Here is the applet as its entered into the cli.  Note that the "more http" commands result in "^V?? to pass HTTP GET parameters via the CLI.

event manager applet detect-mac
 event mat mac-address "^.*$" type add
 action 01.00 if $_mat_notification eq "add"
 action 01.01  cli command "enable"
 action 01.02 cli command "show int $_mat_intf_name switchport | inc Administrative Mode:"
 action 01.03  string match "*trunk*" "$_cli_result"
 action 01.04  syslog msg "Interface: $_mat_intf_name Result: $_cli_result"
 action 02.00  if $_string_result eq "0"
 action 02.01 cli command "show ver | i ^Copyright.*by"
 action 02.02 set i 0
 action 03.00 foreach line "$_cli_result" "\n"
 action  04.00 if $i eq 0
 action  04.01  regexp "^Copyright.*by\s*(.*)$" $line match manufacturer
 action  04.02  string trim $manufacturer
 action  04.03  set manufacturer $_string_result
 action  04.04 end
 action  04.05 increment i 1
 action 04.06 end
 action 05.00 foreach line "$manufacturer" " "
 action 05.01  append newmanufacturer $line
 action 05.02  append newmanufacturer "%20"
 action 05.03 end
 action 05.04 string trimright $newmanufacturer "%20"
 action 05.05 set manufacturer $_string_result
 action 05.06 cli command "show ver | i ^Model number"
 action 05.07 set i 0
 action 06.00 foreach line "$_cli_result" "\n"
 action  07.00 if $i eq 0
 action  07.01  regexp "^Model number\s*:\s*(.*)" $line match model_num
 action  07.02  string trim $model_num
 action  07.03  set model_num $_string_result
 action  07.04 end
 action  07.05 increment i 1
 action 07.06 end
 action 07.07 cli command "show ver | i ^System serial number"
 action 07.08 set i 0
 action 08.00 foreach line "$_cli_result" "\n"
 action  09.00 if $i eq 0
 action  09.01  regexp "^System serial number\s*:\s*(.*)" $line match serial_num
 action  09.02  string trim $serial_num
 action  09.03  set serial_num $_string_result
 action  09.04 end
 action  09.05 increment i 1
 action 09.06 end
 action 09.07   cli command "more $identityserver/?man=$manufacturer&mod=$model_num&sn=$serial_num"
 action 09.08   cli command "more $identityserver/?mac=$_mat_mac_address&int=$_mat_intf_name&sn=$serial_num&mod=$model_num"
 action 09.09   string match "*(I/O error)*" "$_cli_result"
 action 10.00   if $_string_result eq "0"
 action 10.01    regexp "(.*):" $_cli_result match macro
 action 10.02    regexp ":(.*)" $_cli_result match description
 action 11.00   else
 action 11.01    syslog msg "Call to identity server failed! Result: $_cli_result"
 action 11.02    cli command "exit"
 action 11.03    exit 1
 action 11.04   end
 action 11.05   cli command "show run | i macro name $macro"
 action 11.06   string match "*$macro*" "$_cli_result"
 action 12.00   if $_string_result eq "1"
 action 12.01    cli command "config t"
 action 12.02    cli command "interface $_mat_intf_name"
 action 12.03    cli command "macro apply $macro DESCRIPTION $description"
 action 12.04    cli command "end"
 action 12.05    syslog msg "Interface: $_mat_intf_name, MAC: $_mat_mac_address, Macro: $macro"
 action 13.00   else
 action 13.01    cli command "show run | i macro name $defaultmacro"
 action 13.02    string match "*$defaultmacro*" "$_cli_result"
 
 action 14.00    if $_string_result eq "1"
 action 14.01     cli command "config t"
 action 14.02     cli command "interface $_mat_intf_name"
 action 14.03     cli command "macro apply $defaultmacro DESCRIPTION $description"
 action 14.04     cli command "end"
 action 14.05    end
 action 14.06   end
 action 14.07  end
 action 14.08  cli command "exit"
 action 14.09 end
exit

 The full URLs that get called are:

more http://10.x0.x00.x1/plugins/identify/?man=Cisco%20Systems,%20Inc.&mod=WS-C3560V2-24PS-S&sn=FDO####X#
more http://10.x0.x00.x1/plugins/identify/?mac=0000.000b.0e70&int=FastEthernet0/19&sn=FDO####X#JC&mod=WS-C3560V2-24PS-S

Notice that the last two characters of the first call SN are missing.  I tried to add various quotes and it just resulted in more of the SN being trunkated because the of additional quote charters at the beginning of the string.

It doesnt make sense that one gets trunkated at 107 characters while the other one is 121 characters and works as expected.

I could possibly split my http requests up even more.

I don't think this is EEM's fault.  Can you manually type those commands with the full URL?  I think you might be hitting EXEC's line length limit.

I thought that too except the one that isnt working is only like 101 characters and the one that was working is over 120.

As a work around I split them into two different calls and it works fine.  Im not sure why the shorter command would get truncated and the longer one doesnt.

action 09.07   cli command "more $identityserver/?man=$manufacturer&mod=$model_num"
action 09.08   cli command "more $identityserver/?mod=$model_num&sn=$serial_num"
action 09.09   cli command "more $identityserver/?mac=$_mat_mac_address&int=$_mat_intf_name&sn=$serial_num&mod=$model_num"

I have not seen this before.  EEM simply executes the commands as you would do it manually.  That said, I don't use CLI for this type of thing.  I would instead use EEM Tcl and the Tcl http client library as that gives me more control over the headers and the request itself.

I thought about implementing this in Tcl instead of EEM.  Perhaps thats what I should have done but the documents I found said that only 1 Tcl policy can run at once where multiple EEM events can run simultainiously.  

Given that my EEM is actually doing realtime interface configuration I liked that multiple applets could execute in parallel.  The queue depth of 64 is a little problematic but I have written the EEM applet so it exists on trunk interfaces quickly to try and keep the queued depth short.

If I reboot the entire switch (or clear the entire address table) I can see missed events but they are typically detected later and so do not cause a big problem.  We use secure interface configurations so having a device with the wrong type of configuration is not a major problem.

By default there is only one scheduler thread allocated to Tcl, but you can always increase this.  You can do this for applets as well (increase beyond the default of 5).

event manager scheduler script thread class default number X

Where X is the number of script threads you want.

The queue depth will max out at 64, though.

I was aware you could do that for applets but I must have missed in the documentation I was reading and I never tried it for Tcl.  I expect it would still run into VTY exhaustion problem you do with EEM applets (going into enable mode consumes 2 VTY sessions per running applet/Tcl script).

There are some benefits to having the applet in the running configuration but it might be nice if the HTTP client is more robust than what can be done in an applet.

Perhaps I will have to re-write this as a Tcl script instead of an EEM applet just to see what else could be done.

Up next is navigating the 15.0 license changes to EEM.  Tried to update one of our switches to 15.0 code and it just stopped running my applets.  :(

I know of no license changes in 15.x that would prevent EEM from running.  We have EEM in all license levels.

I was having a difficult time finding it but I knew I read something about it.

"IP Services feature set also includes the Embedded Event Manager (EEM) and IP service-level agreements (SLAs) initiator functionalities."

Makes it sound like all other licenses do NOT include EEM.

https://www.cisco.com/c/en/us/products/collateral/switches/catalyst-3750-x-series-switches/product_bulletin_c25-578934.html

I wonder if 15.0 was not running my command instead of truncating it?  I will try to upgrade again now that I re-worked my applet to avoid the trunkation.

I tried again and it still would not run.  See here.

https://www.cisco.com/c/en/us/products/collateral/switches/catalyst-3560-series-switches/data_sheet_c78-530976.html

• Embedded Event Manager (EEM) is a powerful and flexible tool for management and automation. This feature can be used to monitor network events and program automatic actions based on these network events. Policies can be defined via CLI or Tcl script and can be used in a variety of scenarios, such as automatically backing up a configuration file at a specified time or triggering an alert when traffic congestion crosses a specified threshold. EEM requires the IP Services license.

Just odd that in 12.2(55)SE11 EEM works but in 15.0(2)SE11 it does not.

This has nothing to do with a license.  If EEM wasn't licensed, the CLI would disappear from the config.  Likely you're seeing CSCts76356.  This was not fixed until 15.2 code.

I dont have access to the bug but if there is a known bug in 15.0 then it would explain why it just stops running after the code change.

The original issue still bugs me.  Could "Cisco%20Systems,%20Inc." require extra characer space in the CLI or I wonder if my code is generating additinal non-printable characters that I just dont see but are still being counted as they are entered/typed in the CLi by EEM?

I wonder if "action string length"could verify there are no additional junk characters in my variables.

Edit: I just remembered that manually typing the command also resulted in it being truncated so its not some extra characters in the variables.

The bug states that the MAT event detector no longer works in 15.0SE code, which I believe is what you're seeing.  The bug was corrected, but only in the next big release, which was 15.2E.

On "junk" characters, I know IOS uses "\r\n" for end of lines, which has the tendency to make formatting appear wrong.  You may want to use the string trim functions to clean up leading and trailing whitespace.