Thanks Joseph for swift response. It is working as expected. Is there any repository were we can get full list of variable which are builtin for EEM.

show event manager detector DETECTOR detail

In this case:

show event manager detector cli detail

Also, look at https://supportforums.cisco.com/document/102581/eem-built-action-variables for those variables available from actions.

I have a Cisco ASA running 9.2 and I'm trying to configure EEM and can't see much option. Any suggestions?

EEM on the ASA is very limited.  You can only automate CLI at this time.  The EEM subsystem on the ASA is not the same as on IOS.  It simply uses the same name.

Yes, I figured that EEM on ASA is very limited because although this is the per first time I'm facing a problem like that. I've seen various example on Google search all for router and switch and very few for ASA.

I can't accomplish what I want in ASA, that is configure EEM for alert on syslog id 611101 that "user account accepted" after log in.

Well, you should be able to match the syslog message, but all you will be able to do is run some CLI commands.  See http://www.cisco.com/c/en/us/td/docs/security/asa/asa92/configuration/general/asa-general-cli/monitor-eem.html for more info.

The CLI command I'm trying to run is "copy runnning-config tftp", but I don't know how to pass variable on the ASA. I know some Cisco IOS you can create environment variable for the EEM to use. The command I'm trying to run requires user input such as: the source file, destination tftp client and the destination file. How to pass that? Or maybe what command can I run to save the config to a remote server?

thanks,

There doesn't appear to be any variable support in ASA EEM at the moment.  But without variables, you can copy a file to TFTP server output file overwrite filename in your applet.