👨‍💼

EEM の練習

2023/02/04に公開

Cisco

EEM(Embedded Event Manager) について

Embedded Event Manager Configuration Guide, Cisco IOS Release 12.4T

EEM offers the ability to monitor events and take informational, corrective, or any desired EEM action when the monitored events occur or when a threshold is reached.

指定したイベントを検知すると、所定のアクションを実行する、Cisco IOS の機能です。

postfix

EEMのアクションとして、メールを送信することができます。

このとき、送信先のSMTPサーバを指定する必要があります。
テスト用メールサーバとして利用するために Postfix をインストールします。ローカルからのみ転送を許可します。
また、メール送受信テスト用として mailutils をインストールします。

$ sudo apt install -y postfix mailutils
$ sudo cp -pi /etc/postfix/main.cf{,.000}
$ sudo vi /etc/postfix/main.cf
$ diff -u /etc/postfix/main.cf{,.000}
@@ -37,11 +37,12 @@
 myhostname = ip-10-0-0-73.ap-northeast-1.compute.internal
 alias_maps = hash:/etc/aliases
 alias_database = hash:/etc/aliases
-myorigin = /etc/mailname
-mydestination = $myhostname, ip-10-0-0-73.ap-northeast-1.compute.internal, localhost.ap-northeast-1.compute.internal, , localhost
+mydestination = localdomain, $myhostname, ip-10-0-0-73.ap-northeast-1.compute.internal, localhost.ap-northeast-1.compute.internal, localhost
 relayhost = 
-mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
+mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 10.2.0.0/16
 mailbox_size_limit = 0
 recipient_delimiter = +
-inet_interfaces = all
+inet_interfaces = 127.0.0.1, [::1], 10.2.0.1
+default_transport = error
+relay_transport = error
 inet_protocols = all

$ sudo systemctl restart postfix

Postfixの準備ができたら、メール送受信のテストをしてみます。

$ cat << END | mail -s 'test subject' admin
> test body
> END

$ mail
"/var/mail/admin": 1 message 1 new
>N   1 Debian             Sat Jan 21 17:50  13/655   test subject
?
Return-Path: <admin@ip-10-0-0-73.ap-northeast-1.compute.internal>
X-Original-To: admin@ip-10-0-0-73.ap-northeast-1.compute.internal
Delivered-To: admin@ip-10-0-0-73.ap-northeast-1.compute.internal
Received: by ip-10-0-0-73.ap-northeast-1.compute.internal (Postfix, from userid 1000)
        id 59E8B2322; Sat, 21 Jan 2023 17:50:01 +0900 (JST)
Subject: test subject
To: <admin@ip-10-0-0-73.ap-northeast-1.compute.internal>
X-Mailer: mail (GNU Mailutils 3.5)
Message-Id: <20230121085001.59E8B2322@ip-10-0-0-73.ap-northeast-1.compute.internal>
Date: Sat, 21 Jan 2023 17:50:01 +0900 (JST)
From: Debian <admin@ip-10-0-0-73.ap-northeast-1.compute.internal>

test body
? d
? q
Held 0 messages in /var/mail/admin

設定例1

インタフェース Serial1/0 の line-protocol をトラッキングします。
line-protocol の状態が down になったら、show int s1/0 の実行結果をメール送信します。

r1(config)#track 1 interface s1/0 line-protocol
r1(config-track)#event manager applet eemtest1
r1(config-applet)#event track 1 state down
r1(config-applet)#action 1.0 cli command "enable"
r1(config-applet)#action 2.0 cli command "show int s1/0"
r1(config-applet)#action 3.0 mail server "10.2.0.1" to "admin" from "labo@example.com" subject "interface down" body "$_cli_result"

debug を有効にして、s1/0 を shutdown してみます。

r1#debug event manager action cli

r1(config)#int s1/0
r1(config-if)#shut
*Mar  1 01:21:10.755: %TRACKING-5-STATE: 1 interface Se1/0 line-protocol Up->Down
*Mar  1 01:21:10.787: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : CTL : cli_open called.
*Mar  1 01:21:10.791: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : OUT : r1>
*Mar  1 01:21:10.791: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : IN  : r1>enable
*Mar  1 01:21:10.871: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : OUT : r1#
*Mar  1 01:21:10.871: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : IN  : r1#show int s1/0
*Mar  1 01:21:10.931: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : OUT : Serial1/0 is administratively down, line protocol is down
*Mar  1 01:21:10.931: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : OUT :   Hardware is M4T
*Mar  1 01:21:10.931: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : OUT :   Internet address is 172.16.0.253/24
*Mar  1 01:21:10.931: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : OUT :   MTU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 usec,
*Mar  1 01:21:10.931: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : OUT :      reliability 255/255, txload 1/255, rxload 1/255
*Mar  1 01:21:10.931: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : OUT :   Encapsulation HDLC, crc 16, loopback not set
*Mar  1 01:21:10.931: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : OUT :   Keepalive set (10 sec)
*Mar  1 01:21:10.931: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : OUT :   Restart-Delay is 0 secs
*Mar  1 01:21:10.931: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : OUT :   CRC checking enabled
*Mar  1 01:21:10.931: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : OUT :   Last input 00:00:07, output 00:00:00, output hang never
*Mar  1 01:21:10.931: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : OUT :   Last clearing of "show interface" counters never
*Mar  1 01:21:10.931: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : OUT :   Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
*Mar  1 01:21:10.931: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : OUT :   Queueing strategy: weighted fair
*Mar  1 01:21:10.931: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : OUT :   Output queue: 0/1000/64/0 (size/max total/threshold/drops)
*Mar  1 01:21:10.931: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : OUT :      Conversations  0/1/256 (active/max active/max total)
*Mar  1 01:21:10.931: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : OUT :      Reserved Conversations 0/0 (allocated/max allocated)
*Mar  1 01:21:10.931: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : OUT :      Available Bandwidth 1158 kilobits/sec
*Mar  1 01:21:10.931: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : OUT :   5 minute input rate 0 bits/sec, 0 packets/sec
*Mar  1 01:21:10.931: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : OUT :   5 minute output rate 0 bits/sec, 0 packets/sec
*Mar  1 01:21:10.931: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : OUT :      608 packets input, 43329 bytes, 0 no buffer
*Mar  1 01:21:10.931: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : CTL : 20+ lines read from cli, debug output truncated
*Mar  1 01:21:11.119: %HA_EM-6-LOG: eemtest1 : DEBUG(cli_lib) : : CTL : cli_close called.
*Mar  1 01:21:12.739: %LINK-5-CHANGED: Interface Serial1/0, changed state to administratively down
*Mar  1 01:21:13.739: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/0, changed state to down

所定の宛先でメールが受信できることを確認します。

$ mail
"/var/mail/admin": 1 message 1 new
>N   1 labo@example.com   Sat Jan 21 18:00  42/1785  interface down
?
Return-Path: <labo@example.com>
X-Original-To: admin
Delivered-To: admin@ip-10-0-0-73.ap-northeast-1.compute.internal
Received: from r1 (ip-10-2-0-254.ap-northeast-1.compute.internal [10.2.0.254])
        by ip-10-0-0-73.ap-northeast-1.compute.internal (Postfix) with SMTP id E17CA3CF
        for <admin>; Sat, 21 Jan 2023 18:00:28 +0900 (JST)
Date: Fri, 01 Mar 2002 01:21:11 +0000
Message-ID: <00002002012111047@r1>
From: labo@example.com
To: admin
Subject: interface down


Serial1/0 is administratively down, line protocol is down
  Hardware is M4T
  Internet address is 172.16.0.253/24
  MTU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation HDLC, crc 16, loopback not set
  Keepalive set (10 sec)
  Restart-Delay is 0 secs
  CRC checking enabled
  Last input 00:00:07, output 00:00:00, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: weighted fair
  Output queue: 0/1000/64/0 (size/max total/threshold/drops)
     Conversations  0/1/256 (active/max active/max total)
     Reserved Conversations 0/0 (allocated/max allocated)
     Available Bandwidth 1158 kilobits/sec
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     608 packets input, 43329 bytes, 0 no buffer
     Received 568 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     611 packets output, 43827 bytes, 0 underruns
     0 output errors, 0 collisions, 1 interface resets
     0 unknown protocol drops
     0 output buffer failures, 0 output buffers swapped out
     2 carrier transitions     DCD=up  DSR=up  DTR=up  RTS=up  CTS=up

r1#
? d
? q
Held 0 messages in /var/mail/admin

設定例2

"Configured from console by console" という Syslog が発生したら、startup-config と running-config の差分を Syslog へ出力(debug レベル)します。

r1#undebug all

r1(config)#event manager applet eemtest2
r1(config-applet)#event syslog pattern "Configured from console by console"
r1(config-applet)#action 1.0 cli command "enable"
r1(config-applet)#action 2.0 cli command "show archive config differences nvram:startup-config system:running-config"
r1(config-applet)#action 3.0 syslog priority 7 msg "$_cli_result"

テストしてみます。

r1(config-applet)#end
r1#
*Mar  1 01:46:50.999: %SYS-5-CONFIG_I: Configured from console by console
*Mar  1 01:46:53.031: %HA_EM-7-LOG: eemtest2:
Contextual Config Diffs:
+event manager applet eemtest2
 +event syslog pattern "Configured from console by console"
 +action 1.0 cli command "enable"
 +action 2.0 cli command "show archive config differences nvram:startup-config system:running-config"
 +action 3.0 syslog priority debugging msg "$_cli_result"

設定例3

特定のイベントによらず、CLIで実行を指示されたときに、アクションを実行することができます。
ここでは、show ip int bri の結果を nvram の eemtest3 ファイルに追記します。

r1(config)#event manager applet eemtest3
r1(config-applet)#event none
r1(config-applet)#action 1.0 cli command "enable"
r1(config-applet)#action 2.0 cli command "show ip int bri | append nvram:eemtest3"

event none として作成したものは、 event manager run イベント名で実行させます。

r1#debug event manager action cli
r1#event manager run eemtest3
r1#
*Mar  1 01:59:55.423: %HA_EM-6-LOG: eemtest3 : DEBUG(cli_lib) : : CTL : cli_open called.
*Mar  1 01:59:55.423: %HA_EM-6-LOG: eemtest3 : DEBUG(cli_lib) : : OUT : r1>
*Mar  1 01:59:55.423: %HA_EM-6-LOG: eemtest3 : DEBUG(cli_lib) : : IN  : r1>enable
*Mar  1 01:59:55.491: %HA_EM-6-LOG: eemtest3 : DEBUG(cli_lib) : : OUT : r1#
*Mar  1 01:59:55.491: %HA_EM-6-LOG: eemtest3 : DEBUG(cli_lib) : : IN  : r1#show ip int bri | append nvram:eemtest3
*Mar  1 01:59:55.683: %HA_EM-6-LOG: eemtest3 : DEBUG(cli_lib) : : OUT :
*Mar  1 01:59:55.683: %HA_EM-6-LOG: eemtest3 : DEBUG(cli_lib) : : OUT : r1#
*Mar  1 01:59:55.683: %HA_EM-6-LOG: eemtest3 : DEBUG(cli_lib) : : CTL : cli_close called.

結果を確認します。

r1#dir nvram:
Directory of nvram:/

   53  -rw-        1002                    <no date>  startup-config
   54  ----          24                    <no date>  private-config
    1  ----          16                    <no date>  persistent-data
    2  -rw-           0                    <no date>  ifIndex-table
    3  -rw-         596                    <no date>  eemtest3

57336 bytes total (53186 bytes free)

r1#more nvram:eemtest3
Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0/0            10.2.0.254      YES NVRAM  up                    up
FastEthernet0/1            unassigned      YES NVRAM  administratively down down
Serial1/0                  172.16.0.253    YES NVRAM  up                    up
Serial1/1                  172.16.1.254    YES NVRAM  up                    up
Serial1/2                  unassigned      YES NVRAM  administratively down down
Serial1/3                  unassigned      YES NVRAM  administratively down down

不要ファイルを削除します。

r1#delete nvram:eemtest3
Delete filename [eemtest3]?
Delete nvram:eemtest3? [confirm]

r1#dir nvram:
Directory of nvram:/

   53  -rw-        1002                    <no date>  startup-config
   54  ----          24                    <no date>  private-config
    1  ----          16                    <no date>  persistent-data
    2  -rw-           0                    <no date>  ifIndex-table

57336 bytes total (54210 bytes free)

GitHubで編集を提案