In the earlier article titled EEM demystified, we took an introductory look at the basic format for EEM applets, and some basic samples for general operation, including some basic CLI command usage, getting input, and displaying output.
In this article, we are going to take a look at some of the additional actions available, specifically looking at variables, a few operators, and some general conditional structures.
Note: For any commands that are shown that start with the word “action”, these are commands configured from within applet configuration mode.
There are a number of built in variables, but you can also define some variables on your own. Cisco environmental variables begin with an underscore “_”. Because of this it is strongly recommended that you do not use variables that start with “_”, to avoid potential conflict.
In some cases, you will see a variable referenced with a dollar sign in front “$”. This is to identify that the following item is a variable.
For example, comparing the following two lines:
action 1000 puts I action 1001 puts $I
Action 1000 will print the character “I”, whereas action 1001 will print the value of the variable “I”.
Variables can be set within the applet
Action 100 set I 5000
This will set the variable “I” to 5000.
Variables can also be set from global configuration
event manager environment I 5000
This will set the variable “I” to 5000.
Variables can also be set by CLI input using the “gets” action.
Action 1002 gets MYVAR
This action will take input from the console, and save the entered value as the variable MYVAR.
Add / Subtract / Multiply / Divide
Depending on what assumptions you make, you may not be correct in how these actions work. Basic math operations take place, but the
confusion generally centers around what happens with the resulting value.
Let’s start with a basic example:
action 1000 set i 50 action 1001 set j 60 action 1002 add $i $j
Although we configured the operation of addition, the values for i and j are not changed by action 1002. The action just takes the two numbers and adds them together. Internally, the result is stored in the environmental variable “_result”. If we wanted to see the answer to the addition, we could output the value using “puts”.
action 1003 puts "The total is $_result."
Subtraction will subtract the second operand from the first, so “action 1004 subtract $i $j” would store the value “-10″ in the variable “_result”.
Division is slightly different. Division will populate two variables, _result and _remainder.
action 1006 divide $j $i
If we divide 60 by 50, the value for _result would be 1, and the value for _remainder would be 10.
Increment / Decrement
These will actually increase (or decrease) the variables. The default value to increment / decrement is 1, but other values can be specified.
event manager applet I event none action 1000 set a 1 action 1001 puts $a action 1002 increment a action 1003 puts $a action 1004 increment a 10 action 1005 puts $a
The output received when the applet runs would be:
Note: For the set, increment, and decrement commands, the $ is not needed, since the syntax knows that it is expecting a variable. For the puts command, the $ is needed, so that the applet knows that you are not trying to just print the letter a.
Let’s take a look at some conditional loops. Say we wanted to create 100 loopbacks, with a /24 mask, and the first two octets of 192.168, a fourth octet value of 1, and a third octet value from 0 to 99.
Here, we are going to use multiple variables. We are going to nest a while loop inside another while loop, while also adding in some
examples of addition and multiplication as shown earlier. We will take the values a and b and increment them from 0 to 9. The variables a and b will both start out at 0. Variable a will stay at 0 while variable b increments from 0 to 9. For each value, we are going to create a loopback interface. Once b reaches 9, we will reset variable b to 0, and increment a.
event manager applet NEWLOOP event none action 1000 set a 0 action 1001 set b 0 action 1002 cli command enable action 1003 cli command "conf t" action 1004 while $a le 9 action 1005 while $b le 9 action 1006 multiply $a 10 action 1007 set c _result action 1008 add $c $b action 1009 cli command "interface loopback $_result" action 1010 cli command "ip address 192.168.$_result.1 255.255.255.0" action 1011 increment b action 1012 end action 1013 set b 0 action 1012 increment a action 1013 end
OK, so additional variables used here include c and _result. Using the multiplication function, c will be 10 times a . After the multiplication, _result is overwritten with the value of c+b, and is used for the loopback creation. For each of the loopbacks created, the loopback number will effectively be (10*a)+b. When the conditional cycles complete, we will have 100 loopbacks, numbered from 0 to 99.
Note: We could have just used a single variable, and incremented from 0 to 99, but this example shows the usage of multiplication and addition for additional complexity.
Let’s take a look at some additional miscellaneous examples. According to some people, you can never be too evil when creating a practice lab.
Every 30 seconds, shut down the Fa0/0 interface, wait 10 seconds, and bring it back.
event manager applet FLAP event timer watchdog time 30 action 1 cli command "enable" action 100 cli command "config t" action 101 cli command "interface Fa0/0" action 102 cli command "shut" action 103 wait 10 action 104 cli command "no shut"
Intercept attempts to use the “write” commands, spoof some output, and then reload the device.
event manager applet NOSAVE event cli pattern "write" sync yes action 111 puts "Building configuration..." action 112 wait 5 action 113 puts "[OK]" action 114 set _exit_status "0" action 115 reload
Use CLI matching to prevent specific commands from running:
event manager applet NOSHSTART event cli pattern "show start" sync no skip yes
event manager applet NOWRT event cli pattern "write term" sync no skip yes
event manager applet NOWRE event cli pattern "write erase" sync no skip yes
Note: The CLI detector will match patterns based on the full command, not just on what was typed. For example, “wr t” entered at the console will still be matched by the pattern “write term”.
Hide applets from the running config by intercepting the “show run” command, and replacing with filtered output.
event manager applet TheseAreNotTheAppletsYou'reLookingFor event cli pattern "show run" sync yes action 111 cli command "enable" action 112 cli command "show run | excl applet|event|action" action 113 puts "$_cli_result" action 114 set _exit_status "0"
Using EEM to create an IOS menu without using the “menu” command.
username MYUSER secret cisco username MYUSER priv 15 username MYUSER autocommand MN alias exec MN event manager run MYNOC event manager applet MYNOC event none action 0 puts "" action 1 puts "1 Shutdown Frame Interface" action 2 puts "2 Bring up Frame Interface" action 3 gets opt action 4 if $opt eq 1 goto 800 action 5 if $opt eq 2 goto 900 action 6 if $opt ne 2 goto 1 action 800 puts "Shutting Down Frame" action 801 cli command "enable" action 802 cli command "config term" action 803 cli command "interface Ser0/0/0" action 804 cli command "shut" action 805 cli command "end" action 806 cli command "wr mem" action 850 exit action 900 puts "Bringing up Frame" action 901 cli command "enable" action 902 cli command "config term" action 903 cli command "interface Ser0/0/0" action 904 cli command "no shut" action 905 cli command "end" action 906 cli command "Wr mem" action 950 exit
5 Responses to “EEM – Revenge of the applets”
Leave a Reply