I have two applets I am using to track connectivity and add or remove an ICMP ACL to an interface based on the tracking state. On the "up" applet I have two correlated events, one for tracking and the other for a cron timer. Essentially I want to add the ACL when tracking goes down and then remove it at a specified time once the tracking comes back up. It is working, but I would like to add some logic that tells the SLA_TEST_UP applet to only run the actions at the specified cron time IF the tracking object has been up for <x> seconds to avoid bringing up an unstable path.

ip sla 99

icmp-echo 8.8.8.8 source-ip 10.10.1.1

tag "ICMP Monitoring to Internet - 1"

frequency 10

ip sla schedule 99 life forever start-time now

ip sla 100

icmp-echo 8.8.4.4 source-ip 10.20.1.1

tag "ICMP Monitoring to Internet - 2"

frequency 10

ip sla schedule 100 life forever start-time now

track 5 ip sla 99

!

track 10 ip sla 100

!

track 42 list boolean and

object 5

object 10

event manager applet SLA_TEST

event syslog pattern "TRACKING-5-STATE: 42 .* Up->Down"    ! had to use this since it is a C3560X switch and EEM doesn't support tracking

action 1.1 cli command "enable"

action 1.2 cli command "configure terminal"

action 1.3 cli command "interface GigabitEthernet0/1.10"

action 1.4 cli command "ip access-group ICMP_DROP in"

action 1.5 cli command "end"

event manager applet SLA_TEST_UP

event tag 1.0 syslog pattern "TRACKING-5-STATE: 42 .* Down->Up"

event tag 2.0 timer cron cron-entry "24 16 * * *"

trigger occurs 1 delay 1

  correlate event 1.0 and event 2.0

  attribute tag 1.0 occurs 1

  attribute tag 2.0 occurs 1

action 1.1 cli command "enable"

action 2.1 cli command "configure terminal"

action 3.1 cli command "interface GigabitEthernet0/1.10"

action 4.1 cli command "no ip access-group ICMP_DROP in"

action 5.0 cli command "end"

Thanks!

Tim