-
Cisco IOS Network Management Command Reference
-
Introduction
-
absolute through action snmp-trap
-
action string compare through buffers tune automatic
-
calendar set through clock update-calendar
-
cns aaa authentication through discover (cns)
-
emm through event manager scheduler script
-
event manager scheduler suspend through hw-module logging onboard (Cat 6K)
-
idle-timeout (WSMA) through ip director server weights
-
ip dns server through kron policy-list
-
line-cli through logging userinfo
-
major rising through ntp update-calendar
-
object id (action notification) through rmon queuesize
-
sample (expression) through show ethernet oam status
-
show event manager detector through show event manager session cli username
-
show facility-alarm through show ntp status
-
show odm-format through show rmon topn
-
show snmp through snmp mib event sample
-
snmp mib event trigger owner through snmp-server enable informs
-
snmp-server enable traps through snmp-server enable traps ospf cisco-specific retransmit
-
snmp-server enable traps ospf cisco-specific state-change through snmp-server enable traps voice poor-qov
-
snmp-server engineID local through snmp trap link-status
-
sntp broadcast client through xsm vdm
-
Feedback
Table Of Contents
spec-file install remove-entry
test snmp trap auth-framwork sec-violation
test snmp trap dhcp-snooping bindings
test snmp trap errdisable ifevent
test snmp trap flex-links status
test snmp trap l2-control vlan
test snmp trap mac-notification
test snmp trap module-auto-shutdown
test snmp trap power-ethernet port-on-off
test snmp trap vtp pruning-change
xsm privilege configuration level
sntp broadcast client
To use the Simple Network Time Protocol (SNTP) to accept Network Time Protocol (NTP) traffic from any broadcast server, use the sntp broadcast client command in global configuration mode to configure a Cisco 1003, Cisco 1004, Cisco 1005, Cisco 1600, Cisco 1720, or Cisco 1750 router. To prevent the router from accepting broadcast traffic, use the no form of this command.
sntp broadcast client
no sntp broadcast client
Syntax Description
This command has no arguments or keywords.
Defaults
The router does not accept SNTP traffic from broadcast servers.
Command Modes
Global configuration
Command History
Usage Guidelines
SNTP is a compact, client-only version of the NTP. SNMP can only receive the time from NTP servers; it cannot be used to provide time services to other systems.
SNTP typically provides time within 100 milliseconds of the accurate time, but it does not provide the complex filtering and statistical mechanisms of NTP. In addition, SNTP does not authenticate traffic, although you can configure extended access lists to provide some protection.
You must configure the router with either this command or the sntp server global configuration command to enable SNTP.
Examples
The following example enables the router to accept broadcast NTP packets and shows sample show sntp command output:
Router(config)# sntp broadcast clientRouter(config)# endRouter#%SYS-5-CONFIG: Configured from console by consoleRouter# show sntpSNTP server Stratum Version Last Receive172.21.28.34 4 3 00:00:36 Synced BcastBroadcast client mode is enabled.Related Commands
sntp logging
To enable Simple Network Time Protocol (SNTP) message logging, use the sntp logging command in global configuration mode. To disable SNTP logging, use the no form of this command.
sntp logging
no sntp logging
Syntax Description
This command has no arguments or keywords.
Defaults
SNTP message logging is disabled.
Command Modes
Global configuration
Command History
Usage Guidelines
Use the sntp logging command to control the display of SNTP logging messages.
SNTP is a compact, client-only version of Network Time Protocol (NTP). SNTP can be used only to receive the time from NTP servers; SNTP cannot be used to provide time services to other systems. You should consider carefully the use of SNTP rather than NTP in primary servers.
Examples
The following example shows how to enable SNTP message logging, configure the IP address of the SNTP server as 10.107.166.3, and verify that SNTP logging is enabled:
Router# configure terminalEnter configuration commands, one per line. End with CNTL/Z.Router(config)# sntp loggingRouter(config)# sntp server 10.107.166.3Router(config)# endRouter#04:02:54: %SYS-5-CONFIG_I: Configured from console by consoleRouter#Router# show running-config | include ntpsntp loggingsntp server 10.107.166.3The "sntp logging" entry in the configuration file verifies that SNTP message logging is enabled.
The following example shows how to disable SNTP message logging and verify that it is disabled:
Router# configure terminalEnter configuration commands, one per line. End with CNTL/Z.Router(config)# no sntp loggingRouter(config)# endRouter#04:04:34: %SYS-5-CONFIG_I: Configured from console by consoleRouter# show running-config | include ntpsntp server 10.107.166.3The "sntp logging" entry no longer appears in the configuration file, which verifies that SNTP message logging is disabled.
Related Commands
sntp server
To configure a Cisco 800, Cisco 1003, Cisco 1004, Cisco 1005, Cisco 1600, Cisco 1720, or Cisco 1750 router to use the Simple Network Time Protocol (SNTP) to request and accept Network Time Protocol (NTP) traffic from a stratum 1 time server, use the sntp server command in global configuration mode. To remove a server from the list of NTP servers, use the no form of this command.
sntp server {address | hostname} [version number]
no sntp server {address | hostname}
Syntax Description
address
IP address of the time server.
hostname
Host name of the time server.
version number
(Optional) Version of NTP to use. The default is 1.
Defaults
The router does not accept SNTP traffic from a time server.
Command Modes
Global configuration
Command History
Usage Guidelines
SNTP is a compact, client-only version of the NTP. SNMP can only receive the time from NTP servers; it cannot be used to provide time services to other systems.
SNTP typically provides time within 100 milliseconds of the accurate time, but it does not provide the complex filtering and statistical mechanisms of NTP. In addition, SNTP does not authenticate traffic, although you can configure extended access lists to provide some protection.
Enter this command once for each NTP server.
You must configure the router with either this command or the sntp broadcast client global configuration command in order to enable SNTP.
SNTP time servers should operate only at the root (stratum 1) of the subnet, and then only in configurations where no other source of synchronization other than a reliable radio or modem time service is available. A stratum 2 server cannot be used as an SNTP time server. The use of SNTP rather than NTP in primary servers should be carefully considered.
Examples
The following example enables the router to request and accept NTP packets from the server at 172.21.118.9 and displays sample show sntp command output:
Router(config)# sntp server 172.21.118.9Router(config)# endRouter#%SYS-5-CONFIG: Configured from console by consoleRouter# show sntpSNTP server Stratum Version Last Receive172.21.118.9 5 3 00:01:02 SyncedRelated Commands
sntp source-interface
To use a particular source address in Simple Network Time Protocol (SNTP) packets, use the sntp source-interface command in global configuration mode. To remove the specified source address, use the no form of this command.
sntp source-interface type number
no sntp source-interface
Syntax Description
Command Default
The source address is determined by the outgoing interface.
Command Modes
Global configuration
Command History
Usage Guidelines
Use this command to specify a particular source IP address for all SNTP packets. The address is taken from the named interface. This command is useful if the address on an interface cannot be used as the destination for reply packets. The no form of the command only replaces the default; that is, the source address of the SNTP request sent is determined by the outgoing interface.
If this command is the last one issued and you then remove it, the SNTP process stops.
Examples
The following example shows how to configure a router to use the IP address of interface Ethernet 0 as the source address for all outgoing SNTP packets:
Router(config)# sntp source-interface ethernet 0The following example shows how to remove a configured SNTP option:
Router(config)# no sntp source-interfacespec-file install add-entry
To copy a spec file entry (SFE) from a remote location and add it to the local spec file, use the spec-file install add-entry command in privileged EXEC mode.
spec-file install [force] location:local-filename add-entry url:remote-filename command
Syntax Description
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
Use the spec-file install add-entry command to add an SFE to a spec file. A check is performed on the loaded SFE to ensure that the command is not already present in the spec file, and that the SFE can be parsed correctly in Extensible Markup Language (XML).
If the spec file does not exist, you will be prompted before the file is created. If the command SFE already exists in the spec file, you will be prompted before the command SFE is replaced. A backup copy of the local spec file is created before the remote SFE is added.
Examples
The following example adds the show arp command SFE from the remote show_arp.odm file at location "tftp://system1/user1" to the local file:
Router# spec-file install slot0:spec_file.odm add-entry tftp://system1/user1/show_arp.odm show arpUnless you add the force keyword to the command string, you will be prompted as follows:
create new spec file? [yes]:CLI exists, delete it? [yes]:Pressing the Enter key is the same as typing yes. Type no and press Enter to stop either process.
Related Commands
spec-file install built-in
To replace the current spec file with the built-in spec file, use the spec-file install built-in command in privileged EXEC mode.
spec-file install [force] location:local-filename built-in
Syntax Description
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
Use the spec-file install built-in command to replace the current spec file with the built-in spec file. You will be prompted before the current file is replaced and filename.bak will be created.
Examples
The following example shows how to start the process to replace the current spec file with the built-in spec file:
Router# spec-file install slot0:spec_file.odm built-inUnless you add the force keyword to the command string, you will be prompted as follows:
Replace existing file? [yes]:Press the Enter key to make a backup copy of the current file and then replace it with the built-in spec file. Type no and press Enter to stop the process.
Related Commands
spec-file install file
To replace a local spec file with a remote spec file, use the spec-file install file command in privileged EXEC mode.
spec-file install [force] location:local-filename file url:remote-filename
Syntax Description
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
Use the spec-file install file command to copy a remote spec file to a local spec file. A check of the loaded file is performed to ensure that each specified command is included only once, and that the spec file entry (SFE) can be parsed correctly in Extensible Markup Language (XML).
Examples
The following example shows how to copy a remote spec file on "tftp://system1/user1" to the local file:
Router# spec-file install slot0:spec_file.odm file tftp://system1/user1/spec_file.odmUnless you add the force keyword to the command string, you will be prompted as follows:
Replace existing file? [yes]:Press the Enter key to complete the command. Type no and press Enter to stop the process.
Related Commands
spec-file install remove-entry
To remove a spec file entry (SFE) from a spec file, use the spec-file install remove-entry command in privileged EXEC mode.
spec-file install [force] location:local-filename remove-entry command
Syntax Description
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
Use the spec-file install remove-entry command to remove a command SFE from a spec file. A check is performed to ensure that the command SFE is present in the spec file. If the spec file does not exist, this command fails. A backup copy of the spec file is created before the SFE is removed.
Examples
The following example shows how to remove the show arp command SFE from the remote show_arp.odm file to the local spec_file.odm file:
Router# spec-file install slot0:spec_file.odm remove-entry show arpRelated Commands
spec-file install restore
To restore a spec file to its previous contents using a backup file, use the spec-file install restore command in privileged EXEC mode.
spec-file install [force] location:local-filename restore
Syntax Description
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
Use the spec-file install restore command to revert a spec file to its original contents using a backup (.bak) file. If the .bak file does not exist, this command fails.
Examples
The following example shows how to restore the spec file using the backup file:
Router# spec-file install slot0:spec_file.odm restoreRelated Commands
startup (test boolean)
To specify whether an event can be triggered for the Boolean trigger test, use the startup command in event trigger boolean configuration mode. To disable the configured settings, use the no form of this command.
startup
no startup
Syntax Description
This command has no arguments or keywords.
Command Default
The startup event is enabled when the Boolean trigger test is enabled.
Command Modes
Event trigger boolean configuration (config-event-trigger-boolean)
Command History
Usage Guidelines
The startup command triggers an event when the conditions specified for the Boolean trigger test are met.
Examples
The following example shows how to specify startup for the Boolean trigger test:
Router(config)# snmp mib event trigger owner owner1 name EventARouter(config-event-trigger)# test booleanRouter(config-event-trigger-boolean)# startupRouter(config-event-trigger-boolean)#Related Commands
startup (test existence)
To specify whether an event can be triggered for the existence trigger test, use the startup command in event trigger existence configuration mode. To disable the configured settings, use the no form of this command.
startup {present | absent}
no startup {present | absent}
Syntax Description
present
Triggers the present startup test when the existence trigger conditions are met.
absent
Triggers the absent startup test when the existence trigger conditions are met.
Command Default
By default, both present and absent startup tests are triggered.
Command Modes
Event trigger existence configuration (config-event-trigger-existence)
Command History
Usage Guidelines
The startup command triggers an event when the conditions specified for the existence trigger test are met.
Examples
The following example shows how to specify startup for the existence trigger test:
Router(config)# snmp mib event trigger owner owner1 name EventARouter(config-event-trigger)# test existenceRouter(config-event-trigger-existence)# startupRouter(config-event-trigger-existence)#Related Commands
startup (test threshold)
To specify whether an event can be triggered for the threshold trigger test, use the startup command in the threshold test configuration mode. To disable the configured settings, use the no form of this command.
startup {rising | falling | rise-or-falling}
no startup
Syntax Description
Command Default
The rising or falling threshold value is checked against the set value during startup when the trigger type is threshold.
Command Modes
Event trigger threshold configuration mode (config-event-trigger-threshold)
Command History
Usage Guidelines
The startup command starts an event when the conditions for threshold trigger test are met.
Examples
The following example shows how to specify startup for the threshold trigger test:
Router(config)# snmp mib event trigger owner owner1 name EventARouter(config-event-trigger)# test thresholdRouter(config-event-trigger-threshold)# startup risingRouter(config-event-trigger-threshold)#Related Commands
stealth
To disable the Web Services Management Agent (WSMA) profile from sending Simple Object Access Protocol (SOAP) faults, use the stealth command in WSMA listener configuration mode or WSMA initiator configuration mode. To enable WSMA to send the SOAP faults, use the no form of this command.
stealth
no stealth
Syntax Description
This command has no arguments or keywords.
Command Default
Stealth is disabled; that is, SOAP faults are sent.
Command Modes
WSMA initiator configuration (config-wsma-init)
WSMA listener configuration (config-wsma-listen)
Command History
12.4(24)T
This command was introduced.
15.1(1)T
This command was modified. Support was added for the WSMA initiator configuration mode.
Usage Guidelines
Use this command from the WSMA listener configuration mode. To enter this mode, use the wsma profile listener command in global configuration mode.
Examples
The following example shows how to enable the stealth command to stop sending the SOAP faults:
Router(config)# wsma profile listener prof1Router(config-wsma-listen)# stealthRouter(config-wsma-listen)#Related Commands
system (ERM policy)
To configure system level resource owners (ROs), use the system command in Embedded Resource Manager (ERM) policy configuration mode.
system
Syntax Description
This command has no arguments or keywords.
Command Default
No system level ROs are configured.
Command Modes
ERM policy configuration
Command History
12.3(14)T
This command was introduced.
12.2(33)SRB
This command was integrated into Cisco IOS Release 12.2(33)SRB.
Examples
The following example shows how to configure system level ROs:
Router(config-erm-policy)# systemRelated Commands
tclquit
To quit the interactive Tool Command Language (Tcl) shell, use the tclquit command in privileged EXEC mode.
tclquit
Syntax Description
This command has no arguments or keywords.
Defaults
The Tcl shell is disabled.
Command Modes
Privileged EXEC (#)
Command History
Examples
The following example shows how to disable the interactive Tcl shell:
Router# tclshRouter(tcl)#Router(tcl)# tclquitRouter#Related Commands
tclsh
Enables the interactive Tcl shell.
tclsafe
Enables the interactive Tcl shell untrusted safe mode.
tclsafe
To enable the interactive Tool Command Language (Tcl) shell untrusted safe mode, use the tclsafe command in privileged EXEC mode. To exit from the safe mode, use the exit or the tclquit command.
tclsafe
exit | tclquit
Syntax Description
This command has no arguments or keywords.
Command Default
The Tcl shell untrusted safe mode is disabled.
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
Use the tclsafe command when you want to manually run Tcl commands from the Cisco IOS command-line interface (CLI) in untrusted safe mode. When you use the tclsafe command and enter the interactive Tcl shell safe mode, you can explore the safe mode Tcl commands that are available. When a script fails the signature check for a configured trustpoint name, it is determined to be untrusted. Untrusted Tcl scripts execute in limited safe mode, if scripting tcl trustpoint untrusted safe-execute command is configured. In order to get a better understanding of what is available in this limited safe mode, use the tclsafe Exec command to explore the options.
After Tcl commands are entered they are sent to a Tcl interpreter. If the commands are recognized as valid Tcl commands, the command is executed and the result is sent to the tty. If a command is not a recognized Tcl command, it is sent to the Cisco IOS CLI parser. If the command is not a Tcl or Cisco IOS command, two error messages are displayed.
A predefined Tcl script can be created outside of Cisco IOS software, transferred to flash or disk memory, and run within Cisco IOS software. It is also possible to create a Tcl script and precompile the code before running it under Cisco IOS software. To exit from this mode, use the exit or the tclquit command to disable the use of the Tcl shell and return to privileged EXEC mode.
You can also use the tclsafe command with a script name such as tclsafe disk0:hello.tcl. The script hello.tcl executes immediately and allows you to exit from the untrusted safe mode and return to privileged EXEC mode.
Examples
The following example shows how to enable the Tcl shell untrusted safe mode and run info commands:
Router# tclsafeRouter(safe)(tcl)# info commandsinfo commandstell socket subst open eof glob list pid time eval lrange tcl_trace fblocked lsearch gets case lappend proc break variable llength return linsert error catch clock info split array if fconfigure concat join lreplace source fcopy global switch update close cd for file append format read package set binary namespace scan seek while flush after vwait uplevel continue hostname foreach rename fileevent regexp upvar unset encoding expr load regsub interp history puts incr lindex lsort stringThe following example shows how to execute the script hello.tcl to exit from the untrusted safe mode and return to privileged EXEC mode.
Router# tclsafe disk0:hello.tclRelated Commands
tclsh
To enable the interactive Tool Command Language (Tcl) shell, use the tclsh command in privileged EXEC mode.
tclsh
Syntax Description
This command has no arguments or keywords.
Defaults
The Tcl shell is disabled.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
Use the tclsh command when you want to run Tcl commands from the Cisco IOS command-line interface (CLI). When the interactive Tcl shell is enabled and Tcl configuration mode is entered, Tcl commands can be entered line by line or a predefined Tcl script can be run. After Tcl commands are entered they are sent to a Tcl interpreter. If the commands are recognized as valid Tcl commands, the command is executed and the result is sent to the tty. If a command is not a recognized Tcl command, it is sent to the Cisco IOS CLI parser. If the command is not a Tcl or Cisco IOS command, two error messages will be displayed.
A predefined Tcl script can be created outside of Cisco IOS software, transferred to Flash or disk memory, and run within Cisco IOS software. It is also possible to create a Tcl script and precompile the code before running it under Cisco IOS.
Use the exit or the tclquit command to disable the use of the Tcl shell and return to privileged EXEC mode.
Examples
The following example shows how to enable the Tcl interactive shell:
Router# tclshRouter(tcl)#template (cns)
To specify a list of Cisco Networking Services (CNS) connect templates within a CNS connect profile to be applied to a router's configuration, use the template command in CNS connect configuration mode. To disable this CNS connect template, use the no form of this command.
template name [...name]
no template name [...name]
Syntax Description
Command Default
No CNS connect templates are specified.
Command Modes
CNS connect configuration
Command History
12.3(2)XF
This command was introduced.
12.3(8)T
This command was integrated into Cisco IOS Release 12.3(8)T.
12.3(9)
This command was integrated into Cisco IOS Release 12.3(9).
Usage Guidelines
First use the cns connect command to enter CNS connect configuration mode and define the parameters of a CNS connect profile for connecting to the CNS configuration engine. Then use the following CNS connect commands to create a CNS connect profile:
•
discover
•
A CNS connect profile specifies the discover commands and associated template commands that are to be applied to a router's configuration. The template command specifies the list of CNS connect templates that is to be applied to a router's configuration. The templates in the list are applied one at a time. That is, when the template command is processed, the first template in the list is applied to the router's configuration. The router then tries to ping the CNS configuration engine. If the ping fails, then the first template in the list is removed from the router's configuration and the second template in the list is applied and so on.
The configuration mode in which the CNS connect templates are applied is specified by the immediately preceding discover command. (If there are no preceding discover commands, the templates are applied in global configuration mode.) When multiple discover and template commands are configured in a CNS connect profile, they are processed in the order in which they are entered.
Examples
The following example shows how to create a CNS connect profile named profile-1:
Router(config)# cns connect profile-1Router(config-cns-conn)# discover interface SerialRouter(config-cns-conn)# template temp-A1 temp-A2Router(config-cns-conn)# template temp-B1 temp-B2Router(config-cns-conn)# exitRouter(config)#In this example, the following sequence of events occur for all serial interfaces when the cns connect profile-1 command is processed. Assume all ping attempts to the CNS configuration engine are unsuccessful.
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
Related Commands
terminal shell
To enable Cisco IOS Shell (IOS.sh) functions on the router use the terminal shell command in privileged EXEC mode. To disable Cisco IOS.sh functions, use the no form of this command.
terminal shell [trace]
terminal no shell
Syntax Description
Add trace if it is available [If the trace option is given, it will turn on the trace on the shell functions that prints the CLI as they are applied.]
Command Modes
Privileged EXEC (#)
Command History
15.1(4)M
This command was introduced.
15.1(2)S
This command was integrated into Cisco IOS Release 15.1(2)S.
Usage Guidelines
You can turn shell processing on the terminal by using the terminal shell command. However shell processing feature is only on while the terminal is running. Once the terminal is turned off, shell processing is off. When the terminal shell command is used, shell processing is not visible in the running configuration because it is only on the terminal level and is not in the configuration level. It is convenient to use the terminal shell command at the terminal level to quickly access the Cisco IOS.sh man commands. To enable shell processing in the configuration, it is recommended that you use the shell processing full command.
Examples
The following examples shows how to enable Cisco IOS.sh functions on the router and enable the trace feature:
Router# terminal shellRouter# terminal shellRouter# terminal shell traceThe following examples shows how to disable Cisco IOS.sh functions on the router:
Router# terminal no shell
shell processing full
Enables Cisco IOS.sh processing on the router in global configuration mode.
test (event trigger)
To specify the type of test to perform during an event trigger, use the test command in event trigger configuration mode. To disable the trigger test configuration settings, use the no form of this command.
test {existence | boolean | threshold}
no test {existence | boolean | threshold}
Syntax Description
Command Default
The Boolean trigger test is enabled by default.
Command Modes
Event trigger configuration (config-event-trigger)
Command History
12.4(20)T
This command was introduced.
12.2(33)SRE
This command was integrated into Cisco IOS Release 12.2(33)SRE.
Usage Guidelines
The trigger table in the Event MIB has supplementary tables for additional objects that are configured based on the type of test performed for the trigger. For each trigger entry type such as existence, threshold, or Boolean, the corresponding tables (existence, threshold, and Boolean tables) are populated with the information required to perform the test. You can set event triggers based on existence, threshold, and Boolean trigger types.
The existence trigger tests are performed based on the following parameters:
•
•
•
The Boolean tests are comparison tests that are performed based on one of the following parameters:
•
•
•
•
•
•
The threshold tests are performed based on the following parameters:
•
•
•
Examples
The following example shows how to enable the existence trigger test:
Router(config)# snmp mib event trigger owner owner1 name triggerARouter(config-event-trigger)# test existenceRouter(config-event-trigger-existence)#
The following example shows how to enable the Boolean trigger test:
Router(config)# snmp mib event trigger owner owner1 name EventARouter(config-event-trigger)# test booleanRouter(config-event-trigger-boolean)#The following example shows how to enable the threshold trigger test:
Router(config)# snmp mib event trigger owner owner1 name triggerARouter(config-event-trigger)# test thresholdRouter(config-event-trigger-threshold)#Related Commands
test snmp trap auth-framwork sec-violation
To test CISCO-AUTH-FRAMEWORK-MIB Simple Network Management Protocol (SNMP) notifications (traps and informs), use the test snmp trap auth-framwork sec-violation command in priveleged EXEC mode.
test snmp trap auth-framwork sec-violation
Syntax Description
This command has no keywords or arguments.
Command Default
This command has no default setting.
Command Modes
Privileged EXEC mode
Command History
Examples
This example shows the output of the SNMP camSecurityViolationNotif trap when it is not configured:
Router# test snmp trap auth-framework sec-violationcafSecurityViolationNotif was disabled.Router#This example shows the output of the SNMP camSecurityViolationNotif trap when it is configured:
Router# test snmp trap auth-framework sec-violationcafSecurityViolationNotif was sent.Router#test snmp trap bridge
To test BRIDGE-MIB Simple Network Management Protocol (SNMP) notifications (traps and informs), use the test snmp trap bridge command in priveleged EXEC mode.
test snmp trap bridge {newroot | topologychange}
Syntax Description
Command Default
This command has no default setting.
Command Modes
Privileged EXEC (#)
Command History
12.2(33)SXI
This command was introduced on the Supervisor Engine 720 and Supervisor Engine 32.
Examples
This example shows the output of test snmp trap bridge newroot when snmp-server enable traps bridge newroot is not configured:
Router# test snmp trap bridge newrootnewRoot notification is disabled.Router#This example shows the output of test snmp trap bridge newroot when snmp-server enable traps bridge newroot is configured:
Router# test snmp trap bridge newrootnewRoot notification was sent.Router#Related Commands
test snmp trap c6kxbar
To test CISCO-CAT6K-CROSSBAR-MIB Simple Network Management Protocol (SNMP) notifications (traps and informs), use the test snmp trap c6kxbar command in priveleged EXEC mode.
test snmp trap c6kxbar {flowctrl-bus | intbus-crccvrd | intbus-crcexcd | swbus | tm-channel-above | tm-channel-below | tm-swbus-above | tm-swbus-below}
Syntax Description
Command Default
This command has no default setting.
Command Modes
Privileged EXEC (#)
Command History
12.2(33)SXI
This command was introduced on the Supervisor Engine 720.
12.2(33)SXI5
Added tm-channel-above, tm-channel-below and tm-swbus-above, tm-channel-below keywords.
Usage Guidelines
The flowctrl-bus keyword is supported on the Supervisor Engine 32 only.
The tm-channel-above and tm-channel-below keywords are not supported on Supervisor Engine 32.
Examples
This example shows the output of the SNMP cc6kxbarFlowCtrlBusThrExcdNotif notification when it is not configured:
Router# test snmp trap c6kxbar flowctrl-buscc6kxbarFlowCtrlBusThrExcdNotif notification is disabled.Router#This example shows the output of the SNMP cc6kxbarFlowCtrlBusThrExcdNotif notification when it is configured:
Router# test snmp trap c6kxbar flowctrl-buscc6kxbarFlowCtrlBusThrExcdNotif notification was sent.Router#This example shows the output of the SNMP cc6kxbarIntBusCRCErrExcdNotif notification when it is not configured:
Router# test snmp trap c6kxbar intbus-crcexcdcc6kxbarIntBusCRCErrExcdNotif notification is disabled.Router#This example shows the output of the SNMP cc6kxbarIntBusCRCErrExcdNotif notification when it is configured:
Router# test snmp trap c6kxbar intbus-crcexcdcc6kxbarIntBusCRCErrExcdNotif notification was sent.Router#This example shows the output of the SNMP cc6kxbarIntBusCRCErrRcvrdNotif notification when it is not configured:
Router# test snmp trap c6kxbar intbus-crcvrdcc6kxbarIntBusCRCErrExcdNotif notification is disabled.Router#This example shows the output of the SNMP cc6kxbarIntBusCRCErrRcvrdNotif notification when it is configured:
Router# test snmp trap c6kxbar intbus-crcvrdcc6kxbarIntBusCRCErrExcdNotif notification was sent.Router#This example shows the output of the SNMP cc6kxbarSwBusStatusChangeNotif notification when it is not configured:
Router# test snmp trap c6kxbar swbuscc6kxbarSwBusStatusChangeNotif notification is disabled.Router#This example shows the output of the SNMP cc6kxbarSwBusStatusChangeNotif notification when it is configured:
Router# test snmp trap c6kxbar swbuscc6kxbarSwBusStatusChangeNotif notification was sent.Router#This example shows the output of the SNMP cc6kxbarTMChUtilAboveNotif notification when it is not configured:
Router# test snmp trap c6kxbar tm-channel-abovecc6kxbarTMChUtilAboveNotif notification is disabled.Router#This example shows the output of the SNMP cc6kxbarTMChUtilAboveNotif notification when it is configured:
Router# test snmp trap c6kxbar tm-channel-abovecc6kxbarTMChUtilAboveNotif notification was sent.Router#This example shows the output of the SNMP cc6kxbarTMChUtilBelowNotif notification when it is not configured:
Router# test snmp trap c6kxbar tm-channel-belowcc6kxbarTMChUtilBelowNotif notification is disabled.Router#This example shows the output of the SNMP cc6kxbarTMChUtilBelowNotif notification when it is configured:
Router# test snmp trap c6kxbar tm-channel-belowcc6kxbarTMChUtilBelowNotif notification was sent.Router#This example shows the output of the SNMP cc6kxbarTMSwBusUtilAboveNotif notification when it is not configured:
Router# test snmp trap c6kxbar tm-swbus-abovecc6kxbarTMSwBusUtilAboveNotif notification is disabled.Router#This example shows the output of the SNMP cc6kxbarTMSwBusUtilAboveNotif notification when it is configured:
Router# test snmp trap c6kxbar tm-swbus-abovecc6kxbarTMSwBusUtilAboveNotif notification was sent.Router#This example shows the output of the SNMP cc6kxbarTMSwBusUtilBelowNotif notification when it is not configured:
Router# test snmp trap c6kxbar tm-swbus-belowcc6kxbarTMSwBusUtilBelowNotif notification is disabled.Router#This example shows the output of the SNMP cc6kxbarTMSwBusUtilBelowNotif notification when it is configured:
Router# test snmp trap c6kxbar tm-swbus-belowcc6kxbarTMSwBusUtilBelowNotif notification was sent.Router#Related Commands
test snmp trap call-home
To test CISCO-CALLHOME-MIB Simple Network Management Protocol (SNMP) notifications (traps and informs), use the test snmp trap call-home command in priveleged EXEC mode.
test snmp trap call-home {message-send-fail | server-fail}
Syntax Description
message-send-fail
Tests SNMP ccmSmtpMsgSendFailNotif notifications.
server-fail
Tests SNMP ccmSmtpServerFailNotif notifications.
Command Default
This command has no default setting.
Command Modes
Privileged EXEC (#)
Command History
Examples
This example shows the output of the SNMP ccmSmtpMsgSendFailNotif notification when it is not configured:
Router# test snmp trap call-home message-send-failccmSmtpMsgSendFailNotif notification is disabled.Router#This example shows the output of the SNMP ccmSmtpMsgSendFailNotif notification when it is configured:
Router# test snmp trap call-home message-send-failccmSmtpMsgSendFailNotif notification was sent.Router#This example shows the output of the SNMP ccmSmtpServerFailNotif notification when it is not configured:
Router# test snmp trap call-home server-failccmSmtpServerFailNotif notification is disabled.Router#This example shows the output of the SNMP ccmSmtpServerFailNotif notification when it is configured:
Router# test snmp trap call-home server-failccmSmtpServerFailNotif notification was sent.Router#test snmp trap config-copy
To verify the reception of config-copy notifications by the Network Management System (NMS) or the Simple Network Management Protocol (SNMP) manager in a simulated scenario, use the test snmp trap config-copy command in privileged EXEC mode.
test snmp trap config-copy
Syntax Description
This command has no arguments or keywords.
Command Modes
Privileged EXEC (#)
Command History
12.2(33)SXI
This command was introduced.
12.2(33)SRE
This command was integrated into Cisco IOS Release 12.2(33)SRE.
Usage Guidelines
The Config-Copy MIB facilitates the copying of SNMP agent configuration files to the startup configuration or the local Cisco IOS file system, and vice versa. The config-copy notifications are sent to the NMS or the SNMP manager to indicate the successful completion of config-copy operation to or from the SNMP agent.
Examples
The following example shows how to simulate the verification of config-copy traps:
Router# test snmp trap config-copyGenerating CONFIG-COPY-MIB trap00:20:44: SNMP: Queuing packet to 10.2.14.200:20:44: SNMP: V2 Trap, reqid 2, errstat 0, erridx 0sysUpTime.0 = 124470snmpTrapOID.0 = ccCopyMIBTraps.1ccCopyTable.1.5.2 = 10.10.10.10ccCopyTable.1.6.2 =ccCopyTable.1.10.2 = 3ccCopyTable.1.11.2 = 124470ccCopyTable.1.12.2 = 124470Router#Related Commands
test snmp trap dhcp bindings
To test the cdsBindingsNotification trap, use the test snmp trap dhcp bindings EXEC command.
test snmp trap dhcp bindings
Syntax Description
This command has no keywords or arguments.
Defaults
This command has no default settings.
Command Modes
Privileged EXEC (#)
Command History
12.2(33)SXI
Support for this command was introduced on the Catalyst 6500 series switch.
Examples
This example shows how to test the cdsBindingsNotification traps:
Router# test snmp trap dhcp bindingscdsBindingsNotification notification is disabled.test snmp trap dhcp-snooping bindings
To test the cdsBindingsNotification trap, use the test snmp trap dhcp-snooping bindings privileged EXEC command.
test snmp trap dhcp-snooping bindings
Syntax Description
This command has no keywords or arguments.
Defaults
This command has no default settings.
Command Modes
Privileged EXEC (#)
Command History
12.2(33)SXI4
Support for this command was introduced on the Catalyst 6500 series.
Examples
This example shows how to test the cdsBindingsNotification trap:
Router# test snmp trap dhcp-snooping bindingscdsBindingsNotification notification is disabled.test snmp trap dot1x
To test CISCO-PAE-MIB Simple Network Management Protocol (SNMP) notifications (traps and informs), use the test snmp trap dot1x command in priveleged EXEC mode.
test snmp trap dot1x {auth-fail-vlan | guest-vlan | no-auth-fail-vlan | no-guest-vlan}
Syntax Description
Command Default
This command has no default setting.
Command Modes
Privileged EXEC (#)
Command History
Examples
This example shows the output of the SNMP cpaeAuthFailVlanNotif notification when it is not configured:
Router# test snmp trap dot1x auth-fail-vlancpaeAuthFailVlanNotif notification was disabled.Router#This example shows the output of the SNMP cpaeAuthFailVlanNotif notification when it is configured:
Router# test snmp trap dot1x auth-fail-vlancpaeAuthFailVlanNotif notification was sent.Router#test snmp trap entity-diag
To test CISCO-ENTITY-DIAG-MIB Simple Network Management Protocol (SNMP) notifications (traps and informs), use the test snmp trap c6kxbar command in privileged EXEC mode.
test snmp trap entity-diag {boot-up-fail | hm-test-recover | hm-thresh-reached | scheduled-test-fail}
Syntax Description
Command Default
This command has no default setting.
Command Modes
Privileged EXEC (#)
Command History
Examples
This example shows the output of the SNMP ceDiagBootupFailedNotif notification when it is not configured:
Router# test snmp trap entity-diag boot-up-failceDiagBootupFailedNotif notification is disabled.Router#This example shows the output of the SNMP ceDiagBootupFailedNotif notification when it is configured:
Router# test snmp trap entity-diag boot-up-failceDiagBootupFailedNotif notification was sent.Router#This example shows the output of the SNMP ceDiagHMTestRecoverNotif notification when it is not configured:
Router# test snmp trap dot1x hm-test-recoverceDiagHMTestRecoverNotif notification is disabled.Router#This example shows the output of the SNMP ceDiagHMTestRecoverNotif notification when it is configured:
Router# test snmp trap dot1x hm-test-recoverceDiagHMTestRecoverNotif notification was sent.Router#This example shows the output of the SNMP ceDiagHMThresholdReachedNotif notification when it is not configured:
Router# test snmp trap entity-diag hm-thresh-reachedceDiagHMThresholdReachedNotif notification is disabled.Router#This example shows the output of the SNMP ceDiagHMThresholdReachedNotif notification when it is configured:
Router# test snmp trap entity-diag hm-thresh-reachedceDiagHMThresholdReachedNotif notification was sent.Router#This example shows the output of the SNMP ceDiagScheduledTestFailedNotif notification when it is not configured:
Router# test snmp trap entity-diag scheduled-test-failceDiagHMThresholdReachedNotif notification is disabled.Router#This example shows the output of the SNMP ceDiagScheduledTestFailedNotif notification when it is configured:
Router# test snmp trap entity-diag scheduled-test-failceDiagHMThresholdReachedNotif notification was sent.Router#test snmp trap errdisable ifevent
To test CISCO-ERR-DISABLE-MIB cErrDisableInterfaceEventRev1 Simple Network Management Protocol (SNMP) traps and informs, use the test snmp trap errdisable ifevent command in priveleged EXEC mode.
test snmp trap errdisable ifevent
Syntax Description
This command has no keywords or arguments.
Command Default
This command has no default settings.
Command Modes
Privileged EXEC (#)
Command History
12.2(33)SXI4
This command was introduced on the Supervisor Engine 720 and Supervisor Engine 32.
Examples
This example shows the output of test snmp trap errdisable ifevent when snmp-server enable traps errdisable is not configured:
Router# test snmp trap errdisable ifeventcErrDisableInterfaceEventRev1 notification is disabled.Router#This example shows the output of test snmp trap errdisable ifevent when snmp-server enable traps errdisable is configured:
Router# test snmp trap errdisable ifeventcErrDisableInterfaceEventRev1 notification was sent.Router#Related Commands
test snmp trap flex-links status
To test CISCO-FLEX-LINKS-MIB cflIfStatusChangeNotif traps Simple Network Management Protocol (SNMP) traps and informs, use the test snmp trap flex-links status command in priveleged EXEC mode.
test snmp trap flex-links status
Syntax Description
This command has no keywords or arguments.
Command Default
This command has no default settings.
Command Modes
Privileged EXEC (#)
Command History
12.2(33)SXI
This command was introduced on the Supervisor Engine 720 and Supervisor Engine 32.
Examples
This example shows the output of the SNMP cflIfStatusChangeNotif trap when it is not configured:
Router# test snmp trap flex-links statuscflIfStatusChangeNotifnotification is disabled.Router#This example shows the output of the SNMP cflIfStatusChangeNotif trap when it is configured:
Router# test snmp trap flex-links statuscflIfStatusChangeNotif notification was sent.Router#test snmp trap fru-ctrl
To test CISCO-ENTITY-FRU-CONTROL-MIB traps Simple Network Management Protocol (SNMP) traps and informs, use the test snmp trap fru-ctrl command in privileged EXEC mode.
test snmp trap fru-ctrl {insert | module-status | power-status | ps-out-change | remove}
Syntax Description
Command Default
This command has no default settings.
Command Modes
Privileged EXEC (#)
Command History
12.2(33)SXI
This command was introduced on the Supervisor Engine 720 and Supervisor Engine 32.
Examples
This example shows the output of the test SNMP cefcFRUInserted trap when it is not configured:
Router# test snmp trap fru-ctrl insertcefcFRUInserted notification is disabled.Router#This example shows the output of the SNMP cefcFRUInserted trap when it is configured:
Router# test snmp trap fru-ctrl insertcefcFRUInserted notification was sent.Router#test snmp trap l2-control vlan
To test CISCO-ENTITY-FRU-CONTROL-MIB clcVLANMacLimitNotif traps Simple Network Management Protocol (SNMP) traps and informs, use the test snmp trap l2-control vlan command in privileged EXEC mode.
test snmp trap l2-control vlan
Syntax Description
This command has no keywords or arguments.
Command Default
This command has no default settings.
Command Modes
Privileged EXEC (#)
Command History
12.2(33)SXI
This command was introduced on the Supervisor Engine 720 and Supervisor Engine 32.
Examples
This example shows the output of the clcVLANMacLimitNotif trap when it is not configured:
Router# test snmp trap l2-control vlanclcVLANMacLimitNotif notification is disabled.Router#This example shows the output of the SNMP clcVLANMacLimitNotif trap when it is configured:
Router# test snmp trap l2-control vlanclcVLANMacLimitNotif notification was sent.Router#test snmp trap l2tc
To test CISCO-L2-TUNNEL-CONFIG-MIB traps Simple Network Management Protocol (SNMP) traps and informs, use the test snmp trap l2tc command in privileged EXEC mode.
test snmp trap l2tc {drop | shutdown | sys-threshold}
Syntax Description
Command Default
This command has no default settings.
Command Modes
Privileged EXEC (#)
Command History
12.2(33)SXI
This command was introduced on the Supervisor Engine 720 and Supervisor Engine 32.
Examples
This example shows the output of the cltcTunnelDropThresholdExceeded trap when it is not configured:
Router# test snmp trap l2tc dropcltcTunnelDropThresholdExceeded notification is disabled.Router#This example shows the output of the SNMP cltcTunnelDropThresholdExceeded trap when it is configured:
Router# test snmp trap l2tc dropcltcTunnelDropThresholdExceeded notification was sent.Router#test snmp trap mac-notification
To test CISCO-MAC-NOTIFICATION-MIB traps Simple Network Management Protocol (SNMP) traps and informs, use the test snmp trap mac-notification command in privileged EXEC mode.
test snmp trap mac-notification {change | move | threshold}
Syntax Description
change
Tests SNMP cmnMacChangeNotification notifications.
move
Tests SNMP cmnMacMoveNotification notifications.
threshold
Tests SNMP cmnMacThresholdExceedNotif notifications.
Command Default
This command has no default settings.
Command Modes
Privileged EXEC (#)
Command History
12.2(33)SXI
This command was introduced on the Supervisor Engine 720 and Supervisor Engine 32.
Examples
This example shows the output of the SNMP cmnMacChangeNotification trap when it is not configured:
Router# test snmp trap mac-notification changecmnMacChangeNotification notification is disabled.Router#This example shows the output of the SNMP cmnMacChangeNotification trap when it is configured:
Router# test snmp trap mac-notification changecmnMacChangeNotification notification was sent.Router#test snmp trap module-auto-shutdown
To test CISCO-MODULE-AUTO-SHUTDOWN-MIB traps Simple Network Management Protocol (SNMP) traps and informs, use the test snmp trap module-auto-shutdown command in privileged EXEC mode.
test snmp trap module-auto-shutdown {auto-shutdown | sys-action}
Syntax Description
auto-shutdown
Tests SNMP cmasModuleAutoShutdown notifications.
sys-action
Tests SNMP cmasModuleSysActionNotif notifications.
Command Default
This command has no default settings.
Command Modes
Privileged EXEC (#)
Command History
12.2(33)SXI
This command was introduced on the Supervisor Engine 720 and Supervisor Engine 32.
Examples
This example shows the output of the SNMP cmasModuleAutoShutdown trap when it is not configured:
Router# test snmp trap module-auto-shutdown auto-shutdowncmasModuleAutoShutdown notification is disabled.Router#This example shows the output of the SNMP cmasModuleAutoShutdown trap when it is configured:
Router# test snmp trap module-auto-shutdown auto-shutdowncmasModuleAutoShutdown notification is sent.Router#test snmp trap port-security
To test CISCO-PORT-SECURITY-MIB traps Simple Network Management Protocol (SNMP) traps and informs, use the test snmp trap port-security command in privileged EXEC mode.
test snmp trap port-security {ifvlan-mac | mac}
Syntax Description
ifvlan-mac
Tests SNMP cpsIfVlanSecureMacAddrViolation notifications.
mac
Tests SNMP cpsSecureMacAddrViolation notifications.
Command Default
This command has no default settings.
Command Modes
Privileged EXEC (#)
Command History
12.2(33)SXI
This command was introduced on the Supervisor Engine 720 and Supervisor Engine 32.
Examples
This example shows the output of the SNMP cpsIfVlanSecureMacAddrViolation trap when it is not configured:
Router# test snmp trap port-security ifvlan-maccpsIfVlanSecureMacAddrViolation notification is disabled.Router#This example shows the output of the SNMP cpsIfVlanSecureMacAddrViolation trap when it is configured:
Router# test snmp trap port-security ifvlan-maccpsIfVlanSecureMacAddrViolation notification was sent.Router#test snmp trap power-ethernet port-on-off
To test POWER-ETHERNET-MIB traps Simple Network Management Protocol (SNMP) traps and informs, use the test snmp trap power-ethernet command in privieleged EXEC mode.
test snmp trap power-ethernet port-on-off
Syntax Description
This command has no keywords or arguments.
Command Default
This command has no default settings.
Command Modes
Privileged EXEC (#)
Command History
12.2(33)SXI
This command was introduced on the Supervisor Engine 720 and Supervisor Engine 32.
Examples
This example shows the output of the SNMP pethPsePortOnOffNotification trap when it is not configured:
Router# test snmp trap power-ethernet port-on-offpethPsePortOnOffNotification notification is disabled.Router#This example shows the output of the SNMP pethPsePortOnOffNotification trap when it is configured:
Router# test snmp trap power-ethernet port-on-offpethPsePortOnOffNotification notification was sent.Router#test snmp trap snmp
To verify the reception of Simple Network Management Protocol (SNMP) notifications by the Network Management System (NMS) or the SNMP manager in a simulated scenario, use the test snmp trap snmp command in privileged EXEC mode.
test snmp trap snmp {authentication | coldstart | linkup | linkdown | warmstart}
Syntax Description
Command Modes
Privileged EXEC (#)
Command History
12.2(33)SXI
This command was introduced.
12.2(33)SRE
This command was integrated into Cisco IOS Release 12.2(33)SRE.
Usage Guidelines
SNMP traps or notifications provide information about improper user authentication, restarts, closing of a connection, loss of connection to a neighbor router, or other significant events to the NMS.
Before testing the SNMP traps, configure the SNMP manager for the device and enable SNMP traps.
Examples
The following example shows how to simulate the verification of the authentication failure trap:
Router# test snmp trap snmp authenticationGenerating Authentication failure trapSep 12 08:37:49.935: SNMP: Queuing packet to 10.4.9.2Sep 12 08:37:49.935: SNMP: V1 Trap, ent snmpTraps, addr 192.168.0.1, gentrap 4lsystem.5.0 = 10.10.10.10ciscoMgmt.412.1.1.1.0 = 1ciscoMgmt.412.1.1.2.0 = 10.10.10.10Sep 12 08:38:55.995: SNMP: Packet sent via UDP to 10.4.9.2Sep 12 08:38:56.263: SNMP: Packet sent via UDP to 10.4.9.2Related Commands
test snmp trap stack
To test CISCO-STACK-MIB traps Simple Network Management Protocol (SNMP) traps and informs, use the test snmp trap stack command in privileged EXEC mode.
test snmp trap stack {chassis-off | chassis-on | module-down | module-up}
Syntax Description
chassis-off
Test SNMP chassisAlarmOff notifications.
chassis-on
Tests SNMP chassisAlarmOn notifications.
module-down
Tests SNMP moduleDown notifications.
module-up
Tests SNMP moduleUp notifications.
Command Default
This command has no default settings.
Command Modes
Privileged EXEC (#)
Command History
12.2(33)SXI
This command was introduced on the Supervisor Engine 720 and Supervisor Engine 32.
Examples
This example shows the output of the SNMP chassisAlarmOff trap when it is not configured:
Router# test snmp trap stack chassis-offchassisAlarmOff notification is disabled.Router#This example shows the output of the SNMP chassisAlarmOff trap when it is configured:
Router# test snmp trap stack chassis-offchassisAlarmOff notification was sent.Router#test snmp trap storm-control
To test the Simple Network Management Protocol (SNMP) CISCO-PORT-STORM-CONTROL-MIB traps, use the test snmp trap storm-control command in privileged EXEC mode.
test snmp trap strom-control {event-rev1}
Syntax Description
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
SNMP traps or notifications provide information about storm-control events.
Examples
The following example shows how to test the SNMP CISCO-PORT-STORM-CONTROL-MIB trap:
Router# test snmp trap storm-control event-rev1cpscEventRev1 notification was sent.Router#Related Commands
snmp-server enable traps storm-control
Enables SNMP storm-control trap notifications.
snmp-server host
Specifies the recipient of an SNMP notification operation.
test snmp trap stpx
To test CISCO-STP-EXTENSIONS-MIB traps Simple Network Management Protocol (SNMP) traps and informs, use the test snmp trap stpx command in privileged EXEC mode.
test snmp trap stpx {inconsistency | loop-inconsistency | root-inconsistency}
Syntax Description
Command Default
This command has no default settings.
Command Modes
Privileged EXEC (#)
Command History
12.2(33)SXI
This command was introduced on the Supervisor Engine 720 and Supervisor Engine 32.
Examples
This example shows the output of the SNMP stpxInconsistencyUpdate trap when it is not configured:
Router# test snmp trap stpx inconsistencystpxInconsistencyUpdate notification is disabled.Router#This example shows the output of the SNMP stpxInconsistencyUpdate trap when it is configured:
Router# test snmp trap stpx inconsistencystpxInconsistencyUpdate notification was sent.Router#test snmp trap syslog
To verify the reception of the system logging message Simple Network Management Protocol (SNMP) notifications by the SNMP manager in a simulated scenario, use the test snmp trap syslog command in privileged EXEC mode.
test snmp trap syslog
Syntax Description
This command has no arguments or keywords.
Command Modes
Privileged EXEC (#)
Command History
12.2(33)SXI
This command was introduced.
12.2(33)SRE
This command was integrated into Cisco IOS Release 12.2(33)SRE.
Usage Guidelines
System logging messages are status notification messages that are generated by the routing device during operation. These messages are typically logged to a destination such as the terminal screen, or to a remote syslog host.
Examples
The following example shows how to replicate a syslog trap and its reception by the NMS:
Router# test snmp trap syslogGenerating SYSLOG-MIB Trap00:07:25: SNMP: Queuing packet to 10.4.9.200:07:25: SNMP: V1 Trap, ent ciscoSyslogMIB.2, addr 192.16.12.8, gentrap 6, spectraclogHistoryEntry.2.1 = TESTclogHistoryEntry.3.1 = 5clogHistoryEntry.4.1 = 1.3.6.1.4.1.9.9.10.1clogHistoryEntry.5.1 = Syslog test trapclogHistoryEntry.6.1 = 4459600:07:25: SNMP: Queuing packet to 10.4.9.200:07:25: SNMP: V2 Trap, reqid 4, errstat 0, erridx 0sysUpTime.0 = 44596snmpTrapOID.0 = ciscoSyslogMIB.2.0.1clogHistoryEntry.2.1 = TESTclogHistoryEntry.3.1 = 5clogHistoryEntry.4.1 = 1.3.6.1.4.1.9.9.10.1clogHistoryEntry.5.1 = Syslog test trapclogHistoryEntry.6.1 = 44596Related Commands
test snmp trap udld
To test CISCO-UDLDP-MIB Simple Network Management Protocol (SNMP) notifications (traps and informs), use the test snmp trap udld command in privileged EXEC mode.
test snmp trap udld {link-fail-rpt | status-change}
Syntax Description
link-fail-rpt
Tests SNMP cudldpFastHelloLinkFailRptNotification notifications.
status-change
Tests SNMP cudldFastHelloStatusChangeNotification notifications.
Command Default
This command has no default setting.
Command Modes
Privileged EXEC (#)
Command History
12.2(33)SXI4
This command was introduced on the Supervisor Engine 720 and Supervisor Engine 32.
Examples
This example shows the output of the SNMP cudldpFastHelloLinkFailRptNotification notification when it is not configured:
Router# test snmp trap udld link-fail-rptcudldpFastHelloLinkFailRptNotification notification is disabled.Router#This example shows the output of the SNMP cudldpFastHelloLinkFailRptNotification notification when it is configured:
Router# test snmp trap udld link-fail-rptcudldpFastHelloLinkFailRptNotification notification was sent.Router#test snmp trap vswitch vsl
To test CISCO-VIRTUAL-SWITCH-MIB Simple Network Management Protocol (SNMP) notifications (traps and informs), use the test snmp trap vswitch vsl command in privileged EXEC mode.
test snmp trap vswitch vsl
Syntax Description
This command has no keywords or arguments.
Command Default
This command has no default setting.
Command Modes
Privileged EXEC (#)
Command History
Examples
This example shows the output of the SNMP cvsVSLConnectionChangeNotif notification when it is not configured:
Router# test snmp trap vswitch vslcvsVSLConnectionChangeNotif notification is disabled.Router#This example shows the output of the SNMP cvsVSLConnectionChangeNotif notification when it is configured:
Router# test snmp trap vswitch vslcvsVSLConnectionChangeNotif notification was sent.Router#test snmp trap vtp
To test CISCO-VTP-MIB traps Simple Network Management Protocol (SNMP) traps and informs, use the test snmp trap vtp command in privileged EXEC mode.
test snmp trap vtp {digest-error | mode-change | port-status | pruning-change | rev-error | server-disable | v1-detected | version-change | vlan-create | vlan-delete}
Syntax Description
Command Default
This command has no default settings.
Command Modes
Privileged EXEC (#)
Command History
12.2(33)SXI
This command was introduced on the Supervisor Engine 720 and Supervisor Engine 32.
Examples
This example shows the output of the SNMP vtpConfigDigestError trap when it is not configured:
Router# test snmp trap vtp digest-errorvtpConfigDigestError notification is disabled.Router#This example shows the output of the SNMP vtpConfigDigestError trap when it is configured:
Router# test snmp trap vtp digest-errorvtpConfigDigestError notification was sent.Router#test snmp trap vtp pruning-change
To test the vtpPruningStateOperChange trap, use the test snmp trap vtp pruning-change EXEC command.
test snmp trap vtp pruning-change
Syntax Description
This command has no keywords or arguments.
Defaults
This command has no default settings.
Command Modes
EXEC mode
Command History
12.2(33)SXI4
Support for this command was introduced on the Catalyst 6500 series.
Examples
This example shows that testing the vtpPruningStateOperChange cannot occur without first enabling SNMP VTP traps:
Router# test snmp trap vtp pruning-changevtpPruningStateOperChange notification is disabled.This example shows how to test the vtpPruningStateOperChange:
Router# test snmp trap vtp pruning-changevtpPruningStateOperChange notification is sent.Related Commands
time-period
To set the time increment for automatically saving an archive file of the current running configuration in the Cisco IOS configuration archive, use the time-period command in archive configuration mode. To disable this function, use the no form of this command.
time-period minutes
no time-period minutes
Syntax Description
minutes
Specifies how often, in minutes, to automatically save an archive file of the current running configuration in the Cisco IOS configuration archive.
Command Default
By default, no time increment is set.
Command Modes
Archive configuration
Command History
Usage Guidelines
Note
If this command is configured, an archive file of the current running configuration is automatically saved after the given time specified by the minutes argument. Archive files continue to be automatically saved at this given time increment until this function is disabled. Use the maximum command to set the maximum number of archive files of the running configuration to be saved.
Note
Examples
In the following example, a value of 20 minutes is set as the time increment for which to automatically save an archive file of the current running configuration in the Cisco IOS configuration archive:
Router# configure terminal!Router(config)# archiveRouter(config-archive)# path disk0:myconfigRouter(config-archive)# time-period 20Router(config-archive)# endRelated Commands
time-range
To enable time-range configuration mode and define time ranges for functions (such as extended access lists), use the time-range command in global configuration or webvpn context configuration mode. To remove the time limitation, use the no form of this command.
time-range time-range-name
no time-range time-range-name
Syntax Description
time-range-name
Desired name for the time range. The name cannot contain either a space or quotation mark, and it must begin with a letter.
Command Default
None
Command Modes
Global configuration
Webvpn context configurationCommand History
Usage Guidelines
The time-range entries are identified by a name, which is referred to by one or more other configuration commands. Multiple time ranges can occur in a single access list or other feature.
Note
After the time-range command, use the periodic time-range configuration command, the absolute time-range configuration command, or some combination of them to define when the feature is in effect. Multiple periodic commands are allowed in a time range; only one absolute command is allowed.
Tip
Examples
The following example denies HTTP traffic on Monday through Friday from 8:00 a.m. to 6:00 p.m. The example allows UDP traffic on Saturday and Sunday from noon to midnight only.
time-range no-httpperiodic weekdays 8:00 to 18:00!time-range udp-yesperiodic weekend 12:00 to 24:00!ip access-list extended strictdeny tcp any any eq http time-range no-httppermit udp any any time-range udp-yes!interface ethernet 0ip access-group strict inRelated Commands
track stub-object
To create a stub object that can be tracked by Embedded Event Manager (EEM) and to enter tracking configuration mode, use the track stub-object command in global configuration mode. To remove the stub object, use the no form of this command.
track object-number stub-object
no track object-number stub-object
Syntax Description
Command Default
No stub objects are created.
Command Modes
Global configuration (config)
Command History
Usage Guidelines
Use the track stub-object command to create a stub object, which is an object that can be tracked and manipulated by an external process, EEM. After the stub object is created, the default-state command can be used to set the default state of the stub object.
EEM is a distributed, scalable, and customized approach to event detection and recovery offered directly in a Cisco IOS device. EEM offers the ability to monitor events and take informational or corrective action when the monitored events occur or when a threshold is reached. An EEM policy is an entity that defines an event and the actions to be taken when that event occurs.
As of Cisco IOS Release 15.1(3)T, a maximum of 1000 objects can be tracked. Although 1000 tracked objects can be configured, each tracked object uses CPU resources. The amount of available CPU resources on a router is dependent upon variables such as traffic load and how other protocols are configured and run. The ability to use 1000 tracked objects is dependent upon the available CPU. Testing should be conducted on site to ensure that the service works under the specific site traffic conditions.
Examples
The following example shows how to create and configure stub object 1 with a default state of up:
Router(config)# track 1 stub-objectRouter(config-track)# default-state upRelated Commands
default-state
Sets the default state for a stub object.
show track
Displays tracking information.
transfer-interval
To configure how long bulk statistics should be collected before a bulk statistics transfer is initiated, use the transfer-interval command in Bulk Statistics Transfer configuration mode. To remove a previously configured interval from a bulk statistics configuration, use the no form of this command.
transfer-interval minutes
no transfer-interval
Syntax Description
minutes
Length of time, in minutes, that the system should collect MIB data before attempting the transfer operation. The valid range is from 1 to 2147483647. The default is 30.
Command Default
Bulk statistics file transfer operations start 30 minutes after the enable (bulkstat) command is used.
Command Modes
Bulk Statistics Transfer configuration (config-bulk-tr)
Command History
Usage Guidelines
Bulk statistics data is collected into a new file when a transfer attempt begins, which means that this command also configures the collection interval.
If the maximum buffer size for a bulk statistics file is reached before the transfer interval time expires, the transfer operation will still be initiated, and bulk statistics MIB data will be collected into a new file in the system buffer.
Examples
The following example shows how to configure a transfer interval of 20 minutes for the bulk statistics configuration bulkstat1:
Router(config)# snmp mib bulkstat transfer bulkstat1Router(config-bulk-tr)# transfer-interval 20Related Commands
snmp mib bulkstat transfer
Names a bulk statistics transfer configuration and enters Bulk Statistics Transfer configuration mode.
transport (WSMA initiator)
To define a transport configuration for a Web Services Management Agent (WSMA) initiator profile, use the transport command in WSMA initiator configuration mode. To disable the transport configuration, use the no form of this command.
[backup] transport {http | https | ssh remote-host [initiator-port-number] path pathname [user username [0 | 6] password] } | tls remote-host [initiator-port-number] [localcert trustpoint-name] [remotecert trustpoint-name] [source source-interface]}
no [backup] transport
Syntax Description
Command Default
The transport is not configured.
Command Modes
WSMA initiator configuration (config-wsma-init)
Command History
Usage Guidelines
You can use the transport command to define the transport termination points for a WSMA profile.
Defining the transport configuration in WSMA initiator mode enables the Cisco IOS device to initiate connections to the remote management application over trusted and untrusted networks.
To enter the WSMA initiator configuration mode, use the wsma profile listener command in global configuration mode.
Examples
The following example shows how to define a transport configuration for an initiator profile using the TLS protocol:
Router(config)# wsma profile initiator prof2Router(config-wsma-init)# transport tls 10.23.23.2Router(config-wsma-init)#Related Commands
transport (WSMA listener)
To define a transport configuration for a Web Services Management Agent (WSMA) listener profile, use the transport command in WSMA listener configuration mode. To disable the transport configuration, use the no form of this command.
transport {http | https [path pathname] | ssh [subsys subsys-name] | tls [listener-port-number] [localcert trustpoint-name] [disable-remotecert-validation | remotecert trustpoint-name]}
no transport
Syntax Description
Command Default
The transport is not configured.
Command Modes
WSMA listener configuration (config-wsma-listen)
Command History
12.4(24)T
This command was introduced.
15.1(1)T
This command was modified. Support was added for the tls keyword.
Usage Guidelines
You can use the transport command to define the transport termination points for a WSMA profile.
Defining the transport configuration in WSMA listener configuration mode leads to the opening of a listening socket for listeners on the router. Opening the listening sockets enables the WSMA to start listening to messages.
Secure Shell version 2 (SSHv2), HTTP, HTTPS, and Transport Layer Service (TLS) are the types of transport configuration available for a WSMA profile.
To enter the WSMA listener configuration mode, use the wsma profile listener command in global configuration mode.
Examples
The following example shows how to define a transport configuration for a WSMA listener profile using the SSHv2 protocol:
Router(config)# wsma profile listener prof1Router(config-wsma-listen)# transport ssh subsys wsmaRouter(config-wsma-listen)#The following example shows how to define a transport configuration for a WSMA listener profile using the TLS protocol:
Router(config)# wsma profile listener prof2Router(config-wsma-listen)# transport tls 65534Router(config-wsma-listen)#Related Commands
transport event
To specify that inventory events are sent out by the CNS inventory agent, use the transport event command in CNS inventory configuration mode. To disable the transport of inventory events, use the no form of this command.
transport event
no transport event
Syntax Description
This command has no arguments or keywords.
Command Default
This command is enabled by default.
Command Modes
CNS inventory configuration (cns_inv)
Command History
Usage Guidelines
Use this command to send out inventory requests with each CNS inventory agent message. When configured, the routing device will respond to queries from the CNS event bus. Online insertion and removal (OIR) events on the routing device will be reported to the CNS event bus.
Examples
The following example shows how to enable the CNS inventory agent and configure it to send out inventory events:
Router> enableRouter# configure terminalRouter(config)# cns inventoryRouter(cns_inv)# endRelated Commands
cns inventory
Enables the CNS inventory agent and enters CNS inventory configuration mode.
trigger (EEM)
To enter trigger applet configuration mode and specify the multiple event configuration statements for an Embedded Event Manager (EEM) applet, use the trigger command in applet configuration mode. To disable the multiple event configuration statements, use the no form of this command.
trigger [occurs occurs-value] [period period-value] [period-start period-start-value] [delay delay-value]
no trigger [occurs occurs-value] [period period-value] [period-start period-start-value] [delay delay-value]
Syntax Description
Command Default
Disabled.
Command Modes
Applet configuration (config-applet)
Command History
12.4(20)T
This command was introduced.
12.2(33)SRE
This command was integrated into Cisco IOS Release 12.2(33)SRE.
Usage Guidelines
The trigger command relates multiple event statements using the optional tag keyword with the event-tag argument specified in each event statement.
Examples
The following example shows how to use the trigger command to enter trigger applet configuration mode and specify multiple event configuration statements for an EEM applet. In this example, the applet is run when the show bgp all command and any syslog message that contains the string "COUNT" occurs within a period of 60 seconds.
Router(config)# event manager applet delay_50Router(config-applet)# event tag 1.0 cli pattern "show bgp all" sync yes occurs 32 period 60 maxrun 60Router(config-applet)# event tag 2.0 syslog pattern "COUNT"Router(config-applet)# trigger occurs 1 delay 50Router(config-applet-trigger)# correlate event 1.0 or event 2.0Router(config-applet-trigger)# attribute tag 1.0 occurs 1Router(config-applet-trigger)# attribute tag 2.0 occurs 1Router(config-applet-trigger)# action 1.0 cli command "show memory"Router(config-applet)# action 2.0 cli command "enable"Router(config-applet)# action 3.0 cli command "config terminal"Router(config-applet)# action 4.0 cli command " ip route 192.0.2.0 255.255.255.224 192.0.2.12"Router(config-applet)# action 91.0 cli command "exit"Router(config-applet)# action 99.0 cli command "show ip route | incl 192.0.2.5"Related Commands
ttl dns
To configure the number of seconds for which an answer received from the boomerang client will be cached by the Domain Name System (DNS) client, use the ttl dns command in boomerang configuration mode. To remove this command from the configuration file and restore the system to its default condition with respect to this command, use the no form of this command.
ttl dns seconds
no ttl dns seconds
Syntax Description
seconds
Integer in the range from 10 to 2147483647 that specifies the number of seconds for which an answer received from the boomerang client will be cached by the DNS client.
Command Default
No default behavior or values.
Command Modes
Boomerang configuration
Command History
Usage Guidelines
The ttl dns command can be used only on a Director Response Protocol (DRP) agent. The boomerang client is the DRP agent.
The ttl dns command configures the number of seconds for which the DNS client can cache a boomerang reply from a boomerang client.
Examples
In the following example, the number of seconds for which the DNS client can cache a boomerang reply from a boomerang client is configured as 10:
Router(config)# ip drp domain www.boom1.comRouter(config-boomerang)# ttl dns 10Router# show running-config...ip drp domain www.boom1.comdns-ttl 10Related Commands
ttl ip
To configure the IP time-to-live (TTL) value for the boomerang response packets sent from the boomerang client to the DNS client, use the ttl ip command in boomerang configuration mode. To remove this command from the configuration file and restore the system to its default condition with respect to this command, use the no form of this command.
ttl ip hops
no ttl ip hops
Syntax Description
hops
Integer in the range from 1 to 255 that specifies the number of hops that occur between the boomerang client and the DNS client before the boomerang response packet fails.
Command Default
No default behavior or values.
Command Modes
Boomerang configuration
Command History
Usage Guidelines
The ttl ip command can be used only on a Director Response Protocol (DRP) agent. The boomerang client is the DRP agent.
The ttl ip command configures the maximum number of hops allowed between the boomerang client and the DNS client, after which the boomerang response packet fails. If the user wants to restrict the contending proxies only to nearby ones, the value of the ttl ip command can be set to a specific number within the allowed range. Any proxy outside of this range will be automatically disqualified in the boomerang race because its replies will never reach the DNS client. Because the ttl ip command specifies the number of hops for which a response from a client will live, it allows faraway proxies to avoid wasting bandwidth.
Examples
In the following example, the number of hops that occur between the boomerang client and the DNS client before the boomerang response packet fails is configured as 2:
Router(config)# ip drp domain www.boom1.comRouter(config-boomerang)# ttl ip 2Router# show running-config...ip drp domain www.boom1.comip-ttl 2Related Commands
type (test existence)
To specify the type of existence trigger test to perform, use the type command in event trigger existence configuration mode. To disable the specified trigger test type, use the no form of this command.
type {present | absent | changed}
no type {present | absent | changed}
Syntax Description
Command Default
By default, both present and absent tests are performed.
Command Modes
Event trigger existence configuration (config-event-trigger-existence)
Command History
12.4(20)T
This command was introduced.
12.2(33)SRE
This command was integrated into Cisco IOS Release 12.2(33)SRE.
Usage Guidelines
The existence trigger tests are performed based on the following parameters:
•
•
•
When the test type is not specified, both present and absent tests are performed.
Examples
The following example shows how to specify the existence trigger test as present:
Router(config)# snmp mib event trigger owner owner1 name triggerARouter(config-event-trigger)# test existenceRouter(config-event-trigger-existence)# type presentRouter(config-event-trigger-existence)#Related Commands
url (bulkstat)
To specify the host to which bulk statistics files should be transferred, use the url command in Bulk Statistics Transfer configuration mode. To remove a previously configured destination host, use the no form of this command.
url {primary | secondary} url
no url {primary | secondary}
Syntax Description
Command Default
No host is specified.
Command Modes
Bulk Statistics Transfer configuration (config-bulk-tr)
Command History
Usage Guidelines
For bulk statistics transfer retry attempts, a single retry consists of an attempt to send first to the primary URL, and then to the secondary URL.
Examples
In the following example, an FTP server is used as the primary destination for the bulk statistics file. If a transfer to that address fails, an attempt is made to send the file to the TFTP server at 192.168.10.5. No retry command is specified, which means that only one attempt to each destination will be made.
Router(config)# snmp mib bulkstat transfer ifMibTestingRouter(config-bulk-tr)# schema carMibTesting1Router(config-bulk-tr)# schema carMibTesting2Router(config-bulk-tr)# format bulkBinaryRouter(config-bulk-tr)# transfer-interval 60Router(config-bulk-tr)# buffer-size 10000Router(config-bulk-tr)# url primary ftp://user2:pswd@192.168.10.5/functionality/Router(config-bulk-tr)# url secondary tftp://user2@192.168.10.8/tftpboot/Router(config-bulk-tr)# buffer-size 2500000Router(config-bulk-tr)# enableRouter(config-bulk-tr)# exitRelated Commands
user (ERM)
To apply a global policy, create a resource group, or add resource users (RUs) to a resource group, use the user command in Embedded Resource Manager (ERM) configuration mode. To disable applying the policy, use the no form of this command.
user {resource-instance-name resource-user-type resource-policy-name | global global-policy-name | group [resource-group-name type resource-user-type]}
no user {resource-instance-name | global global-policy-name | group [resource-group-name]}
Syntax Description
Command Default
No policy is configured.
Command Modes
ERM configuration (config-erm)
Command History
Usage Guidelines
This command helps you to apply the various policies (system global, per-user local, and user global) to resource owners (ROs), RUs, or a group of RUs.
Use the user resource-instance-name resource-user-type resource-policy-name command to apply a specified policy to an RU. This policy is also known as a per-user local policy or per-user template.
Use the user global global-policy-name command to apply a global thresholding policy to all the users.
Use the user group resource-group-name type resource-user-type command to create a resource group and to enter resource group configuration mode. After you create the resource group, you can add RUs using the instance instance-name command and apply the same thresholding policy to all the RUs against the resource group using the policy policy-name command in resource group configuration mode.
For example, you created a resource group named lowPrioUsers with a type of iosprocess. You have low-priority RUs or tasks such as HTTP and Simple Network Management Protocol (SNMP), and you want to set a threshold for all the low-priority RUs as a group. You must add the RUs to the resource group using the instance instance-name command and then apply a resource policy. If the resource policy you apply sets a minor rising threshold value of 10 percent for the resource group, when the accumulated usage of both HTTP and SNMP RUs crosses the 10 percent mark, a notification is sent to the RUs in the resource group lowPrioUsers. That is, if HTTP usage is 4 percent and SNMP usage is 7 percent, a notification is sent to lowPrioUsers.
Examples
The following example shows how to apply a per-user thresholding policy for the resource instance EXEC, resource user type iosprocess, and resource policy name policy-test1:
Router(config-erm)# user EXEC iosprocess policy-test1The following example shows how to apply a global thresholding policy with policy name global-global-test1:
Router(config-erm)# user global global-global-test1The following example shows how to create a resource group with the resource group name lowPrioUsers and RU type as iosprocess, and how to add the RU HTTP to the resource group and apply a thresholding policy group-policy1:
Router(config-erm)# user group lowPrioUsers type iosprocessRouter(config-res-group)# instance httpRouter(config-res-group)# policy group-policy1Related Commands
value (action set)
To set a value to the object, use the value command in event action set configuration mode. To disable the configured settings, use the no form of this command.
value integer-value
no value
Syntax Description
Command Default
By default, no value is set for the object.
Command Modes
Event action set configuration (config-event-action-set)
Command History
Usage Guidelines
The value command sets the value for the object associated with the event for which actions are set by using the action set command.
Examples
The following example shows how to set a value of 2 to the object:
Router(config)# snmp mib event owner owner1 name EventARouter(config-event)# action setRouter(config-event-action-set)# value 2Router(config-event-action-set)#Related Commands
value (test boolean)
To set a value for the Boolean trigger test, use the value command in event trigger boolean configuration mode.To disable the configured settings, use the no form of this command.
value integer-value
no value
Syntax Description
Command Default
The Boolean trigger test value is set to 0.
Command Modes
Event trigger boolean configuration (config-event-trigger-boolean)
Command History
Usage Guidelines
The value command specifies the value to set for the Boolean trigger test.
Examples
The following example shows how to set a value for the Boolean trigger test:
Router(config)# snmp mib event trigger owner owner1 name triggerARouter(config-event-trigger)# test booleanRouter(config-event-trigger-boolean)# value 10Router(config-event-trigger-boolean)Related Commands
value type
To specify the type of expression to use during object sampling, use the value type command in expression configuration mode. To disable the specified value type, use the no form of this command.
value type {counter32 | unsigned32 | timeticks | integer32 | ipaddress | octetstring | objectid | counter64}
no value type
Syntax Description
Command Default
The default value type is counter32.
Command Modes
Expression configuration mode (config-expression)
Command History
Usage Guidelines
The value type command specifies a value for expression evaluation.
Examples
The following example shows how to specify the counter32 value type:
Router(config)# snmp mib expression owner owner1 name ExpressionARouter(config-expression)# value type counter32Router(config-expression)#Related Commands
wildcard
To specify whether the object identifier needs to be wildcarded, use the wildcard command in event object list, event action set, or expression object configuration mode. To disable the configured settings, use the no form of this command.
wildcard
no wildcard
Syntax Description
This command has no arguments or keywords.
Command Default
Objects are fully specified by default.
Command Modes
Event object list configuration (config-event-objlist)
Event action set configuration (config-action-set)
Expression object configuration (config-expression-object)
Command History
Usage Guidelines
The wildcard indicates whether an object identifier needs to be wildcarded or fully specified. By default, the objects are based on instances and are not wildcarded.
Examples
The following example shows how to specify wildcard for an object instance during object list configuration:
Router(config)# snmp mib event object list owner owner1 name objectA 10Router(config-event-objlist)# wildcardRouter(config-event-objlist)#The following example shows how to specify wildcard for an object instance during action set configuration:
Router(config)# snmp mib event owner owner1 name EventARouter(config-event)# action setRouter(config-event-action-set)# wildcardRouter(config-event-action-set)#The following example shows how to specify wildcard for an object instance during expression configuration:
Router(config)# snmp mib expression owner owner1 name ExpressionARouter(config-expression)# object 10Router(config-expression-object)# wildcardRouter(config-expression-object)#Related Commands
write mib-data
To save MIB data to system memory (NVRAM) for MIB Data Persistence, use the write mib-data command in EXEC mode.
write mib-data
Syntax Description
This command has no arguments or keywords.
Command Modes
Exec
Command History
Usage Guidelines
The MIB Data Persistence feature allows the SNMP data of a MIB to be persistent across reloads; that is, the values of certain MIB objects are retained even if your networking device reboots.
To determine which MIBs support "MIB Persistence" in your release, use the snmp mib persist ? command in global configuration mode.
Any modified MIB data must be written to NVRAM memory using the write mib-data command. If the write mib-data command is not used, modified MIB data is not saved automatically, even if MIB Persistence is enabled. Executing the write mib-data command saves only the current MIB data; if the MIB object values are changed, you should reenter the write mib-data command to ensure that those values are persistent across reboots.
Examples
In the following example. Event MIB Persistence and Circuit MIB persistence are enabled, and any currently set object values for those MIBs are saved to NVRAM:
Router# configure terminalRouter(config)# snmp mib persist circuitRouter(config)# snmp mib persist eventRouter(config)# endRouter# write mib-dataRelated Commands
wsma agent
To enable a specific Web Services Management Agent (WSMA) and associate it with a profile, use the wsma agent command in global configuration mode. To disable the WSMA agent and its associations with a profile, use the no form of this command.
wsma agent {config | exec | filesys | notify} profile profile-name
no wsma agent {config | exec | filesys | notify}
Syntax Description
config
Starts the WSMA config agent.
exec
Starts the WSMA exec agent.
filesys
Starts the WSMA filesys agent.
notify
Starts the WSMA notify agent.
profile profile-name
Defines the profile name to use.
Command Default
By default, WSMA agents are disabled and are not associated with profiles.
Command Modes
Global configuration (config)
Command History
Examples
The following example shows how to enable a WSMA agent and associate with a profile:
Router(config)# wsma agent config profile wsma1Router(config)#Related Commands
wsma id
Assigns unique WSMA IDs to Cisco IOS devices.
wsma profile listener
Configures and enables a WSMA listener profile.
wsma id
To assign unique Web Services Management Agent (WSMA) IDs to IOS devices, use the wsma id command in global configuration mode. To disable the WSMA IDs assigned to Cisco IOS devices, use the no form of this command.
wsma id {hardware-serial | hostname | ip-address interface-type | mac-address interface-type | string value}
no wsma id
Syntax Description
Command Default
By default, unique WSMA IDs are not assigned to Cisco IOS devices.
Command Modes
Global configuration (config)
Command History
Usage Guidelines
Use this command to assign unique IDs to Cisco IOS devices. Unique IDs can also be configured by specifying required parameters.
Whenever the WSMA ID changes, all WSMA sessions are terminated. This is done in order to protect the management applications from not having to deal with synchronizing states dynamically.
Examples
The following example shows how to assign WSMA IDs:
Router(config)# wsma id ip-address fastethernet 0/1Router(config)#Related Commands
wsma agent
Enables a specific WSMA and associates it with a profile.
wsma profile listener
Configures and enables a WSMA listener profile.
wsma profile initiator
To configure and enable a Web Services Management Agent (WSMA) initiator profile and to enter WSMA initiator configuration mode, use the wsma profile initiator command in global configuration mode. To disable a WSMA initiator profile, use the no form of this command.
wsma profile initiator profile-name
no wsma profile initiator profile-name
Syntax Description
initiator
Enables the WSMA initiator profile for the specified profile name.
profile-name
Defines the name of the initiator profile to be enabled.
Command Default
No WSMA profiles are configured.
Command Modes
Global configuration (config)
Command History
Usage Guidelines
You can use the wsma profile initiator command to configure and enable a WSMA profile. A WSMA profile associated with a specific WSMA constitutes an operational embedded agent.
WSMA profiles work as a transport termination point, and allows transport and XML encapsulation parameters to be configured.
•
•
The WSMA initiator mode allows Cisco IOS devices to initiate connections to management applications over trusted and untrusted networks. You can configure various parameters for a WSMA profile in WSMA initiator configuration mode.
Examples
The following example shows how to enable a WSMA initiator profile:
Router(config)# wsma profile initiator prof1Router(config-wsma-init)#Related Commands
wsma profile listener
To configure and enable a Web Services Management Agent (WSMA) listener profile and to enter WSMA listener configuration mode, use the wsma profile listener command in global configuration mode. To disable a WSMA listener profile, use the no form of this command.
wsma profile listener profile-name
no wsma profile listener profile-name
Syntax Description
listener
Enables the WSMA listener profile for the specified profile name.
profile-name
Defines the name of the listener profile to be enabled.
Command Default
No WSMA profiles are configured.
Command Modes
Global configuration (config)
Command History
Usage Guidelines
You can use the wsma profile listener command to configure and enable a WSMA profile. A WSMA profile associated with a specific WSMA constitutes an operational embedded agent.
WSMA profiles work as transport termination points, and allow transport and XML encapsulation parameters to be configured.
•
•
The wsma profile listener command creates a passive listening socket on the Cisco IOS device. The profile receives incoming messages provided they match the configured Access Control List (ACL) requirements. You can configure various parameters for a WSMA profile in WSMA listener configuration mode.
Examples
The following example shows how to enable a WSMA listener profile:
Router(config)# wsma profile listener prof1Router(config-wsma-listen)#Related Commands
wsse
To enable the Web Services Security (WSSE) Header for a Web Services Management Agent (WSMA), use the wsse command in WSMA listener configuration mode or WSMA initiator configuration mode. To disable the security header, use the no form of this command.
wsse
no wsse [authorization level level]
Syntax Description
Command Default
WSSE is enabled. When WSSE is disabled the default authorization level is set to 1 (the lowest level).
Command Modes
WSMA initiator configuration (config-wsma-init)
WSMA listener configuration (config-wsma-listen)
Command History
12.4(24)T
This command was introduced.
15.1(1)T
This command was modified. Support was added for the authorization level keyword, and for the WSMA initiator configuration mode.
Usage Guidelines
You can use the wsse command to enable the WSSE for a WSMA profile. When enabled, the WSSE username and password are required in the Simple Object Access Protocol (SOAP) header. By default, this command is enabled and the nonvolatile generation (NVGEN) operation does not take place. Specifying the no wsse command enables the NVGEN operation.
The username in the WSSE header is authenticated and authorized using the authentication method set in the global configuration. If Authentication, Authorization, and Accounting (AAA) is enabled on the router then the AAA settings are used. If AAA is not enabled, the username and password in the WSSE header is compared to the username and password configured on the router.
When the WSSE SOAP header is disabled for a WSMA listener or initiator profile, the authorization level keyword can be used to select an authorization level for commands executed using the profile.
When the WSSE SOAP header is disabled for a WSMA profile, the authorization level assigned to requests over the configured connections is determined as follows:
•
•
•
•
Use this command from the WSMA listener configuration mode or WSMA initiator configuration mode. To enter WSMA listener configuration mode, enter the wsma profile listener command in global configuration mode. To enter WSMA initiator configuration mode, use the wsma profile initiator command in global configuration mode.
Examples
The following example shows how to enable WSSE on a WSMA listener profile:
Router(config)# wsma profile listener prof1Router(config-wsma-listen)# wsseRouter(config-wsma-listen)#The following example shows how to specify the authorization level parameters to use when WSSE is disabled on a WSMA initiator profile:
Router(config)# wsma profile initiator prof2Router(config-wsma-init)# no wsse authorization level 3Router(config-wsma-init)#Related Commands
xsm
To enable XML Subscription Manager (XSM) client access to the device, use the xsm command in global configuration mode. To disable XSM client access to the device, use the no form of this command.
xsm
no xsm
Syntax Description
This command has no arguments or keywords.
Command Default
XSM client access to the device is enabled.
Command Modes
Global configuration
Command History
Usage Guidelines
This command requires that the ip http server command is enabled. Enabling the xsm command also enables the xsm vdm and xsm edm commands. This command must be enabled for the XSM client (such as VPN Device Manager [VDM]) to operate.
Examples
In the following example, access by remote XSM clients to XSM data on the device is disabled:
Router# no xsm
Related Commands
xsm dvdm
To enable switch-specific configuration data (for example, configuring switch ports and VLANs) when running VPN Device Manager (VDM) on a switch, use the xsm dvdm command in global configuration mode. To disable switch-specific configuration data for VDM, use the no form of this command.
xsm dvdm
no xsm dvdm
Syntax Description
This command has no arguments or keywords.
Command Default
Access to switch-specific configuration data is enabled when XSM is enabled.
Command Modes
Global configuration
Command History
12.2(9)YO1
This command was introduced.
12.2(13)T
This command was integrated into Cisco IOS Release 12.2(13)T.
Usage Guidelines
Access to switch-specific configuration data (dVDM) is enabled by default when XSM is enabled.
The no xsm dvdm command allows you to disable only switch-specific XSM data. Note however that disabling dVDM will prevent the VDM application from communicating properly with the device (switch). There is minimal performance impact associated with leaving dVDM enabled.
Examples
In the following example, access to switch-specific configuration data is disabled in XSM:
Router(config)# no xsm dvdm
Related Commands
xsm edm
To grant access to Embedded Device Manager (EDM) monitoring and configuration data, use the xsm edm command in global configuration mode. To cancel access to EDM monitoring and configuration data, use the no form of this command.
xsm edm
no xsm edm
Syntax Description
This command has no arguments or keywords.
Command Default
Access to EDM monitoring and configuration data is granted by default if XSM is enabled.
Command Modes
Global configuration
Command History
Usage Guidelines
This command exists to allow you to disable EDM using the no xsm edm form of the command. EDM is enabled by default when XSM is enabled.
EDM provides the following generic information to the VPN Device Manager (VDM):
•
•
•
•
Note that disabling EDM prevents XSM clients (such as VDM) from working properly and also disables the xsm history edm command. There is minimal performance impact associated with leaving EDM enabled.
Examples
In the following example, access to EDM data is disabled:
Router(config)# xsmRouter(config)# no xsm edmRelated Commands
xsm history edm
To enable statistics collection for the Embedded Device Manager (EDM) on the XML Subscription Manager (XSM) server, use the xsm history edm command in global configuration mode. To disable statistics collection for the EDM on the XSM server, use the no form of this command.
xsm history edm
no xsm history edm
Syntax Description
This command has no arguments or keywords.
Command Default
EDM statistics collection is disabled.
Command Modes
Global configuration
Command History
Usage Guidelines
Use this command to save up to five days of data. Historical information on items such as RAM and CPU utilization is gathered and made available, thus enabling XSM clients (such as VPN Device Manager [VDM]) to display charts and data. Use of this command consumes resources on the device. Disabling this command clears all your historical data, as the XSM server does not save this data between reloads.
Examples
In the following example, statistics collection for the EDM is enabled on the XSM server:
Router(config)# xsmRouter(config)# xsm history edmRelated Commands
xsm history vdm
To enable specific VPN statistics collection on the XML Subscription Manager (XSM) server, use the xsm history vdm command in global configuration mode. To disable collection of specific selected VPN statistics on the XSM server, use the no form of this command.
xsm history vdm
no xsm history vdm
Syntax Description
This command has no arguments or keywords.
Command Default
VPN statistics collecting is disabled.
Command Modes
Global configuration
Command History
Usage Guidelines
With this command enabled, you can save up to five days of data. Historical information on items such as the number of active IKE tunnels, IPSec tunnels, total crypto throughput, and total throughput is gathered and made available, thus enabling XSM clients (such as VPN Device Manager [VDM]) to display charts and data. Use of this command consumes resources on the device. Disabling this command clears all your historical data. The XSM server does not save history data across reloads.
Examples
The following example shows how to enable specific VPN statistics collection on the XSM server:
Router(config)# xsmRouter(config)# xsm history vdmRelated Commands
xsm privilege configuration level
To enable the XML Subscription Manager (XSM) configuration privilege level required to subscribe to XML Request Descriptors (XRDs), use the xsm privilege configuration level command in global configuration mode. To remove a previously configured XSM configuration privilege level, use the no form of this command.
xsm privilege configuration level number
no xsm privilege configuration level number
Syntax Description
Command Default
The default level is 15.
Command Modes
Global configuration
Command History
Usage Guidelines
The privilege level for the xsm privilege configuration level command must be greater than or equal to the privilege level for the xsm privilege monitor level command. For example, if the xsm privilege configuration 7 command is enabled, you need a minimum privilege level of 7 to subscribe to configuration XRDs. The higher the number the higher the privilege level. Trying to set a conflicting range of privilege settings will force the Cisco device to display the following message:
Attempt to set monitor privilege greater than configuration. Privilege denied.You can check the XSM privilege level settings by using the show xsm status command. Use the show xsm xrd-list command to check which privilege level is required for each XRD.
Note
Examples
The following example shows how to set a configuration privilege level of 15, and a monitor privilege level of 11 for subscription to XRDs. Users with a privilege level below 11 are denied access.
Router(config)# xsm privilege configuration level 15Router(config)# xsm privilege monitor level 11Related Commands
privilege
Configures IOS privilege parameters.
xsm privilege monitor level
Enables monitor privilege level to subscribe to XRDs.
xsm privilege monitor level
To enable the XML Subscription Manager (XSM) monitoring privilege level required to subscribe to XML Request Descriptors (XRDs), use the xsm privilege monitor level command in global configuration mode. To remove a previously configured XSM monitoring privilege level, use the no form of this command.
xsm privilege monitor level number
no xsm privilege monitor level number
Syntax Description
Command History
The default is level 1.
Command Modes
Global configuration
Command History
Usage Guidelines
The privilege level for the xsm privilege monitor level command must be less than or equal to the privilege level for the xsm privilege configuration level command. For example, if the xsm privilege monitor 7 command is enabled, you need a minimum privilege level of 7 to subscribe to monitor XRDs. The higher the number the higher the privilege level. Trying to set a conflicting range of privilege settings will force the Cisco device to display the following message:
Attempt to set monitor privilege greater than configuration. Privilege denied.You can check the XSM privilege level settings by using the show xsm status command. Use the show xsm xrd-list command to check which privilege level is required for each XRD.
Note
Examples
The following example shows how to set a configuration privilege level of 15 and a monitor privilege level of 11 for subscription to XRDs. Users with a privilege level below 11 are denied access.
Router(config)# xsm privilege configuration level 15Router(config)# xsm privilege monitor level 11Related Commands
privilege
Configures IOS privilege parameters.
xsm privilege configuration level
Enables configuration privilege level to subscribe to XRDs.
xsm vdm
To grant access to VPN-specific monitoring and configuration data for the VPN Device Manager (VDM), use the xsm vdm command in global configuration mode. To cancel access to VPN-specific monitoring and configuration data for VDM, use the no form of this command.
xsm vdm
no xsm vdm
Syntax Description
This command has no arguments or keywords.
Command Default
Enabled (Access to VPN-specific monitoring and configuration data for the VDM is granted when XSM is enabled.)
Command Modes
Global configuration
Command History
Usage Guidelines
This command enables access to the following VPN-specific information:
•
•
•
•
•
If XSM is enabled, this command is enabled by default. Access to VPN-specific monitoring and configuration data within XSM can be disabled by using the no form of the command. However, disabling this command will prevent VDM from working properly and will also disable the xsm history vdm command. Leaving this command enabled has minimal performance impact.
Examples
In the following example, access to VPN-specific monitoring and configuration data is disabled:
Router(config)# xsmRouter(config)# no xsm dvmRelated Commands
