Jump to content

Embedded event manager

Add links
From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by VoABot II (talk | contribs) at 18:56, 27 July 2009 (BOT - Reverted edits by Xorrkaz {dubious information} (mistake?) to last version by "Stevegiles".). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

(Cisco EEM stands for Embedded Event Manager)

Cisco EEM (Embedded Event Manager)

Cisco EEM is a feature included in Cisco's IOS operating system (and some other Cisco OSes) that allow programmability and automation capabilities inside the router or switch. EEM allows the behavior of a Cisco device to adapt to the business needs of a network by allowing scripting, thresholding, proactive actions, data collection and event management inside the Cisco device itself. Using EEM, problems can be identified and resolved automatically in advance by setting event triggers (called Event Detectors) to watch for specific types of situations or thresholds.

When a situation is detected by EEM, it uses policies to invoke actions based on the type of event and the configured policy. EEM currently supports three different types of programming actions (see Programming Capabilities below).

Cisco Embedded Management Family

EEM is a member of a family of embedded management technologies in Cisco IOS including SNMP, NetFlow, IPSLAs, WSMA (Web Services Management Agent), Syslog, ESM (Embedded Syslog Manager), ERM (Embedded Resource Manager), TCL and Service Diagnostics.

About EEM

With EEM, users can capture complex network events and run sophisticated programs on Cisco devices. The current version of EEM on most Cisco devices in version 3.0 though many older devices only support version 2.4. EEM consists of three areas; Event Detectors, Policies and Programming languages.

Event Detectors

The brains of EEM are event detectors. These event detectors are built-in capabilities to watch for specific situations or conditions. Newer versions of EEM have more event detectors than older ones.

Typical of EEM Event Detectors:

EEM Policies

Policies determine what is run when an event is detected. Policies save users from having to enumerate an action for every possible event.

Programming Capabilities

EEM supports three methods of programmability and scripting.

  1. Applets - these allow CLI to be run when a certain set of conditions occurs
  2. Tcl - when more complex programs need to be built, EEM supports TCL (Tool Command Language) development
  3. IOS.sh - newer versions of IOS support IOS.sh (IOS shell) macros similar to Linux bash shell

Example EEM Commands

There are four steps to setting up an EEM system. In this example, we will get an email of the status of the system when the HSRP state changes. This examples defines an applet action rather than TCL. 

1. event manager environment _email_server 172.27.121.177 (define the environment variable)

2. event manager applet email_hsrp_state_change (set up the policy)

3. event syslog pattern ".*%HSRP-5-STATECHANGE.*" (define the trigger)

4. action 1.0 info type routername (enable the action)
   action 1.1 cli command "enable"
   action 1.3 cli command "show standby | append hsrp_state_change"
   action 1.4 cli command "show standby brief | append hsrp_state_change“
   ………..
   action 1.8 mail server "$_email_server" to "$_email_to" from "$_email_from" subject "HSRP_STATE_CHANGE Alert
       from $_info_routername: $_syslog_msg" body "$_cli_result"

Network Management Software and Tools Support

Software solutions utilizing EEM include, but not limited to:

References

Retrieved from "https://en.wikipedia.org/enwiki/w/index.php?title=Embedded_event_manager&oldid=304527188"