Cisco Community
English
Register
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

2649
Views
15
Helpful
11
Replies
Jason Kopacko
Jason Kopacko Enthusiast
Enthusiast
‎11-13-2015 10:23 AM
‎11-13-2015 10:23 AM

Cisco ASA EEM Variables

I have an EEM applet that nightly makes a backup of all my ASA firewalls. I have to, daily move the config backups so the next backup doesn't just over write the config.

I would like to pass a variable or append the timestamp so that the backup is archived versus overwritten on the FTP server.

I can't seem to find any information on how to pass a variable or include the timestamp in the file transfer.

Labels:
1 person had this problem
0 Helpful
Reply
11 REPLIES 11
Joe Clarke
Hall of Fame Cisco Employee Joe Clarke Hall of Fame Cisco Employee
Hall of Fame Cisco Employee
‎11-17-2015 07:20 AM
‎11-17-2015 07:20 AM

This is not possible in ASA

This is not possible in ASA EEM.  The closest thing is the output file rotate capability.  Where you can rotate the output file can change with an incrementing number.  If you keep this on flash and copy the file to your FTP server, you could at least have a unique name.

0 Helpful
Reply
Jason Kopacko
Jason Kopacko Enthusiast
Enthusiast
‎11-17-2015 07:30 AM
‎11-17-2015 07:30 AM

So you are saying store the

So you are saying store the file locally first with the EEM and then copy it off to the ftp server?

0 Helpful
Reply
Joe Clarke
Hall of Fame Cisco Employee Joe Clarke Hall of Fame Cisco Employee
Hall of Fame Cisco Employee
‎11-17-2015 07:32 AM
‎11-17-2015 07:32 AM

Yes, using output file rotate

Yes, using output file rotate.

0 Helpful
Reply
ronshuster
ronshuster Beginner
Beginner
‎12-07-2015 05:10 PM
‎12-07-2015 05:10 PM

Can you share that script pls

Can you share that script pls?

0 Helpful
Reply
Jason Kopacko
Jason Kopacko Enthusiast
Enthusiast
‎12-09-2015 10:51 AM
‎12-09-2015 10:51 AM

I have not gotten the output

I have not gotten the output file rotate function to work correctly. As soon as I do, I will post it here.

Here is what I have right now:

event manager applet Config_Backup
 event timer absolute time 0:00:00
 event none
 action 1 cli command "enable"
 action 2 cli command "copy /noconfirm running-config ftp://user:pass@x.x.x.x/firewallname.ftp.config"
 action 3 cli command "exit"
 output none
0 Helpful
Reply
ronshuster
ronshuster Beginner
Beginner
‎12-09-2015 10:58 AM
‎12-09-2015 10:58 AM

Thanks Jason, does this work

Thanks Jason, does this work on both x and non x series ASA's?

Any minimum requirements as far as IOS code?

0 Helpful
Reply
Jason Kopacko
Jason Kopacko Enthusiast
Enthusiast
‎12-09-2015 11:27 AM
‎12-09-2015 11:27 AM

I am not sure about non X

I am not sure about non X series and I am on 9.2(3) for all my sites.

0 Helpful
Reply
ronshuster
ronshuster Beginner
Beginner
‎12-10-2015 07:20 AM
‎12-10-2015 07:20 AM

Jason, so every time I would

Jason, so every time I would "wr me" on the firewall the script will copy the config to my tftp server? Same concept as "archive"?  Or is there something else that would trigger the copy?  Thanks again.

0 Helpful
Reply
Christian Maier
Christian Maier Beginner
Beginner
‎01-15-2016 05:41 AM
‎01-15-2016 05:41 AM

what I did is to lisen to the

what I did is to lisen to the syslog id 111005 (end configuration):

event syslog id 111005

this way, as soon as there is a config change the ASA copies the file to the SCP server.

0 Helpful
Reply
jaromir.grich.888
jaromir.grich.888 Beginner
Beginner
‎09-08-2017 03:20 AM
‎09-08-2017 03:20 AM

Re: Cisco ASA EEM Variables

I'm using this config for weekly backup:

event manager applet backup
 event none
 event timer watchdog time 604800
 action 0 cli command "backup /noconfirm location tftp://X.X.X.X/"
 output none

 

and output is hostname.backup.timestamp.tar.gz

 

Reply
Highlighted
Yura Kazakevich
Yura Kazakevich Beginner
Beginner
‎05-15-2018 06:40 AM
‎05-15-2018 06:40 AM

Re: Cisco ASA EEM Variables

Thank you very much, jaromir.grich.888 for this great answer!
0 Helpful
Reply
Latest Contents
How to configure Wide Area Bonjour in SD-Access ( SDA ) with...
Created by pbagga on 10-15-2019 05:23 PM
0
0
0
0
How to configure Wide Area Bonjour in SD-Access (SDA) with Cisco DNAC 1.3.1 <placeholder>
How to do host on-boarding in SD-Access
Created by pbagga on 10-15-2019 05:15 PM
0
0
0
0
How to do host on-boarding in SD-Access <placeholder>
How to create SD-Access Fabric
Created by pbagga on 10-15-2019 05:14 PM
0
0
0
0
How to create SD-Access Fabric <placeholder>
How to provision devices in SD-Access
Created by pbagga on 10-15-2019 05:13 PM
0
0
0
0
How to provision devices in SD-Access <placeholder>
How to create policy in SD-Access
Created by pbagga on 10-15-2019 05:11 PM
0
0
0
0
How to create policy in SD-Access <placeholder>
CreatePlease to create content
Discussion
Blog
Document
Video
Content for Community-Ad
July's Community Spotlight Awards