Is there a way to automatically run a script against the members of an issue list every night to correct a common problem? I'd also like to generate a report from the execution, showing which devices didn't succeed, and perhaps the list of all devices that were in the issue list.
Not sure you can schedule it, but you can use "Triggered Jobs" to run a job on a policy violation, or issue creation on the device. If you really don't want it to run at the time the issue is found then I would suggest writting a job that itself looks for the issue and fixes it if found. Then just schedule it to run evey night.
As for alerting you can turn on notifactions for jobs and get an email or syslog for success and failed jobs. You might have to filter to only get that one job notice within your email or syslog. If you used syslog you could report off that.
I have a few triggered jobs and they work well, but can't target an interface, so that might not work for you if that is the issue you are going after. What I have done for interface based items is created a script that runs every night looking at the every interface on a switch. If it finds the issue in question it fixes it. Then I have wrote the script so that after it fixes the issue it sends a bad command to the device. ie "Just fixed <x> error on <X> interface." This then cause the script to error on that device and so I get notified. Another option would be to create a custom issue, but not sure you would want that as you already have an issue you are working from.
Hope that helps.
I just noticed with a triggered job, you can schedule the job. I haven't tried it, but it looks promissing.
Terry I ahve been looking into and testing triggered jobs and it looks like there is a lot of power in them, but I think you are right an option to schedule for today or tomorrow would be very helpful.
I submited a feature request for it.
Jeff,
Thanks for the tip on using triggered jobs. I'll take a look at using it to automatically save configs.
I have a triggered job to save the running config when ever the "Config Running Not Saved" issue is found. It seems to be working, but you are right about the do it tonight/tomorrow morning part.
I'm trying to get this working with policy rule violations, but I'm having issues with getting the policies to run the checks daily. Once I get that part figured out this will be very powerful.
Is your triggered job only doing a 'copy run start' command? Or did you include anything else in it, such as verifying that the config still needs to be saved or that the config change is older than N minutes (to prevent prematurely saving a work-in-progress)?
I have it doing just a write.
I don't have any scripted verify, however I do have run scheduled, so this allows me to sellect to not have the job auto approved. I have a notifacation setup for email on unapproved jobs. That currently makes me the manual verifacation, but the job is created and I get notified about it.
Not sure how to change this in the future, but you set different triggers for differnent device groups. For example core switches could be set to make sure the get approved manually first and maybe access switches for workstaions maybe they get a run now, but only during the day when a tech would be making workstation port changes and not an admin making larger changes.
I like your idea about scripting some sort of verifaction, but I just can't think of how to script the knowledge. What makes it safe to safe the config?
"What makes it safe to safe the config? "
Good question. I think that if the running config was older than X time (2 hrs or 4hrs?), then it would be safe to save it. Requiring a manual approval sounds like a good approach. Thanks for the tips on how you've configured it. That's very helpful.
"Requiring a manual approval sounds like a good approach."
How would that be different than just viewing the list from the "Config Running Not Saved" issue, selecting the ones that should be saved, and then "Schedule Job" for those?
For some it might be the same. For me I like the fact that the job is already created and all I have to do is review and approve it. This does save me time. I guess it all realy depends on your internal proccess and procedures.
I am hoping that at some point when I'm cormfortable with why, when and how jobs are created I will be willing to set some of them to auto approve.
Has anyone posted a script to do Save a config on Cisco Switches? With my current product this is run nightly but I like the approval Idea. I'm now evaluating NetMRI and this is one of my priority goals. Thanks in advance.
No custom script needed. Just use the "Ad Hoc Command Batch" script and run the "write memory" command.
