[c-nsp] Syslog Patterns
Livio Zanol Puppim
livio.zanol.puppim at gmail.com
Mon Jan 23 18:56:15 EST 2012
My script... (sorry for the portuguese language)
You need to execute the command "file prompt quiet" at configure terminal
before running the script.
It send the running-configuration to a server (can be TFTP, FTP, SCP,
etc...) every time a user enters the configure terminal mode and exit. It
works with IOS, NX-OS and IOS XR.
the format of the file is:
<hostname>_yyyy-mm-dd-hh-mm-ss_<user>.log
example: RT066_2012-01-23-10-13-13_tinka.log
Of course it needs some tuning like "nice" configuration, priority, etc...
It doesn't check if something has changed because every OS version has
different commands (thank you business units)
Enabling the script (I have copied to the router using dynamips to test):
event manager directory user policy nvram:/
event manager policy script.tcl type user
#THE SCRIPT!
::cisco::eem::event_register_syslog pattern ".*CONFIG_I.*"
namespace import ::cisco::eem::*
namespace import ::cisco::lib::*
set servidor "192.168.1.1"
#Pega nome do ativo
set nome_ativo [info hostname]
#Pega hora do evento
set data [clock format [clock seconds] -format "%Y-%m-%d-%H-%M-%S"]
#Pega a linha que gerou o evento (linha de log quando alguem sai de
'configure terminal')
array set arr_einfo [event_reqinfo]
set config_changes $arr_einfo(msg)
#Regexp que da match pegando usuario que mudou configuracao
set result [regexp {^.*by\s(.*)\s.*} $config_changes tudo user]
if {$result == 0} {
set result [regexp {^.*by\s(.*)} $config_changes tudo user]
}
#Coloca nome do ativo antes de tudo
set nome_arquivo $nome_ativo
#Adiciona data e usuario ao nome do arquivo
append nome_arquivo "_" $data "_" $user ".log"
#comeca processo para salvar arquivo no local desejado
if [catch {cli_open} result] {
error $result $errorInfo
} else {
array set cli1 $result
}
if [catch {cli_exec $cli1(fd) "enable"} result] {
error $result $errorInfo
}
#=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
#Alterar linha abaixo caso mude forma de envio
#
set comando "copy running-config tftp://$servidor/$nome_arquivo"
#puts $comando
#
#Alterar linha acima caso mude forma de envio
#=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
if [catch {cli_exec $cli1(fd) $comando} result] {
error $result $errorInfo
}
# Close open cli before exit.
#if [catch {cli_close $cli1(fd) $cli1(tty_id)} result] {
# error $result $errorInfo
#}
puts "Running-config salva no servidor $servidor"
2012/1/18 Peter Rathlev <peter at rathlev.dk>
> On Wed, 2012-01-18 at 17:10 +0100, Martin Komoň wrote:
> > There is a feature configured with "parser config cache interface",
> > that caches interface configuration. On a Cat6k5 w/ Sup720 it reduces
> > time to generate running config from 7 to ~1 sec (YMMV).
> >
> > Beware of the bug CSCtd93384!
>
> Nice, that does help. :-) Just tested on one Sup720 and the "sh run"
> went from ~20 seconds to ~10 seconds. Too bad with CSCtd93384 but at
> least it's supposed to be fixed in SXI4.
>
> --
> Peter
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
--
[]'s
Lívio Zanol Puppim
More information about the cisco-nsp
mailing list