Overview
This event script mimics Cisco's absolute vty timeout functionality. This applies to SLAX version 1.0 and higher.
Description
This script works in Junos 9.2 or later. It uses jade_auth_success as the generated event to cause the script to be run every 60 seconds. This can be changed to fit your environment.
Source Code
GitHub Links
The source code below is also available from GitHub at the following locations:
01 The event-options to trigger this script are below:
02
03 {master}
04 user@cli> show configuration event-options generate-event {
05 jade_auth_success time-interval 60; } policy logout {
06 events jade_auth_success;
07 then {
08 event-script logout.slax;
09 }
10 }
11 event-script {
12 file logout.slax;
13 }
01 version 1.0;
02
03 ns junos = "http://xml.juniper.net/junos/*/junos";
04 ns xnm = "http://xml.juniper.net/xnm/1.1/xnm";
05 ns jcs = "http://xml.juniper.net/junos/commit-scripts/1.0";
06
07 /*
08 * This event script mimicks Cisco's absolut vty timeout functionality.
09 * It DOES NOT work on 8.5 but works on 9.2. It uses jade_auth_success as
10 * the generated event to cause the script to be run every 60 seconds,
11 * this can be changed to fit your environment.
12 *
13 * Ths event-options to trigger this script are below:
14 *
15 * {master}
16 * user@cli> show configuration event-options generate-event {
17 * jade_auth_success time-interval 60; } policy logout {
18 * events jade_auth_success;
19 * then {
20 * event-script logout.slax;
21 * }
22 * }
23 * event-script {
24 * file logout.slax;
25 * }
26 */
27
28 import "../import/junos.xsl";
29
30 var $cliTimeout = 300;
31
32 match / {
33 <op-script-results> {
34 var $uptimeInfo = jcs:invoke ('get-system-uptime-information');
35 var $uptimeSeconds = $uptimeInfo/current-time/date-time/@junos:seconds;
36 var $userInfo = jcs:invoke ('get-system-users-information');
37 for-each ($userInfo/uptime-information/user-table/user-entry) {
38 var $diff = $uptimeSeconds - login-time/@junos:seconds;
39 if ($diff > $cliTimeout) {
40 var $runcmd = <command> "request system logout terminal " _ tty;
41 var $outcmd = jcs:invoke ($runcmd);
42 }
43 }
44 }
45 }
XML Script Contents
01 <?xml version="1.0"?>
02 <script>
03 <title>logout.slax</title>
04 <author>jpanagos</author>
05 <synopsis>
06 This event script mimicks Cisco's absolute vty timeout functionality.
07 </synopsis>
08 <coe>event</coe>
09 <type>login</type>
10
11 <description>
12 This script works on 9.2. It uses jade_auth_success as the generated event to cause the script to be run every 60 seconds, this can be changed to fit your environment.
13
14 </description>
15
16 <example>
17 <title>Config</title>
18 <description>The event-options to trigger this script are below:</description>
19 <config>example-1.conf</config>
20 </example>
21
22 <xhtml:script xmlns:xhtml="http://www.w3.org/1999/xhtml"
23 src="../../../../../web/leaf.js"
24 type="text/javascript"/>
25 </script>