[j-nsp] Regular maintenance advice

Morgan Mclean wrx230 at gmail.com
Tue Apr 3 12:18:38 EDT 2012 

Why don't you poll all of this via snmp?

Sent from my iPhone

On Apr 3, 2012, at 9:06 AM, Phil Shafer <phil at juniper.net> wrote:

> Skeeve Stevens writes:
>> I am designing a document for low level technicians to regularly
>> (depending on sensitivity of the device) login to the Juniper
>> router/or switch to look around and make sure that things are 'ok'.
> 
> How much of this is generic (or can be made generic) enough to cook
> into an op script?  Checks like "indicate system uptime of less
> than one week" and "indicate if /, /config, or /tmp is more than
> 90% full" are trivial, and interface flapping is simple enough, but
> "show suspicious log messages" are more human detectable than
> scriptable.
> 
> I'd be happy enough to do the script work if we can come up with
> a reasonable set of "system health" diagnostic checks.
> 
> Okay, I worked up a bit of a template for it.  See attached.
> 
> Thanks,
> Phil
> 
> version 1.0;
> 
> ns junos = "http://xml.juniper.net/junos/*/junos";
> ns xnm = "http://xml.juniper.net/xnm/1.1/xnm";
> ns jcs extension = "http://xml.juniper.net/junos/commit-scripts/1.0";
> ns dyn extension = "http://exslt.org/dynamic";
> 
> import "../import/junos.xsl";
> 
> param $uptime = 60 * 60 * 24 * 7;
> param $filesystem-threshold = 80;
> 
> var $fsnames := {
>    <fs> "/";
>    <fs> "/tmp";
>    <fs> "/config";
> }
> 
> var $checks := {
>    <check> {
>    <name> "System Uptime";
>    <rpc> {
>        <get-system-uptime-information>;
>    }
>    <test> "uptime-information/up-time/@junos:seconds < $uptime";
>    }
>    <check> {
>    <name> "Filesystem Space";
>        <rpc> {
>        <get-system-storage>;
>    }
>    for-each ($fsnames/fs) {
>        <test message=. _ " is full">
>            "filesystem[mounted-on = '" _ .
>                 _ "'][number(used-percent) > $filesystem-threshold]";
>    }
>    }
> }
> 
> match / {
>    <op-script-results> {
>    var $conn = jcs:open();
> 
>    for-each ($checks/check) {
>        expr jcs:output("Checking ", name);
>        var $check = .;
>        expr jcs:output("    [rpc ", local-name(rpc/node()), "]");
>        var $res = jcs:execute($conn, rpc);
>        if ($res/..//xnm:error) {
>        expr jcs:output("    error from rpc: ", $res/..//xnm:error);
>        } else {
>        for-each (test) {
>            var $test = .;
>            for-each ($res) {
>            var $p = dyn:evaluate($test);
>            if (boolean($p)) {
>                var $msg = jcs:first-of($test/@message,
>                            "failed condition");
>                expr jcs:output("    error from test: ", $msg);
>            } else {
>                expr jcs:output("    [passed]");
>            }
>            }
>        }
>        }
>    }
> 
>    expr jcs:close($conn);
>    }
> }
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list