10-29-2012 10:00 AM
I have applied the following eem policy to backup our switch config when a change is made to the configuration:
event manager applet SAVE
event syslog occurs 1 pattern "%SYS-5-CONFIG_I:"
action 1.0 cli command "enable"
action 2.0 cli command "copy running-config tftp:"
action 3.0 cli command "X.X.X.X"
action 4.0 cli command "switch-name"
but it doesn't backup the config. I can tell the event is triggered by adding the following to the action:
event manager applet SAVE
event syslog occurs 1 pattern "%SYS-5-CONFIG_I:"
action 1.0 cli command "enable"
action 2.0 cli command "copy running-config tftp:"
action 3.0 cli command "X.X.X.X"
action 4.0 cli command "switch-name"
action 5.0 syslog msg "Config Saved to TFTP"
and Config Saved to TFTP is written to the log buffer.
Below is the debug event manager action cli output. I'm getting Command authorization failed. We are using tacacs.
.Oct 29 13:29:50.817 edt: %SYS-5-CONFIG_I: Configured from console by rhopkins on vty0 (10.249.0.18)
.Oct 29 13:29:50.821 edt: %HA_EM-6-LOG: SAVE : DEBUG(cli_lib) : : CTL : cli_open called.
.Oct 29 13:29:50.821 edt: %HA_EM-6-LOG: SAVE : DEBUG(cli_lib) : : OUT : NC-MCL-FIC1-SW01>
.Oct 29 13:29:50.821 edt: %HA_EM-6-LOG: SAVE : DEBUG(cli_lib) : : IN : NC-MCL-FIC1-SW01>enable
.Oct 29 13:29:50.833 edt: %HA_EM-6-LOG: SAVE : DEBUG(cli_lib) : : OUT : NC-MCL-FIC1-SW01#
.Oct 29 13:29:50.833 edt: %HA_EM-6-LOG: SAVE : DEBUG(cli_lib) : : IN : NC-MCL-FIC1-SW01#copy running-config tftp:
.Oct 29 13:29:51.045 edt: %HA_EM-6-LOG: SAVE : DEBUG(cli_lib) : : OUT : Command authorization failed.
.Oct 29 13:29:51.045 edt: %HA_EM-6-LOG: SAVE : DEBUG(cli_lib) : : OUT :
NC-MCL-FIC1-SW01#
.Oct 29 13:29:51.045 edt: %HA_EM-6-LOG: SAVE : DEBUG(cli_lib) : : OUT : NC-MCL-FIC1-SW01#
.Oct 29 13:29:51.045 edt: %HA_EM-6-LOG: SAVE : DEBUG(cli_lib) : : IN : NC-MCL-FIC1-SW01#copy running-config tftp:
.Oct 29 13:29:51.257 edt: %HA_EM-6-LOG: SAVE : DEBUG(cli_lib) : : OUT : Command authorization failed.
.Oct 29 13:29:51.257 edt: %HA_EM-6-LOG: SAVE : DEBUG(cli_lib) : : OUT :
.Oct 29 13:29:51.257 edt: %HA_EM-6-LOG: SAVE : DEBUG(cli_lib) : : OUT : NC-MCL-FIC1-SW01#
.Oct 29 13:29:51.257 edt: %HA_EM-6-LOG: SAVE : DEBUG(cli_lib) : : CTL : cli_close called.
Any Ideas?
Message was edited by: Russell Hopkins
11-02-2012 12:44 AM
You need to use the "pattern" keyword:
action 2.0 cli command "copy running-config tftp:" pattern "Address"
action 2.1 cli command "X.X.X.X" pattern "filename"
action 2.2 cli command "switch-name"
11-03-2012 09:26 PM
Maybe a nice exercise, but I'd look into the archive command.
Sent from Cisco Technical Support iPad App
11-12-2012 05:25 AM
I agree with Jeff, the archive command is probably what you want to do this a standard way. However, to play along with the exercise, do you have 'event manager session cli username' configured, and if so does the username you have specified have permission to use the command in question? It appears from your debug that the username used for the EEM script is not allowed by TACACS command authorization to use the 'copy run...' command.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide