[Contents] [Prev] [Next] [Index] [Report an Error]

Example: Generating a Custom System Log Message

Using a commit script, write a custom system log message that appears when the read-write statement is not included at the [edit snmp community community-name authorization] hierarchy level:

XSLT Syntax 

<?xml version="1.0" standalone="yes"?>
<xsl:stylesheet version="1.0"
    xmlns:xsl="http://www.w3.org/1999/XSL/Transform" 
    xmlns:junos="http://xml.juniper.net/junos/*/junos" 
    xmlns:xnm="http://xml.juniper.net/xnm/1.1/xnm" 
    xmlns:jcs="http://xml.juniper.net/junos/commit-scripts/1.0">


    <xsl:import href="../import/junos.xsl"/>


    <xsl:template match="configuration">
        <xsl:for-each select="snmp/community"> 
            <xsl:if test="not(authorization/read-write)">
                <syslog>
                    <message>SNMP community does not have read-write access.
                    </message>
                </syslog>
            </xsl:if>
        </xsl:for-each>
    </xsl:template>


</xsl:stylesheet>

SLAX Syntax 

version 1.0;


ns junos = "http://xml.juniper.net/junos/*/junos";
ns xnm = "http://xml.juniper.net/xnm/1.1/xnm";
ns jcs = "http://xml.juniper.net/junos/commit-scripts/1.0";


import "../import/junos.xsl";
match configuration {
    for-each (snmp/community) {
        if (not(authorization/read-write)) {
            <syslog> {
                <message> "SNMP community does not have read-write access.";
            }
        }
    }
}

Verifying the Commit Script Syslog Output

System log messages are generated during a commit operation but not during a commit check operation. This means you cannot use the commit check | display xml and commit check | display detail configuration mode commands to verify the output of system log messages.

To test the output of a system log message, make sure that the candidate configuration contains the condition that elicits the system log message. In this example, ensure that the read-write statement is not included at the [edit snmp community community-name authorization] hierarchy level.

To test the example in this chapter, perform the following steps:

  1. Copy the XSLT script into a text file, and name the file read-write.xsl. Depending on whether you save your commit script files to the flash drive or the hard drive, copy the read-write.xsl file to the config/scripts/commit or the /var/db/scripts/commit directory on your routing platform.
  2. Include the file read-write.xsl statement at the [edit system scripts commit] hierarchy level:
    user@host> edit 
    [edit]

    user@host# set system scripts commit file read-write.xsl
  3. If the read-write statement is included at the [edit snmp community community-name authorization] hierarchy level, issue the following configuration mode command: 
    [edit]

    user@host# delete snmp community community-name authorization read-write
  4. Ensure that system logging is configured by issuing the following configuration mode command: 
    [edit]

    user@host# show system syslog

    For information about system log configuration, see the JUNOS System Log Messages Reference.

  5. Issue the commit command: 
    [edit]

    user@host# commit

After you issue the commit command, check the log file. The default directory for log files is /var/log. A common filename for the log file is messages. Commit script system log entries look like this:

    
timestamp router-id cscript: message

For example:

    Jun 3 14:34:37 router cscript: SNMP community does not have read-write access
[Contents] [Prev] [Next] [Index] [Report an Error]

Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice.