I need your help please,
I am asked to secure our LAN by pulling all disconnected users interfaces with a last input higher than 10weeks in first step and shut them down LATER
Is that possible with EEM script to browse interfaces on a switch and pull the ones concerted then send the result to a file on the flash :
otherwise, Is there any other way please .
I never worked with EEM so far
Thanks for helping me.
Have a look at this solution:
These policies track down ports, but you could modify the policy to look at when the ports last saw traffic fairly easily.
thanks for your help,
I have basic skills and i coudn't enter the script.
event manager environment test::cisco::eem::event_register_syslog pattern "LINEPROTO-5-UPDOWN" maxrun 600
But its always taking only the last line i entered.
How can i enter the script please ?
Thanks again for helping me
These are EEM Tcl policies. They need to be registered as so. See http://www.cisco.com/c/en/us/td/docs/ios/netmgmt/configuration/guide/12_2sx/nm_12_2sx_book/nm_eem_policy_tcl.html#wp1174855%0A and search on page for "Registering and Defining an EEM Tcl Script".
Thanks for your answer, I did register the EEMs correctly.
I looked to the link you sent me : https://supportforums.cisco.com/docs/DOC-39192
but i don't know which script to use as there is 3 of them.
Thanks again for your help.
I tryed to follow what you showed me.
- I created a "policies" directory on flash and copy the script tm_suspend_ports.txt to it.
- Register the script using the following commands
This is all that's needed to register this policy as-is. But you will need to make changes to add support for your specific use case of looking at last packet input. The code as it stands now looks for ports that are operational down. You'll need to add the code that looks at the "show interface" output to see when the last input was.
To set the number of days, configure:
event manager environment suspend_ports_days NUM_DAYS
On forums, i saw that some people said that I need my switch to be connected to tacacs, otherwise it won't work.
I am doing my tests on a isolated switch that works with a local username.
Would it be a problem you think ?
The config looks okay for the original behavior of the scripts. The timer policy should run every night at midnight provided your clock is properly synced (but you're not running NTP, so that is likely not the case). You'll need to look at your logging output to see if there are errors, plus you'll need to configure an authoritative clock source.