cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5527
Views
75
Helpful
48
Replies
ANDAFBCCO
Beginner

Shutdown Ports not in use for a while with EEM Tcl

I have downloaded these 2 Tcl scripts from this previous discussion and from the sounds of it it's exactly what I've been looking for. But the problem is I'm new to EEM and have no idea how to go about putting these on the switches themselves. I've searched for configuration guides but to no prevail. Any help is greatly appreciated. Here's the link to previous discussion:

https://supportforums.cisco.com/thread/164684.pdf;jsessionid=EEEEE143342DAAB34706D608D5C4C920.node0

48 REPLIES 48
Joe Clarke
Hall of Fame Cisco Employee

Create a directory on flash called, for example, policies.  Then copy the policies into this directory.  Then configure the following:

event manager directory user policy flash:/policies

event manager policy POLNAME

Where POLNAME is the name of the policy to install (e.g. sl_suspend_ports.tcl).

But pay attention to the required environment variables.  If you use the policies I mentioned in this other discussion, you'll note that they require you to configure:

event manager environment suspend_ports_days

event manager environment suspend_ports_config

Be sure you properly set those variables.

Thank you for the quick response and for being so helpful. I got the event manager policy tm_suspend_ports command to take but the sl_suspend_ports kicks back this error. I have put in these commands prior event manager environment suspend_ports_days 3 (we only want a 3 day window)
event manager environment suspend_ports_config flash:/susp_ports.dat but this database is not created in flash. Like I said before I'm no script write this is all jibberish to me.

Register event failed:missing close-bracket
    while compiling
"set results"
    ("while" body line 2)
    while compiling
"while { 1 } {
    set results [run_cli [list "show event manager policy pending | include tm_suspend_ports.tcl"]
    if { ! [regexp {tm_suspend_ports...."

Embedded Event Manager configuration: failed to retrieve intermediate registration result for policy sl_suspend_ports.tcl

Joe Clarke
Hall of Fame Cisco Employee

Please post the script you're trying to load.

::cisco::eem::event_register_syslog pattern "LINEPROTO-5-UPDOWN" maxrum 600

#-

# Copyright (c) 2009 Joe Marcus Clarke <jclarke@cisco.com>

# All rights reserved.

#

# Redistribution and use in source and binary forms, with or without

# modification, are permitted provided that the following conditions

# are met:

# 1. Redistributions of source code must retain the above copyright

#    notice, this list of conditions and the following disclaimer.

# 2. Redistributions in binary form must reproduce the above copyright

#    notice, this list of conditions and the following disclaimer in the

#    documentation and/or other materials provided with the distribution.

#

# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND

# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

#

# This policy listens for link up syslog messages, and removes the port from

# the list of down ports.

#

# This policy uses the following environment variables:

#

# suspend_ports_config      : Path to configuration file.

#

if { ![info exists suspend_ports_config] } {

    set result "ERROR: Policy cannot be run: variable suspend_ports_config has not been set"

    error $result $errorInfo

}

namespace import ::cisco::eem::*

namespace import ::cisco::lib::*

proc run_cli { clist } {

    set rbuf ""

    if {[llength $clist] < 1} {

    return -code ok $rbuf

    }

    if {[catch {cli_open} result]} {

        return -code error $result

    } else {

    array set cliarr $result

    }

    if {[catch {cli_exec $cliarr(fd) "enable"} result]} {

        return -code error $result

    }

    foreach cmd $clist {

    if {[catch {cli_exec $cliarr(fd) $cmd} result]} {

            return -code error $result

    }

    append rbuf $result

    }

    if {[catch {cli_close $cliarr(fd) $cliarr(tty_id)} result]} {

        puts "WARNING: $result"

    }

    return -code ok $rbuf

}

array set arr_einfo [event_reqinfo]

if { ! [regexp {Interface ([^,]+), changed state to up} $arr_einfo(msg) -> iface] } {

    exit

}

while { 1 } {

    set results [run_cli [list "show event manager policy pending | include tm_suspend_ports.tcl"]

    if { ! [regexp {tm_suspend_ports.tcl} $results] } {

    break

    }

    after 1000

}

if { [catch {open $shutdown_ports_config "r"} result] } {

    exit

}

set fd $result

set contents [read $fd]

close $fd

set contents [string trim $contents]

array set ports [split $contents]

if { [info exists ports($iface)] } {

    array unset ports $iface

    set fd [open $suspend_ports_config "w"]

    puts -nonewline $fd [array get ports]

    close $fd

}

Joe Clarke
Hall of Fame Cisco Employee

This line:

set results [run_cli [list "show event manager policy pending | include tm_suspend_ports.tcl"]

Should read:

set results [run_cli [list "show event manager policy pending | include tm_suspend_ports.tcl"]]

Thank you very much for your help. I tried to run it but it kicked back another error but I compared the two scripts

and fixed it. It was the maxrun 600 at the top it says maxrum 600. Thanks again and hopefully in 3 days I'll see some results. I'm running it in a lab before we put it out to the rest of the devices.

I came into work this morning hoping to be a happy camper but none of my ports are disabled, they all still say not connected. From the looks of it the script didn't shutdown the ports. Any ideas???

Joe Clarke
Hall of Fame Cisco Employee

Do you have both the syslog and the timer policies registered?  The syslog policy will handle removing ports that come up, but the tm_suspend_ports.tcl policy is the one that shuts down ports.  What does your entire "event manager" config look like?  Was the file pointed to by the suspend_ports_config variable created?  If so, what are its contents?

Here is the Registered Policies:

No.  Class   Type    Event Type          Trap  Time Registered           Name
1    script  user    syslog              On    Tue Oct 12 08:39:36 2010  sl_suspend_ports.tcl
pattern {LINEPROTO-5-UPDOWN}
nice 0 queue-priority normal maxrun 600.000


2    script  user    timer cron          On    Tue Oct 12 08:40:08 2010  tm_suspend_ports.tcl
cron entry {0 0 * * *}
nice 0 queue-priority normal maxrun 600.000

Here's the "event manager" configurations:

event manager environment suspend_ports_days 1
event manager environment suspend_ports_config flash:/susp_ports.dat
event manager directory user policy "flash:/policies"
event manager policy sl_suspend_ports.tcl trap
event manager policy tm_suspend_ports.tcl trap

Here's the directory in flash:

Directory of flash:/policies/

    8  -rwx        4546   Oct 9 2010 23:25:42 +10:00  tm_suspend_ports.tcl
    9  -rwx        3204   Oct 9 2010 23:26:05 +10:00  sl_suspend_ports.tcl

Thanks so much for your help.

Joe Clarke
Hall of Fame Cisco Employee

Okay, ports that have not been up within one day should get shutdown.  Post the flash:/susp_ports.dat file, and check the "show log" output for errors that may indicate the tm_ script is not running properly (this script should run at midnight every day).

I attached the suspend_ports.dat file. I didn't see anything in the logs referencing any errors.

Joe Clarke
Hall of Fame Cisco Employee

This looks okay.  It appears that as of midnight on 10/14, the ports should have been shutdown.  Check the output of "show event manager history event" to make sure the tm_ policy is running.  You might also enable "debug event manager tcl cli" and wait for the policy to run again.  When it does, the logging buffer will have some more details.

Here's the output of that command. I don't see the tm script running:

No.  Job Id      Status   Time of Event             Event Type          Name
1    1518        success  Thu Oct14  16:29:46 2010  syslog              script: sl_suspend_ports.tcl
2    1519        success  Thu Oct14  16:29:49 2010  syslog              script: sl_suspend_ports.tcl
3    1520        success  Thu Oct14  16:32:12 2010  syslog              script: sl_suspend_ports.tcl
4    1521        success  Thu Oct14  16:32:42 2010  syslog              script: sl_suspend_ports.tcl
5    1522        success  Thu Oct14  16:44:09 2010  syslog              script: sl_suspend_ports.tcl
6    1523        success  Thu Oct14  16:44:11 2010  syslog              script: sl_suspend_ports.tcl
7    1524        success  Thu Oct14  16:45:43 2010  syslog              script: sl_suspend_ports.tcl
8    1525        success  Thu Oct14  16:45:45 2010  syslog              script: sl_suspend_ports.tcl
9    1526        success  Thu Oct14  16:49:25 2010  syslog              script: sl_suspend_ports.tcl
10   1527        success  Thu Oct14  16:49:28 2010  syslog              script: sl_suspend_ports.tcl

I started the debug and it just so happens they swapped me to graveyard shift so I'll be able to see it tonight.

I've attached the debug output, it truncated 20+ lines. It looks like it runs it just

doesn't disable the ports. It sucks having to wait everyday until midnight I wish I could run it whenever I want while troubleshooting.