Reply

Trouble with Trigger template for VTP check

[ Edited ]
Techie
Posts: 5
6173     0

I am trying to pull VTP domain names and passwords to trigger an issue if they do not match our defined standard. The Trigger template states it does not match when more than the "hostname" line is added to the Trigger Template. 

 

###VTP Script##############

Script-Filter:
$Vendor eq "Cisco"

Action:
get hostname

Action-Commands:
show run | include hostname
show vtp status
show vtp password
Output-Triggers:
Get VTP Domain

Trigger:
Get VTP Domain

Trigger-Variables:
$host_prefix word
$vtp_domain word
$vtp_password string

Trigger-Template:

hostname [[$host_prefix]]-.+
VTP Domain Name.+ : [[$vtp_domain]].+
VTP Password: [[$vtp_password]].+


Trigger-Commands:

#command here only because a trigger command is required
show vtp status

Output-Triggers:
Raise Invalid VTP issue

Issue:
Raise Invalid VTP issue

Issue-ID:
VTP_Domain_Mismatch

Issue-Severity:
Warning

Issue-Filter:
($host_prefix ne $vtp_domain) or ($vtp_password ne "GENERIC")

Issue-Details:
Domain $vtp_domain
VTP_Password $vtp_password

 

 

#This is the actual output from the action commands

 

BRANCH-SW01#show run | include hostname
hostname BRANCH-SW01
BRANCH-SW01#show vtp status
VTP Version capable : 1 to 3
VTP version running : 1
VTP Domain Name : BRA
VTP Pruning Mode : Disabled
VTP Traps Generation : Enabled
Device ID : 54a2.74ac.ae00
Configuration last modified by 10.99.0.1 at 6-12-15 14:25:43
Local updater ID is 10.99.0.1 on interface Vl100 (lowest numbered VLAN interface found)

Feature VLAN:
--------------
VTP Operating Mode : Server
Maximum VLANs supported locally : 1005
Number of existing VLANs : 17
Configuration Revision : 17
MD5 digest : 0xA0 0x81 0xBB 0xD1 0x9E 0xD4 0x89 0x4E
0xD2 0x4A 0xDD 0x3D 0x4A 0xFC 0xE0 0xEF
BRANCH-SW01#show vtp password
VTP Password: GENERIC

Re: Trouble with Trigger template for VTP check

Adviser
Posts: 244
6174     0

Hey CCash,

 

If you need a response right away, I'd suggest contacting support, as it is the weekend and it gets "quiet" on the forums until Monday.  We just launched this new site, so there are more people coming online all the time, and internal SME's who participate.

 

Best,

 

Eric

If you appreciate my efforts, please give me a kudo ↓ or Accept as solution to help others find it faster.

Re: Trouble with Trigger template for VTP check

Techie
Posts: 5
6174     0
Thanks, I figured that.

Re: Trouble with Trigger template for VTP check

Adviser
Posts: 472
6174     0

You need to send each show command to it's own trigger for matching.

 

So show vtp status, then it to it's own trigger 

 

Then use Trigger-Commands to do the additional show commands.

 

I'll check back on Monday, typing on my phone so small screen Smiley Happy

 

Sif

Follow me on LinkedIn: https://www.linkedin.com/in/sifbaksh
Twitter: https://twitter.com/sifbaksh

https://sifbaksh.com

Re: Trouble with Trigger template for VTP check

Techie
Posts: 5
6174     0

I was able to get it to work after only using one trigger at a time, rather than using the Action to have only one output-Trigger, and then daisy-chaining each trigger and Output-Trigger. 

 

Template:

 

Script: VTP_Domain_Check

#----------------------------------------------------------------------
Script-Filter:
$Vendor eq "Cisco"

Action: Check VTP settings

Action-Commands:
show run | incl hostname

Output-Triggers:
Get hostname

Trigger:
Get hostname

Trigger-Variables:
$host_prefix word

Trigger-Commands:
show vtp status
Trigger-Template:

hostname [[$host_prefix]]-.+

Output-Triggers:
Get VTP Domain

Trigger:
Get VTP Domain

Trigger-Variables:

$vtp_domain word


Trigger-Commands:
show vtp password

Trigger-Template:

VTP Domain Name.+: [[$vtp_domain]]

Output-Triggers:
Get VTP password

Trigger:
Get VTP password

Trigger-Variables:
$vtp_password string


Trigger-Commands:
show vtp password

Trigger-Template:

VTP Password: [[$vtp_password]]


Output-Triggers:
Raise Invalid VTP issue

Issue:
Raise Invalid VTP issue

Issue-ID:
VTP_Domain_Mismatch

Issue-Severity:
Warning

Issue-Filter:
($host_prefix ne $vtp_domain) or ($vtp_password ne "GENERIC")

Issue-Details:
Domain $vtp_domain
VTP_Password $vtp_password

 

Re: Trouble with Trigger template for VTP check

Techie
Posts: 5
6174     0
I'll give that a whirl. Thanks a lot!

Best Regards,
Cooper T. Cash
Network Infrastructure Architect
Global IT Operations
Teleflex, Incorporated
(540)631-5119 mobile
cooper.cash@teleflex.com

Re: Trouble with Trigger template for VTP check

Member
Posts: 1
6174     0

Sorry, I have had my NetMRI a few years, but the person who I had trained on it left. I have been fumbling my way through learning to tweaking groups, writing rules and doing policies. I have the issue of poor quality control among previous interns. I have devices in the field which are VTP servers when they should not be. It seems that this template could help me locate rogue VTP servers. Where would I run this script from?

Showing results for 
Search instead for 
Did you mean: 

Recommended for You