cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Cisco ASA EEM Variables

Jason Kopacko
Enthusiast
Enthusiast

I have an EEM applet that nightly makes a backup of all my ASA firewalls. I have to, daily move the config backups so the next backup doesn't just over write the config.

I would like to pass a variable or append the timestamp so that the backup is archived versus overwritten on the FTP server.

I can't seem to find any information on how to pass a variable or include the timestamp in the file transfer.

11 REPLIES 11

Joe Clarke
Hall of Fame Cisco Employee Hall of Fame Cisco Employee
Hall of Fame Cisco Employee

This is not possible in ASA EEM.  The closest thing is the output file rotate capability.  Where you can rotate the output file can change with an incrementing number.  If you keep this on flash and copy the file to your FTP server, you could at least have a unique name.

So you are saying store the file locally first with the EEM and then copy it off to the ftp server?

Joe Clarke
Hall of Fame Cisco Employee Hall of Fame Cisco Employee
Hall of Fame Cisco Employee

Yes, using output file rotate.

ronshuster
Beginner
Beginner

Can you share that script pls?

I have not gotten the output file rotate function to work correctly. As soon as I do, I will post it here.

Here is what I have right now:

event manager applet Config_Backup
event timer absolute time 0:00:00
event none
action 1 cli command "enable"
action 2 cli command "copy /noconfirm running-config ftp://user:pass@x.x.x.x/firewallname.ftp.config"
action 3 cli command "exit"
output none

Thanks Jason, does this work on both x and non x series ASA's?

Any minimum requirements as far as IOS code?

I am not sure about non X series and I am on 9.2(3) for all my sites.

Jason, so every time I would "wr me" on the firewall the script will copy the config to my tftp server? Same concept as "archive"?  Or is there something else that would trigger the copy?  Thanks again.

what I did is to lisen to the syslog id 111005 (end configuration):

event syslog id 111005

this way, as soon as there is a config change the ASA copies the file to the SCP server.

I'm using this config for weekly backup:

event manager applet backup
 event none
 event timer watchdog time 604800
 action 0 cli command "backup /noconfirm location tftp://X.X.X.X/"
 output none

 

and output is hostname.backup.timestamp.tar.gz

 

Thank you very much, jaromir.grich.888 for this great answer!
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: