Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
8747
Views
5
Helpful
3
Replies

Shut/No Shut on Tunnel Interface

lcnorwood
Level 1
Level 1

‎09-26-2012 11:15 AM

We occasionally have a tunnel interface that flaps up and down on occasion, and a simple shut/no shut fixes the issue.   I saw that EEM scripts can perform actions based upon syslogged events, so we decided to give it a go.  

I set up the following script, but when the tunnel goes down, it doesn't shut/no shut.

event manager applet Tunnel5_Down

event syslog pattern "Interface Tunnel5, changed state to down"

action 1.0 cli command "enable"

action 1.1 cli command "configure terminal"

action 1.2 cli command "interface tu5"

action 1.3 cli command "shut"

action 1.4 cli command "no shut"

I'm curious what I might be missing?    Also - is there anything to let me know that the router actually attempted to run the applet?

Labels:
0 Helpful
3 Replies 3

Joe Clarke
Cisco Employee
Cisco Employee

‎09-26-2012 04:45 PM

What is the exact syslog message that is being generated?  Do you have AAA command authorization configured on the device?  You can use the command "show event manager history events" to see if the policy is firing.

lcnorwood
Level 1
Level 1
In response to Joe Clarke

‎09-26-2012 07:56 PM

Joe -

The command was extremely helpful.  I saw in the history that the applet had fired off 5 times in the past 6 days.

We're matching on the following pattern "interface Tunnel5, changed state to down"

We had a problem where a shut/no shut didn't fix the issue right away, looks like a syslog event wasn't logged again, so when the initial applet fired, it only went once, and not again. 

Is there any way to make the applet fire again if a "tunnel up" condition isn't met?

0 Helpful

Joe Clarke
Cisco Employee
Cisco Employee
In response to lcnorwood

‎09-27-2012 07:46 AM

Yeah, you can do this by configuring another applet from the initial applet that uses a watchdog timer to periodically bounce the interface.  When you see the "up" status, then you can unconfigure the watchdog applet.

However, one thing you should look at first is to make sure AAA is not interfering with your applet execution.  Are you using AAA command authorization?

0 Helpful
Customers Also Viewed These Support Documents