Solved: Using SNMP traps to trigger EEM Applets - Page 3

jschweng · ‎05-12-2010

We need to be able to change the allowable line rate going into a switch from a Linux Mgt Server using snmp. Was trying to use EEM applets which would be triggered via snmp traps from the server. We need to change it up to ten different rates. I can't seem to get the applets to trigger. Any help would be appreciated - thanks.

class-map match-all CLASS_SLAP
match access-group name ACL_SLAP
!!
policy-map OCA-RATE-LIMIT
class CLASS_SLAP
police 1900000 100000 exceed-action drop

interface GigabitEthernet1/0/20
switchport access vlan 10
switchport mode access
speed 100
duplex full
service-policy input OCA-RATE-LIMIT

snmp-server community <removed> RO 98
snmp-server community <removed> RW 99
snmp-server host <IP> version 2c <removed> snmp
snmp-server host <IP>version 2c <removed>
snmp-server host <IP>version 2c <removed>
snmp-server host <IP>version 2c <removed>
snmp-server host <IP>version 2c <removed>
snmp-server manager

event manager applet OCA-limit-3M
event snmp-object oid 1.9.9.9.3 type gauge sync yes istable no
action 1.0 cli command "enable"
action 2.0 cli command "config terminal"
action 3.0 cli command "policy-map OCA-RATE-LIMIT"
action 4.0 cli command "class CLASS_SLAP"
action 5.0 cli command " police 3000000 100000 exceed-action drop"
action 6.0 snmp-object-value event-id _event_id gauge 0 next-oid 1.9.9.9.3.0
action 7.0 exit 1
event manager applet OCA-limit-6M
event snmp-object oid 1.9.9.9.6 type gauge sync yes istable no
action 1.0 cli command "enable"
action 2.0 cli command "config terminal"
action 3.0 cli command "policy-map OCA-RATE-LIMIT"
action 4.0 cli command "class CLASS_SLAP"
action 5.0 cli command " police 6000000 100000 exceed-action drop"
action 6.0 snmp-object-value event-id _event_id gauge 0 next-oid 1.9.9.9.26.0
action 7.0 exit 1
event manager applet OCA-limit-7M
event snmp-object oid 1.9.9.9.7 type gauge sync yes istable no
action 1.0 cli command "enable"
action 2.0 cli command "config terminal"
action 3.0 cli command "policy-map OCA-RATE-LIMIT"
action 4.0 cli command "class CLASS_SLAP"
action 5.0 cli command " police 7000000 100000 exceed-action drop"
action 6.0 snmp-object-value event-id _event_id gauge 0 next-oid 1.9.9.9.7.0
action 7.0 exit 1
event manager applet OCA-limit-8M
action 1.0 cli command "enable"
action 2.0 cli command "config terminal"
action 3.0 cli command "policy-map OCA-RATE-LIMIT"
action 4.0 cli command "class CLASS_SLAP"
action 5.0 cli command " police 8000000 100000 exceed-action drop"
action 6.0 snmp-object-value event-id _event_id gauge 0 next-oid 1.9.9.9.8.0
action 7.0 exit 1
event manager applet TESTTEST
event none
action 1.0 cli command "enable"
action 2.0 cli command "config terminal"
action 3.0 cli command "policy-map OCA-RATE-LIMIT"
action 4.0 cli command "class CLASS_SLAP"
action 5.0 cli command " police 1900000 100000 exceed-action drop"
action 7.0 exit 1
!
end

jschweng · ‎05-21-2010

I need to provide an SNMP Trap back to a server which tells it the ACL that is applied to a vlan interface. The ACL will either be "CSL-STOP" or "CSL-GO". The applet I have will be triggered by an snmp-trap from the server with oid value CSL-GO. Can you help with the action 6.4 "????" part - I need to parse the output of the following command so that it capture the ACL name in the $result. and send it off in the trap.

#show run interface vlan 10 | i access-group
# ip access-group CSL-GO in

event manager applet CSL-GO
event none sync yes
action 6.2 cli command "show run interface vlan 10 | i access-group"
action 6.3 regexp "????????" $_cli_result whole result
action 6.4 puts "$result"
action 6.5 snmp-trap strdata "$result"

Joe Clarke · ‎05-21-2010

I think you mean action 6.3. The regexp should be:

"(CSL-GO|CSL-STOP)"

jschweng · ‎05-22-2010

cool thanks - its starting to make sense. If for some reason we don't currently have an ACL

applied to the interface, is there anyway to opt out and send back a snmp-trap indicating there is no

ACL. I think that would mean when the command "show run interface Vlan 10 | i access-group" is run and there is

CSL-STOP or CSL-Go access-list for the regexpression to match, it should handle it gracefully and send back an snmp-trap with "NO-ACL" in the the oid field.

Is there any documentation on writing Applets that you know of - I've been looking and there doesn't seem to be too much.

reguards.

JSW

Lockheed

jschweng · ‎05-22-2010

Please disreguard this - I forgot to go into enable mode first

********************

Am I missing something in the syntax here -

event manager applet CSL-STATUS
!event snmp-notification oid 1.9.9.9. oid-val "CSL-STATUS" op eq
event none sync yes
action 6.2 cli command "show run interface vlan 10 | i access-group"
action 6.3 regexp "(CSL-GO|CSL-STOP)" $_cli_result whole result
action 6.4 puts "$result"
action 6.5 snmp-trap strdata "$result"

router#show run interface vlan 10 | i access-group
ip access-group CSL-STOP in

router# event manager run CSL-STATUS

router#
00:11:07: %HA_EM-3-FMPD_UNKNOWN_ENV: fh_parse_var: could not find environment variable: result
00:11:07: %HA_EM-3-FMPD_ERROR: Error executing applet CSL-STATUS statement 6.4

Joe Clarke · ‎05-23-2010

For better error handling, your final applet should look something like:

event manager applet CSL-STATUS
!event snmp-notification oid 1.9.9.9. oid-val "CSL-STATUS" op eq
event none sync yes

action 0.5 cli command "enable"

action 1.0 cli command "show run interface vlan 10 | i access-group"
action 2.0 regexp "(CSL-GO|CSL-STOP)" $_cli_result whole result
action 2.1 if $_regexp_result eq 1
action 3.0 puts "$result"

action 4.0 snmp-trap strdata "$result"

action 5.0 end