Re: EEM e-mail notification on NX-OS

altaf007 · ‎06-02-2019

Greetings,

I am trying to get Nexus 5548/72 NX-OS 6.3 to use EEM to send an e-mail notification when port security violation is triggered. I am using EEM with python to generate an e-mail notification. Below is my EEM code .I have sanitized it for security reason.

event manager environment _email_to to@abc.com
event manager environment _email_server x.x.x.x
event manager environment _email_from from@xyz.com
event manager applet PortSecurity
event syslog pattern "(Error disabled. Reason:Security violation)"
action 1.0 set $_info_routername "hostname"
action 2.0 set cli command "enable"
action 3.0 set cli command "sh run | include hostname"
action 4.0 regexp "hostname (.*)" "$_cli_result" "$info_routername"
action 5.0 cli command "source sendemail.py $_emailserver $_email_from $_email_to subject " Port Security violation " body $_syslog_msg \n Login to $_cli_result to investigate

I triggered port security but it never sends an e-mail.
i get following error when i type this command in nexus console.
source sendemail.py SMTP_SERVER TO_ADDR FROM_ADDR MSG
Traceback (most. recent call last:) . File n / bootflash/scripts/sendernail . py" line 26 , in zmodule> tsp 0b j — smtplib . SMTP (server)
File / isan/python/scriptš/gmtplib line 242, in _ ini t._ (code, msg) self . connect (host, port)
File " / i san/ python/ scripts/smtplib . py" , line 302, in connect self . sock self (hose, port, self . timeout:) File " / isan/python/scripts/smtplib . py t' , line 277, in _get_socket: return socket ( (port, host) timeout)
Filé t' /isan/python/scripts/socket . , line 583 , in raise err socket. error: [F,rrno 113! NO route to host:

I have attached sendemail.py code for your review. Appreciate any help or suggestion. Thanks

Seb Rupik · ‎06-03-2019

Hi there,

The "NO route to host" string in the last line of the error message should be investigated. On the Nexus is there a route to the email server?

Are you using VRFs, is there a route to the email server in the default VRF?

cheers,

Seb.

altaf007 · ‎06-03-2019

Hi Seb,

Thanks for your reply. I am using default vrf in nexus. I am able to ping email server from nexus. I am also able to connect to email server on port 25 using telnet from nexus. I think routing is good. I also tested python sendemail.py on Linux server and I am able to get an email from it. I think something in Nexus not activating python. Anyway , let me know if you have any idea or suggestions. Thanks

altaf007 · ‎06-03-2019

Hi Seb,

Thanks for your reply. I am using default vrf in nexus. I am able to ping email server from nexus. I am also able to connect to email server on port 25 using telnet from nexus. I think routing is good. I also tested python sendemail.py on Linux server and I am able to get an email from it. I think something in Nexus not activating python. Thanks

Seb Rupik · ‎06-03-2019

Ah! now I see it, you have a typo in you EEM script, a missing underscore in _email_server. Action 5.0 should be:

action 5.0 cli command "source sendemail.py $_email_server $_email_from $_email_to subject " Port Security violation " body $_syslog_msg \n Login to $_cli_result to investigate

cheers,

Seb.

altaf007 · ‎06-03-2019

Seb,

good catch. I will test it out when I go back to work next week since I am on leave :) . Thanks for your help.