Login
- Table of Contents
-
- 12-Network Management and Monitoring Command Reference
- 00-Preface
- 01-System maintenance and debugging commands
- 02-NQA commands
- 03-NTP commands
- 04-SNMP commands
- 05-NETCONF commands
- 06-RMON commands
- 07-EAA commands
- 08-Process monitoring and maintenance commands
- 09-sFlow commands
- 10-Mirroring commands
- 11-Information center commands
- 12-GOLD commands
- 13-Packet capture commands
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 07-EAA commands | 106 KB |
EAA commands
action cli
Use action cli to add a CLI action to a monitor policy.
Use undo action to remove an action.
Syntax
action number cli command-line
undo action number
Default
Monitor policies do not contain any actions.
Views
CLI-defined policy view
Predefined user roles
network-admin
Parameters
number: Specifies an action ID in the range of 0 to 231.
cli command-line: Specifies the command line to be executed when the event occurs. You can enter abbreviated forms of command keywords, but you must make sure the forms can uniquely identify the command keywords. For example, you can enter dis cu for the display current-configuration command.
Usage guidelines
You can configure a series of actions to be executed in response to the event specified in a monitor policy.
If two actions have the same ID, the most recent one takes effect.
EAA executes the actions in ascending order of action IDs. When you add actions to a policy, you must make sure the execution order is correct.
To execute a command in a view other than user view, you must define actions required for accessing the target view before defining the command execution action. In addition, you must number the actions in the order they should be executed, starting with entering system view.
For example, to shut down an interface, you must create the following actions in order:
1. Action to enter system view.
2. Action to enter interface view.
3. Action to shut down the interface.
When you define an action, you may choose to specify a value or specify a variable name for an argument. For more information about using EAA environment variables, see "rtm environment."
Examples
# Configure the CLI-defined policy test to shut down Ten-GigabitEthernet 1/1/1 when the policy is triggered.
<Sysname> system-view
[Sysname] rtm cli-policy test
[Sysname-rtm-test] action 1 cli system-view
[Sysname-rtm-test] action 2 cli interface ten-gigabitethernet 1/1/1
[Sysname-rtm-test] action 3 cli shutdown
action reboot
Use action reboot to add a reboot action to a monitor policy.
Use undo action to remove an action.
Syntax
action number reboot [ slot slot-number [ subslot subslot-number ] ]
undo action number
Default
Monitor policies do not contain any actions.
Views
CLI-defined policy view
Predefined user roles
network-admin
Parameters
number: Specifies an action ID in the range of 0 to 231.
slot slot-number: Specifies an IRF member device by its member ID or specifies a PEX by its virtual slot number. On an IRF fabric, this command reboots all member devices if you do not specify a member device. On an IRF 3 system, this command reboots all IRF member devices and PEXs if you do not specify an IRF member device or PEX.
subslot subslot-number: Specifies a subcard by its subslot number. If you do not specify a subcard, the command reboots all subcards.
Usage guidelines
You can configure a series of actions to be executed in response to the event specified in a monitor policy.
If two actions have the same ID, the most recent one takes effect.
EAA executes the actions in ascending order of action IDs. When you add actions to a policy, you must make sure the execution order is correct.
The reboot action configured with this command reboots devices or cards without saving the running configuration. If you want to save the running configuration, use the action cli command to configure reboot actions.
When you define an action, you may choose to specify a value or specify a variable name for an argument. For more information about using EAA environment variables, see "rtm environment."
Examples
# Configure an action for the CLI-defined policy test to reboot the device.
<Sysname> system-view
[Sysname] rtm cli-policy test
[Sysname-rtm-test] action 3 reboot
action switchover
Use action switchover to add a master/subordinate switchover action to a monitor policy.
Use undo action to remove an action.
Syntax
action number switchover
undo action number
Default
Monitor policies do not contain any actions.
Views
CLI-defined policy view
Predefined user roles
network-admin
Parameters
number: Specifies an action ID in the range of 0 to 231.
Usage guidelines
You can configure a series of actions to be executed in response to the event specified in a monitor policy.
If two actions have the same ID, the most recent one takes effect.
EAA executes the actions in ascending order of action IDs. You must make sure the execution order is correct when you add actions to a policy.
Examples
# Configure an action for the CLI-defined policy test to perform a master/subordinate switchover.
<Sysname> system-view
[Sysname] rtm cli-policy test
[Sysname-rtm-test] action 3 switchover
action syslog
Use action syslog to add a Syslog action to a monitor policy.
Use undo action to remove an action.
Syntax
action number syslog priority level facility local-number msg msg-body
undo action number
Default
Monitor policies do not contain any actions.
Views
CLI-defined policy view
Predefined user roles
network-admin
Parameters
number: Specifies an action ID in the range of 0 to 231.
priority level: Specifies the log severity level in the range of 0 to 7. A lower value represents a higher severity level.
facility local-number: Specifies a logging facility by its facility number in the range of local0 to local7. Facility numbers are used by a log host to identify log creation facilities for filtering log messages.
msg msg-body: Configures the log message body.
Usage guidelines
EAA sends log messages to the information center. You can configure the information center to output these messages to certain destinations. For more information about the information center, see "Configuring the information center."
You can configure a series of actions to be executed in response to the event specified in a monitor policy.
EAA executes the actions in ascending order of action IDs. When you add actions to a policy, you must make sure the execution order is correct.
If two actions have the same ID, the most recent one takes effect.
When you define an action, you may choose to specify a value or specify a variable name for an argument. For more information about using EAA environment variables, see "rtm environment."
Examples
# Configure an action for the CLI-defined policy test to send a log message "hello" with a severity of 7 from the facility device local3.
<Sysname> system-view
[Sysname] rtm cli-policy test
[Sysname-rtm-test] action 3 syslog priority 7 facility local3 msg hello
commit
Use commit to enable a CLI-defined monitor policy.
Syntax
commit
Default
No CLI-defined policies are enabled.
Views
CLI-defined policy view
Predefined user roles
network-admin
Usage guidelines
You must execute this command for a CLI-defined policy to take effect.
After changing the settings in a policy that has been enabled, you must re-execute this command for the changes to take effect.
Examples
# Enable the CLI-defined policy test.
<Sysname> system-view
[Sysname] rtm cli-policy test
[Sysname-rtm-test] commit
display rtm environment
Use display rtm environment to display user-defined EAA environment variables and their values.
Syntax
display rtm environment [ var-name ]
Views
Any view
Predefined user roles
network-admin
Parameters
var-name: Specifies a user-defined EAA environment variable by its name. If you do not specify a variable, this command displays all user-defined EAA environment variables.
Examples
# Display all user-defined EAA environment variables.
<Sysname> display rtm environment
Name Value
config_cmd interface m1/1/1
save_cmd save main force
show_run_cmd display current-configuration
display rtm policy
Use display rtm policy to display monitor policies.
Syntax
display rtm policy { active | registered [ verbose ] } [ policy-name ]
Views
Any view
Predefined user roles
network-admin
Parameters
active: Displays policies that are running.
registered: Displays policies that have been created.
policy-name: Specifies a policy by its name. If you do not specify a policy, the command displays all monitor policies that are running or have been created.
verbose: Displays detailed information about monitor policies.
Examples
# Display all running monitor policies.
<Sysname> display rtm policy active
JID Type Event TimeActive PolicyName
501 CLI CLI Jan 07 11:16:57 2015 test1
505 TCL CLI Jan 07 11:16:57 2015 test2
# Display all monitor policies that have been created.
<Sysname> display rtm policy registered
Total number: 2
Type Event TimeRegistered PolicyName
CLI CLI Jan 07 11:08:18 2015 test1
TCL CLI Jan 07 11:07:59 2015 test2
# Display detailed information about all monitor policies.
<Sysname> display rtm policy registered verbose
Total number: 2
Policy Name: test1
Policy Type: CLI
Event Type: CLI
TimeRegistered: Jan 07 11:08:18 2015
User-role: network-operator
network-admin
Policy Name: test2
Policy Type: TCL
Event Type: CLI
TimeRegistered: Jan 07 11:07:59 2015
User-role: network-admin
Table 1 Command output
|
Field |
Description |
|
JID |
Job ID. This field is available for the display rtm policy active command. |
|
PolicyName |
Monitor policy name. |
|
Type Policy Type |
Policy creation method: · TCL—The policy was configured by using Tcl. · CLI—The policy was configured from the CLI. |
|
Event Event Type |
Source of the event specified in the policy. Options include CLI, HOTPLUG, INTERFACE, PROCESS, SNMP, SNMP_NOTIF, and SYSLOG. |
|
TimeActive |
Time when the policy started to execute. |
|
TimeRegistered |
Time when the policy was created. |
|
Total number |
Total number of policies. |
|
User-role |
User roles for executing the monitor policy. To execute the monitor policy, an administrator must have at least one of the displayed user roles. |
event cli
Use event cli to configure a CLI event for a CLI-defined monitor policy.
Use undo event to delete the event in a CLI-defined monitor policy.
Syntax
event cli { async [ skip ] | sync } mode { execute | help | tab } pattern regular-exp
undo event
Default
No CLI events are configured.
Views
CLI-defined policy view
Predefined user roles
network-admin
Parameters
async [ skip ]: Enables or disables the system to execute the command that triggers the policy. If you specify the skip keyword, the system executes the actions in the policy without executing the command that triggers the policy. If you do not specify the skip keyword, the system executes both the actions in the policy and the command entered at the CLI.
sync: Enables the system to execute the command that triggers the event only if the policy has been executed successfully.
execute: Triggers the policy when a matching command is entered.
help: Triggers the policy when a question mark (?) is entered at a matching command line.
tab: Triggers the policy when the Tab key is pressed to complete a parameter in a matching command line.
pattern regular-exp: Specifies a regular expression for matching commands that trigger the policy. For more information about using regular expressions, see Fundamentals Configuration Guide.
Usage guidelines
Use CLI event monitor policies to monitor operations performed at the CLI.
You can configure only one event for a monitor policy. If the monitor policy already contains an event, the new event replaces the old event.
Examples
# Configure a CLI-defined policy to monitor execution of commands that contain the dis inter brief string. Enable the system to execute the actions in the policy without executing the command that triggers the policy.
<Sysname>system-view
[Sysname] rtm cli-policy test
[Sysname-rmt-test] event cli async skip mode execute pattern dis inter brief
# Configure a CLI-defined policy to monitor the use of the Tab key at command lines that contain the dis inter brief string. Enable the system to execute the actions in the policy and display the complete parameter when Tab is pressed at a policy-matching command line.
<Sysname> system-view
[Sysname] rtm cli-policy test
[Sysname-rmt-test] event cli async mode tab pattern dis inter brief
# Configure a CLI-defined policy to monitor the use of the question mark (?) at command lines that contain the dis inter brief string. Enable the system to execute a policy-matching command line only if the actions in the policy are executed successfully when a question mark is entered at the command line.
<Sysname>system-view
[Sysname] rtm cli-policy test
[Sysname-rmt-test] event cli sync mode help pattern dis inter brief
event hotplug
Use event hotplug to configure a hotplug event for a CLI-defined monitor policy.
Use undo event to delete the event in a CLI-defined monitor policy.
Syntax
event hotplug slot slot-number [ subslot subslot-number ]
undo event
Default
No hotplug events are configured.
Views
CLI-defined policy view
Predefined user roles
network-admin
Parameters
slot slot-number: Specifies an IRF member device by its member ID or specifies a PEX by its virtual slot number. On an IRF fabric, this command applies to all member devices if you do not specify a member device. On an IRF 3 system, this command applies to all IRF member devices and PEXs if you do not specify an IRF member device or PEX.
subslot subslot-number: Specifies a subslot by its subslot number. If you do not specify a subcard, EAA monitors all subslots for card swapping events.
Usage guidelines
Use hotplug event monitor policies to monitor the system for the following events:
· Master/subordinate switchover.
· Member device removal or addition.
· Card hot swapping.
If you do not specify the remove or insert event, the hotplug event monitor policy monitors cards for both events.
You can configure only one event entry for a monitor policy. If the monitor policy already contains an event entry, the new event entry replaces the old event entry.
Examples
# Configure a CLI-defined policy to monitor IRF member device 1 for master/subordinate switchover.
<Sysname> system-view
[Sysname] rtm cli-policy test
[Sysname-rtm-test] event hotplug slot 1
event interface
Use event interface to configure an interface event for a CLI-defined monitor policy.
Use undo event to delete the event in a CLI-defined monitor policy.
Syntax
event interface interface-type interface-number monitor-obj monitor-obj start-op start-op start-val start-val restart-op restart-op restart-val restart-val [ interval interval ]
undo event
Default
No interface events are configured.
Views
CLI-defined policy view
Predefined user roles
network-admin
Parameters
interface-type interface-number: Specifies an interface by its type and number.
monitor-obj monitor-obj: Specifies the traffic statistic to be monitored on the interface. For keywords available for the monitor-obj argument, see Table 2.
start-op start-op: Specifies the operator for comparing the monitored traffic statistic with the start threshold. The start threshold is crossed if the comparison result meets the condition. For keywords available for the start-op argument, see Table 3.
start-val start-val: Specifies the start threshold to be compared with the monitored traffic statistic. The value range is 0 to 4294967295.
restart-op restart-op: Specifies the operator for comparing the monitored traffic statistic with the restart threshold. The restart threshold is crossed if the comparison result meets the condition. For keywords available for the restart-op argument, see Table 3.
restart-val restart-val: Specifies the restart threshold to be compared with the monitored traffic statistic. The value range is 0 to 4294967295.
interval interval: Specifies the interval to sample the monitored traffic statistic for a comparison. The value range is 1 to 4294967295 seconds. The default is 300 seconds.
|
Monitored traffic statistic |
Description |
|
input-drops |
Number of discarded incoming packets. |
|
input-errors |
Number of incoming error packets. |
|
output-drops |
Number of discarded outgoing packets. |
|
output-errors |
Number of outgoing error packets. |
|
rcv-bps |
Receive rate, in bps. |
|
rcv-broadcasts |
Number of incoming broadcasts. |
|
rcv-pps |
Receive rate, in packets per second. |
|
tx-bps |
Transmit rate, in bps. |
|
tx-pps |
Transmit rate, in packets per second. |
|
Comparison operator |
Description |
|
eq |
Equal to. |
|
ge |
Greater than or equal to. |
|
gt |
Greater than. |
|
le |
Less than or equal to. |
|
lt |
Less than. |
|
ne |
Not equal to. |
Usage guidelines
Use interface event monitor policies to monitor traffic statistics on an interface.
You can configure only one event for a monitor policy. If the monitor policy already contains an event, the new event replaces the old event.
EAA executes an interface event monitor policy when the monitored interface traffic statistic crosses the start threshold in the following situations:
· The statistic crosses the start threshold for the first time.
· The statistic crosses the start threshold each time after it crosses the restart threshold.
The following is the interface event monitor process of EAA:
1. Compares the traffic statistic sample with the start threshold at sampling intervals until the comparison result meets the condition specified by the start operator.
2. Executes the policy.
3. Compares the traffic statistic sample with the restart threshold at sampling intervals until the comparison result meets the condition specified by the restart operator.
4. Compares the traffic statistic sample with the start threshold at sampling intervals until the comparison result meets the condition specified by the start operator.
5. Executes the policy again.
This process cycles for the monitor policy to be executed and re-executed.
Examples
# Configure a CLI-defined policy to monitor the incoming error packet statistic on Ten-GigabitEthernet 1/1/1 every 60 seconds. Set the start threshold to 1000 and the restart threshold to 50. Enable EAA to execute the policy when the statistic exceeds 1000 for the first time. Enable EAA to re-execute the policy if the statistic exceeds 1000 each time after the statistic has dropped below 50.
<Sysname> system-view
[Sysname] rtm cli-policy test
[Sysname-rtm-test] event interface ten-gigabitethernet 1/1/1 monitor-obj input-errors start-op gt start-val 1000 restart-op lt restart-val 50 interval 60
event process
Use event process to configure a process event for a CLI-defined monitor policy.
Use undo event to delete the event in a CLI-defined monitor policy.
Syntax
event process { exception | restart | shutdown | start } [ name process-name [ instance instance-id ] ] [ slot slot-number ]
undo event
Default
No process events are configured.
Views
CLI-defined policy view
Predefined user roles
network-admin
Parameters
exception: Monitors the specified process for exceptional events. EAA executes the policy when an exception occurs to the monitored process.
restart: Monitors the specified process for restart events. EAA executes the policy when the monitored process restarts.
shutdown: Monitors the specified process for shutdown events. EAA executes the policy when the monitored process is shut down.
start: Monitors the specified process for start events. EAA executes the policy when the monitored process starts.
name process-name: Specifies a user-mode process by its name. The process can be one that is running or not running.
instance instance-id: Specifies a process instance ID in the range of 0 to 4294967295. The instance ID can be one that has not been created yet. If an instance is specified, EAA only monitors the process instance. If you do not specify an instance, EAA monitors all instances of the process.
slot slot-number: Specifies an IRF member device by its member ID or specifies a PEX by its virtual slot number. On an IRF fabric, this command applies to all member devices if you do not specify a member device. On an IRF 3 system, this command applies to all IRF member devices and PEXs if you do not specify an IRF member device or PEX.
Usage guidelines
Use process event monitor policies to monitor process state changes. These changes can result from manual operations or automatic system operations.
You can configure only one event for a monitor policy. If the monitor policy already contains an event, the new event replaces the old event.
Examples
# Configure a CLI-defined policy to monitor all instances of the process snmpd for restart events.
<Sysname>system-view
[Sysname] rtm cli-policy test
[Sysname-rtm-test] event process restart name snmpd
event snmp oid
Use event snmp oid to configure an SNMP event for a CLI-defined monitor policy.
Use undo event to delete the event in a CLI-defined monitor policy.
Syntax
event snmp oid oid monitor-obj { get | next } start-op start-op start-val start-val restart-op restart-op restart-val restart-val [ interval interval ]
undo event
Default
No SNMP events are configured.
Views
CLI-defined policy view
Predefined user roles
network-admin
Parameters
oid oid: Specifies the OID of the monitored MIB variable, a string of 1 to 256 characters.
monitor-obj { get | next }: Specifies the SNMP operation used for sampling variable values. The get keyword represents the SNMP get operation, and the next keyword represents the SNMP getNext operation.
start-op start-op: Specifies the operator for comparing the sampled value with the start threshold. The start threshold is crossed if the comparison result meets the condition. For keywords available for the start-op argument, see Table 3.
start-val start-val: Specifies the start threshold to be compared with the sampled value. The start-val argument can be any data type supported by SNMP, including numerals and character strings. The CLI online help system displays the value range as character strings of 1 to 512 characters. If the threshold value contains spaces, you must enclose the value in quotation marks (" ").
restart-op op: Specifies the operator for comparing the sampled value with the restart threshold. The restart threshold is crossed if the comparison result meets the condition. For keywords available for the start-op argument, see Table 3.
restart-op restart-val: Specifies the restart threshold to be compared with the sampled value. The restart-val argument can be any data type supported by SNMP, including numerals and character strings. The CLI online help system displays the value range as character strings of 1 to 512 characters. If the threshold value contains spaces, you must enclose the value in quotation marks (" ").
interval interval: Specifies the sampling interval in the range of 1 to 4294967295 seconds. The default is 300 seconds.
Usage guidelines
Use SNMP event monitor policy to monitor value changes of MIB variables.
You can configure only one event for a monitor policy. If the monitor policy already contains an event, the new event replaces the old event.
EAA executes an SNMP event monitor policy when the monitored MIB variable's value crosses the start threshold in the following situations:
· The monitored variable's value crosses the start threshold for the first time.
· The monitored variable's value crosses the start threshold each time after it crosses the restart threshold.
The following is the SNMP event monitor process of EAA:
1. Compares the variable sample with the start threshold at sampling intervals until the comparison result meets the condition specified by the start operator.
2. Executes the policy.
3. Compares the variable sample with the restart threshold at sampling intervals until the comparison result meets the condition specified by the restart operator.
4. Compares the variable sample with the start threshold at sampling intervals until the comparison result meets the condition specified by the start operator.
5. Executes the policy again.
This process cycles for the monitor policy to be executed and re-executed.
Examples
# Configure a CLI-defined policy to get the value of the MIB variable 1.3.6.4.9.9.42.1.2.1.6.4 every five seconds. Set the start threshold to 1 and the restart threshold to 2. Enable EAA to execute the policy when the value changes to 1 for the first time. Enable EAA to re-execute the policy if the value changes to 1 each time after the value has changed to 2.
<Sysname> system-view
[Sysname] rtm cli-policy snmp
[Sysname-rtm-snmp] event snmp oid 1.3.6.4.9.9.42.1.2.1.6.4 monitor-obj get start-op eq start-val 1 restart-op eq restart-val 2 interval 5
event snmp-notification
Use event snmp-notification to configure an SNMP-Notification event for a CLI-defined policy.
Use undo event to remove the event in a CLI-defined policy.
Syntax
event snmp-notification oid oid oid-val oid-val op op [ drop ]
undo event
Default
No SNMP-Notification events are configured.
Views
CLI-defined policy view
Predefined user roles
network-admin
Parameters
oid oid: Specifies the OID of the monitored MIB variable, a string of 1 to 256 characters.
oid-val oid-val: Specifies the threshold to be compared with the sampled value. The oid-val argument can be any data type supported by SNMP, including numerals and character strings. The CLI online help system displays the value range as character strings of 1 to 512 characters. If the threshold value contains spaces, you must enclose the value in quotation marks (" ").
op op: Specifies the operator for comparing the sampled value with the threshold. The policy is executed if the comparison result meets the condition. For keywords available for the start-op argument, see Table 3.
drop: Drops the notification if the comparison result meets the condition. If this keyword is not specified, the system sends the notification.
Usage guidelines
Use SNMP-Notification event monitor policies to monitor variables in SNMP notifications.
EAA executes an SNMP-Notification event monitor policy when the value of the monitored variable in an SNMP notification meets the specified condition.
You can configure only one event for a monitor policy. If the monitor policy already contains an event, the new event replaces the old event.
Examples
# Configure a CLI-defined policy to monitor SNMP notifications that contain the variable OID 1.3.6.1.4.1.318.2.8.3. Enable the system to drop an SNMP notification and execute the policy if the variable in the notification contains the "UPS:Returned from battery backup power" string.
<Sysname> system-view
[Sysname] rtm cli-policy snmp-notification
[Sysname-rtm-snmp-notification] event snmp-notification oid 1.3.6.1.4.1.318.2.8.3 oid-val “UPS:Returned from battery backup power” op eq drop
event syslog
Use event syslog to configure a Syslog event for a CLI-defined monitor policy.
Use undo event to delete the event in a CLI-defined monitor policy.
Syntax
event syslog priority level msg msg occurs times period period
undo event
Default
No log event is configured.
Views
CLI-defined policy view
Predefined user roles
network-admin
Parameters
priority level: Specifies the lowest severity level for matching log messages. The level argument can be an integer in the range of 0 to 7, or the word all, which represents any severity level from 0 to 7. A lower number represents higher priority level. For example, specify a severity level of 3 to match log messages from level 3 to level 0.
msg msg: Specifies a regular expression to match the message body, a string of 1 to 255 characters. The log message must use the H3C format. For more information about log message formats, see "Configuring the information center."
occurs times period period: Executes the policy if the number of log matches over an interval exceeds the limit. The times argument specifies the maximum number of log matches in the range of 1 to 32. The period argument specifies an interval in the range of 1 to 4294967295 seconds.
Usage guidelines
Use Syslog event monitor policies to monitor log messages.
EAA executes a Syslog event monitor policy when the number of matching logs over an interval reaches the limit.
|
|
NOTE: EAA does not count log messages generated by the RTM module when it counts log matches. |
You can configure only one event for a monitor policy. If the monitor policy already contains an event, the new event replaces the old event.
Examples
# Configure a CLI-defined policy to monitor Syslog messages for level 3 to level 0 messages that contain the down string. Enable the policy to execute when five log matches are found within 6 seconds.
<Sysname> system-view
[Sysname] rtm cli-policy syslog
[Sysname-rtm-syslog] event syslog priority 3 msg down occurs 5 period 6
rtm cli-policy
Use rtm cli-policy to create a CLI-defined EAA monitor policy and enter its view.
Use undo rtm cli-policy to delete a CLI-defined monitor policy.
Syntax
rtm cli-policy policy-name
undo rtm cli-policy policy-name
Default
No CLI-defined monitor policy exists.
Views
System view
Predefined user roles
network-admin
Parameters
policy-name: Specifies the name of a CLI-defined monitor policy, a case-sensitive string of 1 to 63 characters.
Usage guidelines
You must create a CLI-defined monitor policy before you can use the CLI to configure settings in the policy.
You can assign the same policy name to a CLI-defined policy and a Tcl-defined policy, but you cannot assign the same name to policies that are the same type.
For a CLI-defined monitor policy to take effect, you must execute the commit command after you complete configuring the policy.
Examples
# Create a CLI-defined policy and enter its view.
<Sysname> system-view
[Sysname] rtm cli-policy test
Related commands
commit
rtm environment
Use rtm environment to configure an EAA environment variable.
Use undo rtm environment to delete a user-defined EAA environment variable.
Syntax
rtm environment var-name var-value
undo rtm environment var-name
Default
The system provides the variables in Table 4. You cannot create, delete, or modify these system-defined variables.
Table 4 System-defined EAA environment variables by event type
|
Variable name |
Description |
|
Any event: |
|
|
_event_id |
Event ID. |
|
_event_type |
Event type. |
|
_event_type_string |
Event type description. |
|
_event_time |
Time when the event occurs. |
|
_event_severity |
Severity level of an event. |
|
CLI: |
|
|
_cmd |
Commands that are matched. |
|
Syslog: |
|
|
_syslog_pattern |
Log message content. |
|
Hotplug: |
|
|
_slot |
ID of the IRF member device where a master/subordinate switchover, removal, or addition event occurs. |
|
_subslot |
ID of the subslot where a hot swap event occurs. |
|
Interface: |
|
|
_ifname |
Interface name. |
|
SNMP: |
|
|
_oid |
OID of the MIB variable where an SNMP operation is performed. |
|
_oid_value |
Value of the MIB variable. |
|
SNMP-Notification: |
|
|
_oid |
OID that is included in the SNMP notification. |
|
Process: |
|
|
_process_name |
Process name. |
Views
System view
Predefined user roles
network-admin
Parameters
var-name: Specifies an environment variable name, a string of 1 to 63 characters. A user-defined EAA environment variable name can contain digits, letters, and the underscore sign (_), but its leading character cannot be the underscore sign.
var-value: Specifies the variable value.
Usage guidelines
When you define an action, you can enter a variable name with a leading dollar sign ($variable_name) instead of entering a value for an argument. EAA will replace the variable name with the variable value when it performs the action.
For an action argument, you can specify a list of variable names in the form of $variable_name1$variable_name2...$variable_nameN.
Examples
# Create an environment variable: set its name to if and set its value to interface.
<Sysname> system-view
[Sysname] rtm environment if interface
rtm scheduler suspend
Use rtm scheduler suspend to suspend monitor policies.
Use undo rtm scheduler suspend to resume monitor policies.
Syntax
rtm scheduler suspend
undo rtm scheduler suspend
Views
System view
Predefined user roles
network-admin
Usage guidelines
This command disables all CLI-defined and Tcl-defined monitor policies except for the monitor policies that are running.
To revise the Tcl script of a policy, you must suspend all monitor policies first, and then resume the policies after you finish revising the script. The system cannot execute a Tcl-defined policy if you edit its Tcl script without suspending all monitor policies.
Examples
# Suspend monitor policies.
<Sysname> system-view
[Sysname] rtm scheduler suspend
rtm tcl-policy
Use rtm tcl-policy to create a Tcl-defined policy and bind it to a Tcl script file.
Use undo rtm tcl-policy to delete a Tcl policy.
Syntax
rtm tcl-policy policy-name tcl-filename
undo rtm tcl-policy policy-name
Default
No Tcl policies exist.
Views
System view
Predefined user roles
network-admin
Parameters
policy-name: Specifies a policy name, a case-sensitive string of 1 to 63 characters.
tcl-filename: Specifies a .tcl script file name. The file name is case sensitive. You must make sure the file is available on a storage medium of the device.
Usage guidelines
Use this command to configure a monitor policy in Tcl.
This command both creates and enables the specified Tcl-defined monitor policy. To revise the Tcl script of a Tcl-defined policy, you must suspend all monitor policies first, and then resume the policies after you finish revising the script. The system cannot execute a Tcl-defined policy if you edit its Tcl script without suspending all monitor policies.
To bind a Tcl-defined policy to a different Tcl script file:
1. Delete the Tcl policy.
2. Create the Tcl policy again, and then bind it to the new Tcl script file.
You can assign the same policy name to a CLI-defined policy and a Tcl-defined policy. However, you cannot assign the same name to policies that are the same type.
Examples
# Create a Tcl policy and bind it to a Tcl script file.
<Sysname> system-view
[Sysname] rtm tcl-policy test test.tcl
running-time
Use running-time to configure the runtime of a CLI-defined policy.
Use undo running-time to restore the default.
Syntax
running-time time
undo running-time
Default
The runtime of a CLI-defined policy is 20 seconds.
Views
CLI-defined policy view
Predefined user roles
network-admin
Parameters
time: Specifies the runtime of the CLI-defined policy, in the range of 0 to 31536000 seconds. If you specify 0, the policy can run forever until it is manually interrupted.
Usage guidelines
Policy runtime limits the amount of time that the monitor policy can run from the time it is triggered. When the runtime is reached, the system stops executing the policy even if the execution is not finished.
This setting prevents an incorrectly defined policy from running permanently to occupy resources.
Examples
# Set the runtime to 60 seconds for the CLI-defined policy test.
<Sysname> system-view
[Sysname] rtm cli-policy test
[Sysname-rtm-test] running-time 60
user-role
Use user-role to assign a user role to a CLI-defined policy.
Use undo user-role to remove a user role from a CLI-defined policy.
Syntax
user-role role-name
undo user-role role-name
Default
A monitor policy contains user roles that its creator had at the time of policy creation.
Views
CLI-defined policy view
Predefined user roles
network-admin
Parameters
role-name: Specifies a user role, a string of 1 to 63 characters.
Usage guidelines
For EAA to execute an action in a monitor policy, you must assign the policy the user role that has access to the action-specific commands and resources. If EAA lacks access to an action-specific command or resource, EAA does not perform the action and all the subsequent actions.
For example, a monitor policy has four actions numbered from 1 to 4. The policy has user roles that are required for performing actions 1, 3, and 4, but it does not have the user role required for performing action 2. When the policy is triggered, EAA executes only action 1.
A monitor policy supports a maximum of 64 valid user roles. User roles added after this limit is reached do not take effect.
You cannot assign a monitor policy user roles that have higher privilege than the user roles you are logged in with.
An EAA policy cannot have both the security-audit user role and any other user roles. Any previously assigned user roles are automatically removed when you assign the security-audit user role to the policy. The previously assigned security-audit user role is automatically removed when you assign any other user roles to the policy.
Examples
# Assign user roles to a CLI-defined policy.
<Sysname> system-view
[Sysname] rtm cli-policy test
[Sysname-rtm-test] user-role network-admin
[Sysname-rtm-test] user-role admin
