Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1309
Views
0
Helpful
3
Replies

Empty syslog message when filtering with ESM

Go to solution
ealeatherman
Level 4
Level 4

‎09-28-2010 12:29 PM

Hello,

I am attempting to out syslog messages using ESM. I found a tcl script in an older post and modified it slightly:

if { [string length $::orig_msg] == 0 } {
    return ""
}
set msgs [list {LINK-3-UPDOWN} {PROTO-5-UPDOWN}]
set fac_sev_mnem "${::facility}-${::severity}-${::mnemonic}"
foreach msg $msgs {
    if { $msg == $fac_sev_mnem } {
    return ""
    }
}
return $::orig_msg

I'm testing this using a catalyst 3750 running 12.2.44SE5.

It's working except, when it matches a message instead of dropping it completely it sends a blank message to syslog, buffer, etc. It seems like a very simple script, I'm not sure where to go from here.

Thanks in advance!

Ed

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee
In response to Joe Clarke

‎09-28-2010 02:56 PM

You can use this script as a workaround.

if { [string length $::orig_msg] == 0 } {
    return ""
}

set msgs [list {LINK-3-UPDOWN} {PROTO-5-UPDOWN}]

set fac_sev_mnem "${::facility}-${::severity}-${::mnemonic}"

foreach msg $msgs {
    if { $msg == $fac_sev_mnem } {
    return ""
    }
}

set first_char [string range $::orig_msg 0 0]
if { [string compare $first_char "\n"] == 0 } {
    set new_string [string range $::orig_msg 1 end]
    return $new_string
} else {
    return $::orig_msg
}

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee

‎09-28-2010 02:51 PM

I think I see what you're seeing, but I don't think it's the filtered messages that generate the newlines.  I think you're seeing all non-filtered messages followed by an extra newline.  For example:

Sep 28 21:46:04: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/23, changed state to up
Sep 28 21:46:17: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/23, changed state to down
Sep 28 21:46:22: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/23, changed state to up
Sep 28 21:48:15: %SYS-5-CONFIG_I: Configured from console by cse on vty3 (172.18.123.93)
Sep 28 21:48:25: %SYS-5-CONFIG_I: Configured from console by cse on vty3 (172.18.123.93)

If so, then this is bug CSCsu74220, which is not yet fixed on the Cat3K line.

0 Helpful

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee
In response to Joe Clarke

‎09-28-2010 02:56 PM

You can use this script as a workaround.

if { [string length $::orig_msg] == 0 } {
    return ""
}

set msgs [list {LINK-3-UPDOWN} {PROTO-5-UPDOWN}]

set fac_sev_mnem "${::facility}-${::severity}-${::mnemonic}"

foreach msg $msgs {
    if { $msg == $fac_sev_mnem } {
    return ""
    }
}

set first_char [string range $::orig_msg 0 0]
if { [string compare $first_char "\n"] == 0 } {
    set new_string [string range $::orig_msg 1 end]
    return $new_string
} else {
    return $::orig_msg
}

0 Helpful

Go to solution
ealeatherman
Level 4
Level 4
In response to Joe Clarke

‎09-30-2010 04:06 PM

Joseph, that did the trick. Thanks A LOT!

Ed

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card