cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2968
Views
5
Helpful
4
Replies
pangassam
Beginner

How to delay execution of EEM after another event

Hi there,

I am looking for help writing a script that will manually clear an IPSec tunnel 10 minutes after a delete SA message is sent to the console.

Here is the script I have on my router, it doesn't seem to work as I have to complete action 3.1 manually. 

event manager applet IPSEC-Cleanup
event syslog pattern "delete SA with .*"
trigger delay 615
action 1.1 regexp "delete SA with .* for ([0-9\.]+)" "$_syslog_msg" match remote-peer
action 2.0 syslog msg "Tunnel with $remote-peer is down"
action 3.0 cli command "enable"
action 3.1 cli command "clear crypto session remote $remote-peer"

Thanks for your help.

1 ACCEPTED SOLUTION

Accepted Solutions
Joe Clarke
Hall of Fame Cisco Employee

Have a look at the document I just wrote on this subject:

https://supportforums.cisco.com/document/12723951/how-introduce-large-delays-eem-policies

The idea is that you use another policy to do the long countdown for you.

View solution in original post

4 REPLIES 4
Joe Clarke
Hall of Fame Cisco Employee

Have a look at the document I just wrote on this subject:

https://supportforums.cisco.com/document/12723951/how-introduce-large-delays-eem-policies

The idea is that you use another policy to do the long countdown for you.

View solution in original post

Thanks Joe,

On which eem version you've tested the example shown?

I used your example on my router and I got different output :

Router#sh run | sec event
event manager environment q
event manager applet track-up
event track 1 state up
action 001 cli command "enable"
action 002 cli command "config t"
action 003 cli command "event manager applet track-timer"
action 004 cli command "event timer countdown time 300"
action 005 cli command "action 1.0 cli command enable"
action 006 cli command "action 2.0 cli command $q config t$q"
action 007 cli command "action 3.0 cli command $q int G0/0$q"
action 008 cli command "action 4.0 cli command $q shut$q"
action 009 cli command "action 5.0 cli command $q no event manager applet track-timer$q"
action 010 cli command "action 6.0 cli command end"
event manager applet track-timer
event timer countdown time 300
action 1.0 cli command "enable"
action 4.0 cli command "shut"
action 6.0 cli command "end"

Dec 8 22:38:36.411: %TRACKING-5-STATE: 1 interface Gi0/1 line-protocol Down->Up
Dec 8 22:38:36.411: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : CTL : cli_open called.
Dec 8 22:38:36.411: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : OUT : Router>
Dec 8 22:38:36.411: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : IN : Router>enable
Dec 8 22:38:36.423: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : OUT : Router#
Dec 8 22:38:36.423: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : IN : Router#config t
Dec
Router# 8 22:38:36.435: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : OUT : Enter configuration commands, one per line. End with CNTL/Z.
Dec 8 22:38:36.435: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : OUT : Router(config)#
Dec 8 22:38:36.435: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : IN : Router(config)#event manager applet track-timer
Dec 8 22:38:36.447: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : OUT : Router(config-applet)#
Dec 8 22:38:36.447: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : IN : Router
Router#(config-applet)#event timer countdown time 300
Dec 8 22:38:36.459: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : OUT : Router(config-applet)#
Dec 8 22:38:36.459: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : IN : Router(config-applet)#action 1.0 cli command enable
Dec 8 22:38:36.471: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : OUT : Router(config-applet)#
Dec 8 22:38:36.471: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : IN : Router(config-applet)#action 2.0 cli command config t
Dec 8 22:38:36.483: %
Router#HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : OUT : ^
Dec 8 22:38:36.483: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : OUT : % Invalid input detected at '^' marker.
Dec 8 22:38:36.483: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : OUT :
Dec 8 22:38:36.483: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : OUT : Router(config-applet)#
Dec 8 22:38:36.483: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : IN : Router(config-applet)#action 3.0 cli command int G0
Router#/0
Dec 8 22:38:36.495: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : OUT : ^
Dec 8 22:38:36.495: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : OUT : % Invalid input detected at '^' marker.
Dec 8 22:38:36.495: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : OUT :
Dec 8 22:38:36.495: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : OUT : Router(config-applet)#
Dec 8 22:38:36.495: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : IN : Router(config-applet)#action
Router#4.0 cli command shut
Dec 8 22:38:36.507: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : OUT : Router(config-applet)#
Dec 8 22:38:36.507: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : IN : Router(config-applet)#action 5.0 cli command no event manager applet track-timer
Dec 8 22:38:36.519: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : OUT : action 5.0 cli command no event manager applet track-timer
Dec 8 22:38:36.519: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : OUT : ^
Dec
Router# 8 22:38:36.519: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : OUT : % Invalid input detected at '^' marker.
Dec 8 22:38:36.519: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : OUT :
Dec 8 22:38:36.519: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : OUT : Router(config-applet)#
Dec 8 22:38:36.519: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : IN : Router(config-applet)#action 6.0 cli command end
Dec 8 22:38:36.531: %HA_EM-6-LOG: track-up : DEBUG(cli_lib) : : OUT : Router(config-applet)#
Dec 8 22:38:36.5
Router#

Hi Joe, I forgot to show the EEM version I am run:

Router#sh event manager version
Embedded Event Manager Version 3.10
Component Versions:
eem: (v310_throttle)4.1.23
eem-gold: (v310_throttle)1.0.7
eem-call-home: (v310_throttle)1.0.6
Event Detectors:

Joe Clarke
Hall of Fame Cisco Employee

The applet will work with EEM all the way back to 2.1.  Looks like you did not define your q environment variable correctly.  What you need to do is:

event manager environment q "

The trailing " is important.