Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1190
Views
0
Helpful
2
Replies

How to restrict the output of "show run" command on Cisco Nexus 3000 without blocking it

Go to solution
jake1905
Level 1
Level 1

‎02-07-2019 07:47 AM - edited ‎03-08-2019 05:16 PM

Hi all,

 

Due to our specific need I am trying to find a way to restrict the output of show run command on nexus 3000 series switches without blocking the command.  We use local authentication on this switch (no tacacs+ is considered for this environment). 

I know it is possible to block user from running show run and other commands through privilege roles. However that is not what we need. 

 

For example: I need "show run" to show everything except users, L3 interfaces, multicast... 

 

Is what I am trying to achieve is possible?

 

Thanks in advance,

 

jacob

Jake
Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Mark Malone
VIP Alumni
VIP Alumni

‎02-07-2019 08:03 AM

Hi
You would have to do that through an EEM script i would think its not possible in standard syntax , i did it with menus on Cisco ios as the commands were so many when we ran show run it was taking ages , so we hid anything that contained the word menu whenever the show run command was initiated , this would be unsupported but you may be able to tweak it for what you need , if your blocking alot thi sis going take some testing to get right , whether its worth putting all that time in is another question

Example
event manager applet MenuBlock
description Hide Menu And Alias Syntax From Running-Config Output
event cli pattern "show running-config[[ ]]*$" sync yes default 2000 maxrun 1200
action 111 cli command "enable"
action 112 cli command "show run | excl menu|alias"
action 113 puts "$_cli_result"
action 114 set _exit_status "0"
action 115 comment "End Script As Show Run Complete, Any Issue Check - Show event manager history events"

View solution in original post

0 Helpful

Go to solution
jake1905
Level 1
Level 1
In response to Mark Malone

‎02-07-2019 08:07 AM

Hi Mark. Thank you for the quick response. i will try and post the outcome here.

Best,
jacob
Jake

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Mark Malone
VIP Alumni
VIP Alumni

‎02-07-2019 08:03 AM

Hi
You would have to do that through an EEM script i would think its not possible in standard syntax , i did it with menus on Cisco ios as the commands were so many when we ran show run it was taking ages , so we hid anything that contained the word menu whenever the show run command was initiated , this would be unsupported but you may be able to tweak it for what you need , if your blocking alot thi sis going take some testing to get right , whether its worth putting all that time in is another question

Example
event manager applet MenuBlock
description Hide Menu And Alias Syntax From Running-Config Output
event cli pattern "show running-config[[ ]]*$" sync yes default 2000 maxrun 1200
action 111 cli command "enable"
action 112 cli command "show run | excl menu|alias"
action 113 puts "$_cli_result"
action 114 set _exit_status "0"
action 115 comment "End Script As Show Run Complete, Any Issue Check - Show event manager history events"
0 Helpful

Go to solution
jake1905
Level 1
Level 1
In response to Mark Malone

‎02-07-2019 08:07 AM

Hi Mark. Thank you for the quick response. i will try and post the outcome here.

Best,
jacob
Jake
0 Helpful
Customers Also Viewed These Support Documents