05-08-2012 12:03 AM
Was given this applet by Cisco Tac, waiting to hear from them as well;
event manager applet capture_cpu_spike
event snmp oid 1.3.6.1.4.1.9.2.1.56 get-type next entry-op ge entry-val 85 exit-time 600 poll-interval 1
action 1.0 cli command "enable"
action 1.1 syslog msg "CPU Utilization is high"
action 1.2 cli command "term exec prompt timestamp"
action 1.3 cli command "sh proc cpu sorted | redirect flash:cpu_info.txt"
action 1.4 cli command "show interface | redirect flash:interface_info.txt"
action 1.5 cli command "term no exec prompt timestamp"
action 1.6 syslog msg "CPU Utilization is Low"
Probelm is that it creates the files on the flash;
Directory of flash:/
1 -rw- 55809628 Feb 22 2011 15:06:38 +00:00 c2800nm-advipservicesk9-mz.124-20.T.bin
4 -rw- 31 May 8 2012 06:42:34 +00:00 cpu_info.txt
3 -rw- 31 May 8 2012 06:42:36 +00:00 interface_info.txt
2 -rw- 736 Feb 26 2010 10:11:24 +00:00 vlan.dat
but when you check the contents of the files, both say;
JNJSILJ1RR2203#more cpu_info.txt
Command authorization failed.
What's up????
Thanks
05-08-2012 12:12 AM
You need to configure:
event manager session cli username USER
Where USER is a username authorized to run all of the CLI commands in your applet.
05-08-2012 12:57 AM
Ok, tried this butr am still getting same;
username EEM privilege 15
event manager session cli username EEM
event manager applet capture_cpu_spike
event snmp oid 1.3.6.1.4.1.9.2.1.56 get-type next entry-op ge entry-val 85 exit-time 600 poll-interval 1
action 1.0 cli command "enable"
action 1.1 syslog msg "CPU Utilization is high"
action 1.2 cli command "term exec prompt timestamp"
action 1.3 cli command "sh proc cpu sorted | redirect flash:cpu_info.txt"
action 1.4 cli command "show interface | redirect flash:interface_info.txt"
action 1.5 cli command "term no exec prompt timestamp"
action 1.6 syslog msg "CPU Utilization is Low"
Just to be sure tried this also;
username USER privilege 15
event manager session cli username USER
05-08-2012 01:12 AM
Does your AAA configuration look to the local user database first? If not, then you need to configure the EEM user on your AAA server.
05-08-2012 01:25 AM
So what if i tried my TACACS id. I am not automatically in enable mode however, I have to do enable then the enable p/w?
Can EEM accomodate something like that?
05-08-2012 01:27 AM
Your user name will be fine. EEM doesn't need passwords. It will use the username for authorization only.
05-08-2012 01:32 AM
Apologize, but i am confused. My TACACS id doesn't have level 15 privileges by default, only when i go in enable mode?
05-08-2012 01:36 AM
Right, that's fine. Your applet's first CLI command is "enable" so the policy will enter enable mode using your username. As long as you can run the commands in your applet, your username will be fine to use as the session CLI username.
05-08-2012 01:46 AM
It is WORKING, THANK YOU VERY MUCH !!!!!!!!!!!!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide