Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
7365
Views
0
Helpful
6
Replies

Check NTP Synchronization Status

Go to solution
asigachev
Level 1
Level 1

ā€Ž11-02-2015 09:08 AM

I have two border routers that get time from external NTP servers while delivering it to my internal network devices. Sometimes some or even all of the configured exrernal servers  go down, so we lose the sync.

I am trying to write a script that checks the NTP status and notifies me if NTP is either unsynchronized or synchronized to internal clock.

Polling OID "cntpSysSrvStatus" 1.3.6.1.4.1.9.9.168.1.1.11 (Part of CISCO-NTP-MIB) which according to Cisco reports exactly what I need:

1: server status is unknown

2: server is not running

3: server is not synchronized to any time source

4: server is synchronized to its own local clock

5: server is synchronized to a local hardware refclock (e.g. GPS)

6: server is synchronized to a remote NTP server

And this gives me a result snmp_entry_value_check: OID unavailable, value check skipped

The images I have tested it on are c7200-advipservicesk9-mz.152-4.M8 and asr1002x-universalk9.03.10.05.S.153-3.S5-ext.SPA.bin

One of my questions is: do I need to configure anything in the SNMP part on the device so that EEM could poll it?

Does any one has this task solved and how?

2 people had this problem
Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Dan Frey
Cisco Employee
Cisco Employee

ā€Ž11-02-2015 12:55 PM

Try polling ntpEntStatusCurrentMode  from the NTP-MIB.   Gives the same info as cntpSysSrvStatus.

View solution in original post

0 Helpful

Go to solution
Dan Frey
Cisco Employee
Cisco Employee
In response to asigachev

ā€Ž11-02-2015 04:58 PM

Try changing the get-type from exact to next.

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Dan Frey
Cisco Employee
Cisco Employee

ā€Ž11-02-2015 12:55 PM

Try polling ntpEntStatusCurrentMode  from the NTP-MIB.   Gives the same info as cntpSysSrvStatus.

0 Helpful

Go to solution
asigachev
Level 1
Level 1
In response to Dan Frey

ā€Ž11-02-2015 04:41 PM

Same result:

event manager applet checkntp authorization bypass
 event snmp oid 1.3.6.1.2.1.197.1.2.1 get-type exact entry-op eq entry-val "1" entry-type value poll-interval 30 ratelimit 60
 action 1.0 puts "OK"
 action 2.0 exit

Nov  2 06:33:19.055: fh_fd_snmp_process_async
Nov  2 06:33:19.055: fh_fd_snmp_process_poll_timer: re=0x6A837C00, timer_type=POLL
Nov  2 06:33:19.059: fh_fd_snmp_oid_val_fetch: storing OID value
Nov  2 06:33:19.059: snmp_entry_value_check: OID unavailable, value check skipped
Nov  2 06:33:19.059: fh_fd_snmp_start_poll_timer: start_t=30000

0 Helpful

Go to solution
Dan Frey
Cisco Employee
Cisco Employee
In response to asigachev

ā€Ž11-02-2015 04:58 PM

Try changing the get-type from exact to next.

0 Helpful

Go to solution
asigachev
Level 1
Level 1
In response to Dan Frey

ā€Ž11-04-2015 05:13 AM

Thanks! It works well with OID 1.3.6.1.2.1.197.1.2.1 and get-type next.

I have tested the situations with NTP unsynchronized, synchronized to internal clock and synchronized to external server, all three statuses were returned correctly.

The whole script, just if anyone needs is:

event manager applet ntp-sync-check
 event tag 1 snmp oid 1.3.6.1.2.1.197.1.2.1 get-type next entry-op ne entry-val "6" entry-type value poll-interval 86400
 event tag 5 none
 trigger
  correlate event 1 or event 5
 action 0.10 info type routername
 action 1.00 cli command "enable"
 action 1.10 cli command "show ntp asso"
 action 1.20 set ntpa "$_cli_result"
 action 2.00 cli command "show ntp status"
 action 2.20 set ntpst "$_cli_result"
 action 3.00 syslog priority critical msg "NTP sync failed" facility "NTP"
 action 3.10 mail server "SERVER" to "MAIL@MAIL" from "$_info_routername@DOMAIN"  subject "** NTP Sync Failure **" body "$ntpst \015\012\015\012 $ntpa"
 action 3.20 snmp-trap strdata "NTP Sync failed"
 action 3.30 exit
0 Helpful

Go to solution
Justin Godsey
Level 1
Level 1
In response to asigachev

ā€Ž03-15-2017 08:22 AM

what about an applet that only sends an email when NTP is unsynchronized.  I have tried to edit this applet using "andnot" in the correlation configuration, but it will always email every 24 hours.

0 Helpful

Go to solution
tneuhuber
Level 1
Level 1

ā€Ž08-25-2023 02:12 AM

hello,

thx to Asigachev.

i did it this way, you will get a syslog/trap once a week if ntp is in sync. "unsync" state is checked every hour, syslog/trap is

send every hour, as long unsync persists.

kind regards, Thomas

event manager applet NTP_SYNC_CHECK
event tag 1 snmp oid 1.3.6.1.2.1.197.1.2.1 get-type next entry-op eq entry-val "6" entry-type value poll-interval 302400
event tag 2 snmp oid 1.3.6.1.2.1.197.1.2.1 get-type next entry-op ne entry-val "6" entry-type value poll-interval 3600
trigger
correlate event 1 or event 2
action 0.10 info type routername
action 1.10 info type snmp oid 1.3.6.1.2.1.197.1.2.1 get-type next
action 1.20 if $_info_snmp_value eq "6"
action 1.30 syslog priority inform msg "NTP_in_Sync" facility "NTP"
action 1.31 snmp-trap strdata "NTP in Sync"
action 1.50 cli command "enable"
action 1.51 cli command "show ntp asso | append flash:ntpstatus.txt"
action 1.52 set ntpa "$_cli_result"
action 1.53 cli command "show ntp status | append flash:ntpstatus.txt"
action 1.60 set ntpst "$_cli_result"
action 2.00 else
action 2.10 cli command "enable"
action 2.11 cli command "show ntp asso | append flash:ntpstatus.txt"
action 2.12 set ntpa "$_cli_result"
action 2.13 cli command "show ntp status | append flash:ntpstatus.txt"
action 2.14 set ntpst "$_cli_result"
action 2.30 syslog priority critical msg "NTP sync failed" facility "NTP"
action 2.31 snmp-trap strdata "NTP Sync failed"
action 9.00 end

 

 

0 Helpful
Customers Also Viewed These Support Documents