Solved: EEM Script not triggering the cli actions only the syslog message

curdubanbogdan · ‎05-13-2020

Hello,

As the title says only the logs appear, but the commands are not executed. Can you please help?

event manager applet MainBGP-DOWN
event syslog pattern "%BGP-5-ADJCHANGE: neighbor 172.23.153.77 Down"
action 0.1 syslog msg "MainBGP-Down: Removing static routes because bgp session with neighbour 172.23.153.77 is down"
action 0.5 cli command "enable"
action 1.0 cli command "configure terminal"
action 2.0 cli command "no ip route a.a.a.a 255.255.255.255 FastEthernet4.260 172.23.153.77"
action 3.0 cli command "no ip route b.b.b.b 255.255.255.255 FastEthernet4.260 172.23.153.77"
action 4.0 cli command "no ip route c.c.c.c 255.255.255.255 FastEthernet4.260 172.23.153.77"
action 5.0 cli command "no ip route d.d.d.d 255.255.255.255 FastEthernet4.260 172.23.153.77"
action 6.0 cli command "end"
action 7.0 cli command "write"
event manager applet MainBGP-UP
event syslog pattern "%BGP-5-ADJCHANGE: neighbor 172.23.153.77 Up"
action 0.1 syslog msg "MainBGP-Down: Adding static routes because bgp session with neighbour 172.23.153.77 is up"

action 0.5 cli command "enable"

action 1.0 cli command "configure terminal"
action 2.0 cli command "ip route a.a.a.a 255.255.255.255 FastEthernet4.260 172.23.153.77"
action 3.0 cli command "ip route b.b.b.b 255.255.255.255 FastEthernet4.260 172.23.153.77"
action 4.0 cli command "ip route c.c.c.c 255.255.255.255 FastEthernet4.260 172.23.153.77"
action 5.0 cli command "ip route d.d.d.d 255.255.255.255 FastEthernet4.260 172.23.153.77"
action 6.0 cli command "end"
action 7.0 cli command "write"

curdubanbogdan · ‎05-13-2020

I resolved the issue:

The problem was that eem didn't had the authorization to enter configure terminal and i had to configure "authorization bypass":

The debug event manager cli helped:

May 13 17:42:52.308: %HA_EM-6-LOG: MainBGP-DOWN : DEBUG(cli_lib) : : IN : #conf t
May 13 17:42:52.628: %HA_EM-6-LOG: MainBGP-DOWN : DEBUG(cli_lib) : : OUT : Command authorization failed.

View solution in original post

Georg Pauwen · ‎05-13-2020

Hello,

try and put the syslog line at the end of the script:

event manager applet MainBGP-DOWN
event syslog pattern "%BGP-5-ADJCHANGE: neighbor 172.23.153.77 Down"
action 0.5 cli command "enable"
action 1.0 cli command "configure terminal"
action 2.0 cli command "no ip route a.a.a.a 255.255.255.255 FastEthernet4.260 172.23.153.77"
action 3.0 cli command "no ip route b.b.b.b 255.255.255.255 FastEthernet4.260 172.23.153.77"
action 4.0 cli command "no ip route c.c.c.c 255.255.255.255 FastEthernet4.260 172.23.153.77"
action 5.0 cli command "no ip route d.d.d.d 255.255.255.255 FastEthernet4.260 172.23.153.77"
action 6.0 cli command "end"
action 7.0 cli command "write"
--> action 8.0 syslog msg "MainBGP-Down: Removing static routes because bgp session with neighbour 172.23.153.77 is down"

event manager applet MainBGP-UP
event syslog pattern "%BGP-5-ADJCHANGE: neighbor 172.23.153.77 Up"
action 0.5 cli command "enable"
action 1.0 cli command "configure terminal"
action 2.0 cli command "ip route a.a.a.a 255.255.255.255 FastEthernet4.260 172.23.153.77"
action 3.0 cli command "ip route b.b.b.b 255.255.255.255 FastEthernet4.260 172.23.153.77"
action 4.0 cli command "ip route c.c.c.c 255.255.255.255 FastEthernet4.260 172.23.153.77"
action 5.0 cli command "ip route d.d.d.d 255.255.255.255 FastEthernet4.260 172.23.153.77"
action 6.0 cli command "end"
action 7.0 cli command "write"
--> action 8.0 syslog msg "MainBGP-Down: Adding static routes because bgp session with neighbour 172.23.153.77 is up"

curdubanbogdan · ‎05-13-2020

I resolved the issue:

The problem was that eem didn't had the authorization to enter configure terminal and i had to configure "authorization bypass":

The debug event manager cli helped:

May 13 17:42:52.308: %HA_EM-6-LOG: MainBGP-DOWN : DEBUG(cli_lib) : : IN : #conf t
May 13 17:42:52.628: %HA_EM-6-LOG: MainBGP-DOWN : DEBUG(cli_lib) : : OUT : Command authorization failed.