Log IP SLA failures

The IP Service Level Agreement (SLA) measurement feature of Cisco IOS is extremely SNMP-oriented. For example, there is no easy way to generate a logging message when an SLA operation fails (or exceeds the threshold). However, Embedded Event Manager reading SNMP variables can help you get there.Before checking the status of an SLA operation, you need to schedule it (remember the SLA entry#, you'll need it when forming the SNMP object ID). For example:

ip sla 42
icmp-echo 172.16.1.2 source-interface Serial0/0/0.100
timeout 500
threshold 100
frequency 1
ip sla schedule 42 life forever start-time now
When the SLA measurement has been defined, create an EEM applet to monitor the status of the rttMonCtrlOperTimeoutOccured variable in the CISCO-RTT-MON MIB (note that the SLA entry# is the last number in the OID). The EEM applet triggers on value 1 (true: timeout) and re-arms on value 2 (false: no timeout).
event manager applet SLA_Timeout
event snmp oid 1.3.6.1.4.1.9.9.42.1.2.9.1.6.42 get-type exact entry-op eq entry-val 1 exit-op eq exit-val 2 poll-interval 5
action 1.0 syslog msg "Ping to 172.16.1.2 timeout"
Similarly, you can write an applet that triggers on SLA response time being over threshold by monitoring SNMP OID 1.3.6.1.4.1.9.9.42.1.2.9.1.7.sla# (the rttMonCtrlOperOverThresholdOccurred variable).
Note: this article is part of You've asked for it series.

2 comments:

  1. Hi Ivan:

    I read all your posts about EEM and they were great.

    I would like to know if you have ever tried to use EEM to monitor a MOS score of an IP SLA UDP-Jitter instance. For example, if the MS score has fallen below certain number (say 2.50), some actions will be taken by the router to re-route traffic. I know OER is another option, but doing so will require the latest greatest IOS and meeting all the prereqs as defined by OER.

    If you have any hints on using EEM to monitor MOS score I would certainly appreciate it. I am thinking about monitoring SNMP OID value of rttMonLatestJitterOperMOS, but didn't know how to tie it to an IP SLA instance #.

    Thanks,

    William Chu

    ReplyDelete
  2. This is really great. But what about if I define a trigger, for example when 2 icmp packets get timeout. Do you know the OID that monitors this?

    Thanks very much.

    ReplyDelete

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.

Ivan Pepelnjak, CCIE#1354, is the chief technology advisor for NIL Data Communications. He has been designing and implementing large-scale data communications networks as well as teaching and writing books about advanced technologies since 1990. See his full profile, contact him or follow @ioshints on Twitter.