05-28-2015 06:10 AM
The results of the 'show archive log config all' not showing up in body of email. Instead I'm getting the following error in the email.
^
% Invalid input detected at '^' marker.
lab-cmh1-dc-ds1>
config on switch
archive
log config
logging enable
notify syslog contenttype plaintext
hidekeys
event manager applet Config_Change
event syslog pattern ".*%SYS-5-CONFIG_I.*"
action 1.0 info type routername
action 1.1 cli command "enable"
action 1.2 cli command "show archive log config all"
action 1.4 mail server "10.0.100.222" to "todd******@******.com" from "lab-cmh1-dc-ds1@****.net" subject "config-change" body "$_cli_result"
action 1.5 cli command "clear archive log config force"
!
Configs are logging into syslog
*May 28 04:57:01.944: %PARSER-5-CFGLOG_LOGGEDCMD: User:tr******** logged command:event manager applet Config_Change
*May 28 04:57:08.600: %PARSER-5-CFGLOG_LOGGEDCMD: User:tr******** logged command:action 1.5 cli command "clear archive log config force"
lab-cmh1-dc-ds1#show event manager version
Embedded Event Manager Version 4.00
Component Versions:
eem: (rel8)1.1.3
eem-gold: (rel1)1.0.2
eem-call-home: (rel2)1.0.4
Event Detectors:
Name Version Node Type
application 01.00 node1/0 RP
rf 01.00 node1/0 RP
identity 01.00 node1/0 RP
mat 01.00 node1/0 RP
neighbor-discovery 01.00 node1/0 RP
msp 03.00 node1/0 RP
syslog 01.00 node1/0 RP
routing 03.00 node1/0 RP
generic 01.00 node1/0 RP
cli 01.00 node1/0 RP
counter 01.00 node1/0 RP
interface 01.00 node1/0 RP
ioswdsysmon 01.00 node1/0 RP
none 01.00 node1/0 RP
oir 01.00 node1/0 RP
snmp 01.00 node1/0 RP
timer 01.00 node1/0 RP
snmp-object 01.00 node1/0 RP
snmp-notification 01.00 node1/0 RP
ipsla 01.00 node1/0 RP
nf 01.00 node1/0 RP
test 01.00 node1/0 RP
config 01.00 node1/0 RP
env 01.00 node1/0 RP
ds 01.00 node1/0 RP
crash 01.00 node1/0 RP
gold 01.00 node1/0 RP
rpc 01.00 node1/0 RP
lab-cmh1-dc-ds1#
05-28-2015 07:38 AM
After a looking at this a little more I believe this has to do with account privileges in AAA. I will investigate further provide an update.
05-28-2015 08:15 AM
Issue resolved. Bypass was what I was missing.
!
event manager applet Config_Change authorization bypass
event config
action 1.0 info type routername
action 1.1 cli command "enable"
action 1.2 cli command "show archive log config all"
action 1.4 mail server "10.0.100.222" to "todd******@******.com" from "lab-cmh1-dc-ds1@*****.net" subject "config-change" body "$_cli_result"
action 1.5 cli command "clear archive log config force"
!
end
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide