cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Cisco Community Designated VIP Class of 2020

417
Views
0
Helpful
5
Replies
Beginner

Nexus EEM Script Action off Log Message

I'm trying to write an EEM script on a Nexus 93180 running 7.x. From what I've written in IOS/IOS XE, the behavior on Nexus seems to be completely different. For instance, below is a test script that I'm trying to get to work.

event manager applet test
 event syslog pattern "admin"
 action 01 syslog msg test

 

What I would expect to happen is when a log message contains the string admin, another log message will be sent with the text test. This works as expected on IOS. On Nexus, as soon as I enter the commands, I start receiving several logs per sec.

2018 Sep 24 12:39:21 lab %VSHD-5-VSHD_SYSLOG_CONFIG_I: Configured from vty by admin on vsh.bin.21197
2018 Sep 24 12:39:21 lab %VSHD-5-VSHD_SYSLOG_CONFIG_I: Configured from vty by admin on vsh.bin.21209
2018 Sep 24 12:39:22 lab %VSHD-5-VSHD_SYSLOG_CONFIG_I: Configured from vty by admin on vsh.bin.21221
2018 Sep 24 12:39:22 lab %VSHD-5-VSHD_SYSLOG_CONFIG_I: Configured from vty by admin on vsh.bin.21233
2018 Sep 24 12:39:22 lab %VSHD-5-VSHD_SYSLOG_CONFIG_I: Configured from vty by admin on vsh.bin.21245
2018 Sep 24 12:39:23 lab %VSHD-5-VSHD_SYSLOG_CONFIG_I: Configured from vty by admin on vsh.bin.21260
2018 Sep 24 12:39:23 lab %VSHD-5-VSHD_SYSLOG_CONFIG_I: Configured from vty by admin on vsh.bin.21272

 

What does the script need to be changed to in order to get the expected behavior on Nexus? Thanks.

5 REPLIES 5
Highlighted
Hall of Fame Cisco Employee

Re: Nexus EEM Script Action off Log Message

EEM is very different on NX-OS compared to IOS.  What you're seeing is expected there, and is documented in bug CSCvc98133.  Essentially, you've built an infinite loop.  If you picked another syslog to intercept, you wouldn't see this problem.  Alternatively, you can do what the bug says and decrease the severity level of the vshd process.

Beginner

Re: Nexus EEM Script Action off Log Message

Thanks for the information Joe.

 

I used a different syslog string and I didn't see the same spamming of the log. I also issued the command logging level vshd 4 and the spamming has stopped. What if I wanted to run an EEM script whenever someone left configuration mode? It doesn't seem to be possible as when you change the logging level, it suppresses that syslog message I would normally use to key off of.

Hall of Fame Cisco Employee

Re: Nexus EEM Script Action off Log Message

Unfortunately, I don't know if you can.  I haven't seen any examples from NX-OS that do this.

Beginner

Re: Nexus EEM Script Action off Log Message

Hm. Strange.

 

So I ended up writing a python script as that seemed to be the easiest alternative for me. The only question I have is how do I write messages to the logfile? Within the script, my print commands do not show up within the log. I'm used to on IOS/IOS XE being able to issue send log x, but that command doesn't seem to exist on Nexus. Any idea how to accomplish this?

Hall of Fame Cisco Employee

Re: Nexus EEM Script Action off Log Message

There is a hidden CLI command in NX-OS, "logit" that will generate syslogs:

logit This is a test

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards