thanks so much,


David

David Reynolds Sun, 03/26/2017 - 08:23
User Badges:

Nevermind, I ended up getting after it a different way by adding:


action 1.2 puts "!"


after the cli command, this forces the entire "show run" to get dumped, no longer waits for the show run to complete, and then can complete the eem script.


There is probably a more elegant solution, but unfortunately I'm on a time crunch :)


Mark Malone Fri, 03/31/2017 - 02:02
User Badges:
  • Purple, 4500 points or more
  • Cisco Designated VIP,

    2017 LAN

HI Joe

just wondering if there is anything that might fix the script I deployed , its working 90% of the time but sometimes when we log into a router we get no prompt at all due to it like below it just hangs, its only happening on some routers but they all run the same ios version , is there anything I can put in the script that if it doesn't catch the eem properly it wont hang it like this

Thanks

Matching host key in /home/mmalone/.ssh/known_hosts:1377
Are you sure you want to continue connecting (yes/no)? yes
password:
CC
*********************************************************************
*                                                                   *
* Authorized Use Only!                                              *
* The use of this system is restricted to authorized persons only.  *
* All others will be prosecuted to the full extent of the law.      *
*                                                                   *
*********************************************************************






Joe Clarke Fri, 03/31/2017 - 10:27
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

I have not seen that before, and I've done a lot of EEM (with AAA and SSH).  Do you never get a prompt, or does hitting enter get you a prompt?  This might be a bug in this version of IOS.  Not sure where you're at, but you may look to upgrade to latest within your train.

Mark Malone Mon, 04/03/2017 - 07:19
User Badges:
  • Purple, 4500 points or more
  • Cisco Designated VIP,

    2017 LAN

Hi

its only happening on some of the routers , all running same ios-xe version though, unfortunately I cant move off the versions as its specific for IWAN so I wont get clearance for that , we would be on one of the latest star versions 15.5.04b on 4331s we do move frequently though as we test them and keep them updated

We do get a prompt if you press crtl C and then space bar , more--- comes up and the you can hit q but sometimes it takes a few attempts , just shows the banner and hangs

when I check the show event manager history events , its shows it was aborted rather than a success

Joe Clarke Mon, 04/03/2017 - 07:38
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

This would be a bug.  The VTYs should be cleaned up once the applet dies.  You should work with TAC on that.

And I do tend to see more aborts in this type of scenario as the applet blocks until the user scrolls through all of the output.  If they do not, then the applet will hit its maxrun and timeout.  One thing that may help this is to increase the default time to 30 (to match maxrun).  On the end of the event spec line, add "default 30".  This way the applet continues to block in the foreground until maxrun hits.

Mark Malone Tue, 04/04/2017 - 03:16
User Badges:
  • Purple, 4500 points or more
  • Cisco Designated VIP,

    2017 LAN

Great thanks Joe ill try that and bounce it off TAC too see what they say , appreciate that

Actions

This Discussion

Related Content