Automation

 View Only

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



  • 1.  RPKI session monitor with event-options

    Posted 07-15-2022 10:25

    Hi community,

    We are in the process of implementing RPKI in our network, and we noticed that Junos is not generating a Trap by default when the session with the validator goes down, it only generates a Syslog message.

    We are trying to use event-options so that we can generate a Trap out of the Syslog message.

    The issue is that the Syslog messages come every 30 seconds, hence the Trap regenerates every 30 seconds and floods our NMC. We want to change the Trap regeneration to every 10 mins for example.


    Our initial config looked like this:

    set event-options policy RPKI_TRAPS events rpd_rv_sessiondown
    set event-options policy RPKI_TRAPS events rpd_rv_session_established
    set event-options policy RPKI_TRAPS then raise-trap


    which we later tried to change into:

    set event-options policy RPKI_TRAPS events rpd_rv_sessiondown
    set event-options policy RPKI_TRAPS events rpd_rv_session_established
    set event-options policy RPKI_TRAPS within 600 events rpd_rv_sessiondown
    set event-options policy RPKI_TRAPS within 600 events rpd_rv_session_established
    set event-options policy RPKI_TRAPS then raise-trap

    But again the Traps come every 30 seconds and not ever 10 min,

    Could someone please suggest a way that we could implement this ?

    Thank you



    ------------------------------
    FRANK FILIPPIDIS
    ------------------------------


  • 2.  RE: RPKI session monitor with event-options

    Posted 07-15-2022 12:27
    Perhaps using the variable to trigger after a certain number of events would work instead.

    [edit event-options]
    policy login {
        events [ RADIUS_LOGIN_FAIL TELNET_LOGIN_FAIL SSH_LOGIN_FAIL ];
        within 120 {
            trigger after 4;
        }
        then {
            event-script login-fail.xsl {
                destination some-dest;
            }
        }
    }​


    https://www.juniper.net/documentation/us/en/software/junos/automation-scripting/topics/topic-map/junos-script-automation-event-policy-generating-internal-events.html

    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP - Retired)
    http://puluka.com/home
    ------------------------------



  • 3.  RE: RPKI session monitor with event-options

    Posted 07-18-2022 09:57

    Thank you for your suggestion.

    Now the config looks like this:

    events [ rpd_rv_sessiondown rpd_rv_session_established ];
    within 600 {
    trigger after 20;
    }
    then {
    raise-trap;
    }

    The first alarm now comes after 10 minutes, but then regenerates every 30 seconds!
    Is there a way to make it re-trap ever 10 minutes and not ever 30sec ?

    Thank you !



    ------------------------------
    FRANK FILIPPIDIS
    ------------------------------