Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Calling a variable in regular expression

Hi.  Is there any way to call a variable in a regular expression, instead of explicitly defining it?  For example,

 

THIS WORKS:

 action 10   cli command "show run | section router ospf"
 action 20   regexp "passive-interface Serial4/0" "$_cli_result"

 

BUT THIS DOES NOT:

event manager environment _circuit1 Serial4/0

...

 action 10   cli command "show run | section router ospf"
 action 20   regexp "passive-interface $_circuit1" "$_cli_result"

 

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Unfortunately, not all fields

Unfortunately, not all fields in an applet are set for variable expansion.  This is one of them.  You can convert this applet to Tcl using our tool at http://www.marcuscom.com/convert_applet/ .  Or you could do:

 

action 20 regexp "passive interface ([A-Za-z0-9/\.:]+)" $_cli_result match intf

action 30 if $intf eq $_circuit1

...

22 REPLIES
Cisco Employee

Unfortunately, not all fields

Unfortunately, not all fields in an applet are set for variable expansion.  This is one of them.  You can convert this applet to Tcl using our tool at http://www.marcuscom.com/convert_applet/ .  Or you could do:

 

action 20 regexp "passive interface ([A-Za-z0-9/\.:]+)" $_cli_result match intf

action 30 if $intf eq $_circuit1

...

New Member

WOW, thanks Joseph!  That

WOW, thanks Joseph!  That regexp worked like a champ.

Sooo glad you monitor and respond to these discussions.

New Member

Ok, I have a follow-up.  How

Ok, I have a follow-up.  How can I modify this script to catch more than one passive-interface.  I have this:


 action 20   regexp "passive-interface ([A-Za-z0-9/\.:]+)" "$_cli_result" match _intf
 action 30   if $_intf eq $_circuit1
 action 40   elseif $_intf eq $_circuit2
 

...but it'll stop at action 30 if _circuit1 is found.  I have to run the script again to catch _circuit2.  How can I run the script once to catch both circuits?

Cisco Employee

event manager environment

event manager environment circuits Serial4/0 Serial3/0 Serial2/0

!

action 20 foreach circuit $circuits

action 30 if $intf eq $circuit

...

New Member

Ok, not sure what I'm missing

Ok, not sure what I'm missing, but the script will only catch the 1st interface listed as passive, but not the 2nd.

 

 

event manager environment _passive Serial0/0/0 Serial0/1/0

!

event manager applet UNPASSIVE
 event none
 action 10 cli command "show run | section router ospf"
 action 20 regexp "passive-interface ([A-Za-z0-9/\.:]+)" "$_cli_result" match _intf
 action 25 foreach circuit "$_passive"
 action 30  if $_intf eq $circuit
 action 40   puts "$_intf"
 action 50  end
 action 99 end
!

Cisco Employee

If the config contains more

If the config contains more than one passive interface, you need to move the foreach loop higher:

 

action 20 foreach line $_cli_result "\n"

action 30  regexp "passive-interface ([A-Za-z0-9/\.:]+)" $line match intf

action 40  foreach circuit $passive

action 50   if $intf eq $circuit

action 60    puts $intf

action 70   end

action 80  end

action 90 end

New Member

Thanks, Joe!  I was finally

Thanks, Joe!  I was finally able to get it working perfectly thanks to your help.  For clarity, here's what I ended up with:

 

event manager environment passive Serial0/0/0 Serial0/1/0
!
event manager applet UNPASSIVE
 event none
 action 10 cli command "show run | section router ospf"
 action 20 foreach line "$_cli_result" "\n"
 action 30 set intf "none"
 action 40  regexp "passive-interface ([A-Za-z0-9/\.:]+)" "$line" match intf
 action 50  foreach circuit "$passive"
 action 60   if $circuit eq $intf
 action 70    puts "$intf"
 action 97   end
 action 98  end
 action 99 end
!

New Member

Strange things going on.  The

Strange things going on.  The above script worked perfectly in the lab.  I changed the event to a CRON job, and it worked fine.  I added the same script to a production device...and the history shows it invoking the script, but nothing happens.

LAB - 15.1(4)M7

PROD - 12.4(24)T3

Surely this has got to be a bug, right?  I even tweaked it to run every minute and added a bunch of 'puts' so I could see how far the script was going:

 

event manager applet UNPASSIVE
 event timer cron cron-entry "0-59 * * * *"
 action 05   puts "STARTING!!!"
 action 10   cli command "show run | section router ospf"
 action 11   puts "11"
 action 20   foreach line "$_cli_result" "\n"
 action 21    puts "21"
 action 30    set intf "none"
 action 31    puts "31"
 action 40    regexp "passive-interface ([A-Za-z0-9/\.:]+)" "$line" match intf
 action 41    puts "41"
 action 50    if $intf eq $circuit1
 action 50.1   syslog msg "CRON job making $intf unpassive"
 action 50.2   cli command "enable"
 action 50.3   cli command "config t"
 action 50.4   cli command "router ospf 77"
 action 50.5   cli command "no passive-interface $intf"
 action 50.6   cli command "end"
 action 51     puts "51"
 action 98    end
 action 99   end
!

 

Still, nothing.  I then changed the event to 'none', and invoked it manually, and I got this result:

STARTING!!!
11
21
31
41
21
31
41
21
31
41
21
31
41

 

It looks like it only read the first 4 lines of the OSPF config before stopping, when in reality my 'passive-interface' commands are further down than that.

 

1) Why did this script only work manually and not with CRON?

2) How do I get this script to run ALL lines of the OSPF section, and not just the first 4?

 

 

 

Cisco Employee

The timing of these messages

The timing of these messages would be more revealing than the messages themselves.  Perhaps your applet is taking too much time on the production router.  Try increasing maxrun to 60 and see if that helps.

New Member

Tried increasing maxrun...no

Tried increasing maxrun...no affect.  I also tried a much simpler version of the script:

event manager applet UNPASSIVE
 event timer cron cron-entry "0-59 * * * *"
 action 10   cli command "show run | section router ospf"
 action 11 puts 11
 action 20   regexp "passive-interface Serial4/0" "$_cli_result"
 action 21 puts 21
 action 30   if $_regexp_result eq 1
 action 30.1  syslog msg "CRON job making $circuit1 unpassive"
 action 30.2  cli command "enable"
 action 30.3  cli command "config t"
 action 30.4  cli command "router ospf 77"
 action 30.5  cli command "no passive-interface $circuit1"
 action 30.6  cli command "end"
 action 31 puts 31
 action 40   end
!

 

And here's the OSPF config:

router ospf 77
 router-id xxxxxxxxxxxxxxxxx
 log-adjacency-changes
 auto-cost reference-bandwidth 20000
 timers throttle spf 10 100 5000
 passive-interface Serial4/0
 network xxxxxxxxxxxxxxxxx area 1
 network yyyyyyyyyyyyyyy area 0

 

And this is as far as it gets when ran:

000879: Apr 28 20:26:00.016 CDT: %HA_EM-6-LOG: UNPASSIVE: 11
000880: Apr 28 20:26:00.016 CDT: %HA_EM-6-LOG: UNPASSIVE: 21

 

I am now convinced it's an IOS issue, as it works in my lab (15 code), but not in prod (12 code).  But it really stinks for me, as I still need a solution to make these interfaces unpassive.  Any ideas are appreciated.

 

Cisco Employee

In action 21, puts the

In action 21, puts the contents of $_cli_result to make sure you're getting what you expect.  Perhaps you have AAA command authorization, and you're getting back "Command not authorized" or something.

New Member

Ok, Joseph, you're on to

Ok, Joseph, you're on to something.  I am not getting the desired $_cli_result.  I experimented with 2 very simple scripts:

event manager applet UNPASSIVE
 event none
 action 10 cli command "enable"
 action 20 cli command "show running-config"
 action 30 puts "$_cli_result"
!

and it works.  Then I tried adding the CRON event:

event manager applet UNPASSIVE
 event event timer cron cron-entry "0-59 * * * *"
 action 10 cli command "enable"
 action 20 cli command "show running-config"
 action 30 puts "$_cli_result"
!

And nothing.  I even tried adding a user called, 'EEM':

username EEM priv 15

event manager session cli username "EEM"

 

Still nothing.  Why would this work with a manual event, but not a CRON event?

 

Cisco Employee

So what do you get back from

So what do you get back from running the command?  What does the running config look like?

New Member

When I run the script

When I run the script manually, I get the running-config 'put' on the screen.

When I run the script via CRON, nothing happens.

 

It's got to be 'privilege' related, because when I change the script's command to 'show ip int brief'...it works manually AND with CRON.  Like I said, I even created the user, 'EEM' with full privileges and it still doesn't work.  Here's the config:

username EEM privilege 15

event manager session cli username "EEM"

event manager applet UNPASSIVE
 event timer cron cron-entry "0-59 * * * *"
 action 10 cli command "enable"
 action 20 cli command "show running-config"
 action 30 puts "$_cli_result"
!

Cisco Employee

I need to see your whole

I need to see your whole config.  It's the AAA stuff that's important.  If you are using TACACS+ for authz, then creating a local user will have no effect.  What you should try is your username as the eem session cli username.

New Member

Ah, ok.  Here's the AAA stuff

Ah, ok.  Here's the AAA stuff:

aaa new-model
!
aaa authentication login default group tacacs+ local
aaa authentication login async none
aaa authentication enable default group tacacs+ enable
aaa authorization console
aaa authorization exec default group tacacs+ local
aaa authorization exec async none
aaa accounting exec default
 action-type start-stop
 group tacacs+
!
aaa accounting commands 15 default
 action-type start-stop
 group tacacs+
!        

Cisco Employee

You're not doing command

You're not doing command authorization, so if you print the results of the "show run" command (the OSPF version) in the cron policy (so that it goes out via syslog), what is the exact output you get?  Or better yet, enable "debug event manager action cli" reproduce the problem, and post the output.

New Member

Joe, I'll have to do more

Joe, I'll have to do more troubleshooting tonight, but keep in mind I wasn't sending the command output to SYSLOG, but was just doing 'puts'.  Are you saying I should try syslog?

 

Anyways, I tried that debug command last night, and was getting NOTHING.  I even tried "debug event manager all"...still, nothing.

Cisco Employee

If some CLI results are being

If some CLI results are being processed, then "debug event manager action cli" will show something provided you're trapping on debug level messages.

 

As for puts vs. syslog, puts should turn into syslog when an asynchronous policy is run.  But again, you need to be trapping on debug level syslog messages.

New Member

Joe, do I necessarily need to

Joe, do I necessarily need to 'trap' debug-level messages for them to echo on my terminal screen?  I wasn't aware of that.  All I normally do is 'term mon' to ensure I see the messages.  I'm unsure of the command I will need to see the debug output.

I'm going to do more troubleshooting tonight, but I am concerned that I won't see any output like last time.

Cisco Employee

You need to make sure you

You need to make sure you have configured:

 

logging monitor debug

 

This sets the logging level of the VTY monitor lines to debug.
 

New Member

Joe, I just wanted to follow

Joe, I just wanted to follow up and let you know that this is working now.  I think it all came down to an issue with privileges.  Initially, I didn't have the 'enable' in my script.  Once I added 'enable', I could get it to work manually, but not with CRON...but I'm not sure why, as it's now working with CRON, too.  Here's what the final script looks like.  Thanks for trudging along with me on this one.

 

event manager applet UNPASSIVE
 event timer cron cron-entry "0 2 * * *"
 action 10   cli command "enable"
 action 20   cli command "show run | section router ospf"
 action 30   foreach line "$_cli_result" "\n"
 action 40    set intf "none"
 action 50    regexp "passive-interface ([A-Za-z0-9/\.:]+)" "$line" match intf
 action 60    if $intf eq $circuit1
 action 60.1   syslog msg "CRON job making $intf unpassive"
 action 60.2   cli command "enable"
 action 60.3   cli command "config t"
 action 60.4   cli command "router ospf 77"
 action 60.5   cli command "no passive-interface $intf"
 action 60.6   cli command "end"
 action 70    end
 action 80   end
!

 

1343
Views
0
Helpful
22
Replies
CreatePlease to create content