plugin_syslog
plugin_syslog copied to clipboard
Cacti
Integration of CEMDB
Hi Folks, any plans to integrate Cisco error message database (CEMDB) into the plugin.
I have never used the CEMDB, can you provide more information on how/what/where/why you want this? ;-)
@netniV We had in-house developed Syslog daemon and corresponding front-end, which was later integrated into Cacti as a plugin with CEMDB support. The CEMDB is a database for Cisco error messages, which consists of detailed explanation of Syslog messages along with possible causes and possible actions to fix them. In brief, it helps network admins to better understand Syslog events and resolve the issue.
Screenshot of the WebUI is attached for your reference.
Since we are migrating to plugin_syslog, I was thinking of adding the missing features in to the plugin.
If you can send an email to [email protected] with details on how you integrated/obtained that, I will have to then check the licensing requirements.
We may not be legally allowed to distribute/reuse that since it is Cisco's property but it looks like other open source projects have so I don't think it will be an issue.
The licensing issue would need to be researched. Having a snap of the schema may not be prohibited.
I am not sure of the licensing terms related to CEMDB. However, it was available with php-syslog-ng and it is from here that we copied and used it in our plugins.
I don't think Cisco distributes cemdb as such however all syslog error messages are documented and publicly available so It was only a matter of dumping them into txt file and "create" a db.
See Cisco IOS XE System Messages for example
On my experience I don't see much advantage, it's always good to have more description, but nowadays I'm getting pretty used to use cisco cli analyzer tho
@TheWitness Could trace the cemdb.sql at following url: https://github.com/OpenAai/php-syslog-ng/blob/master/www/html/install/sql/cemdb.sql
The table definition is as follows:
CREATE TABLE cemdb (
id int(5) unsigned NOT NULL auto_increment,
name varchar(128) NOT NULL default '',
message text,
explanation text,
action text,
datetime datetime default NULL,
PRIMARY KEY (id),
UNIQUE KEY name (name)
) ENGINE=MyISAM COMMENT='Cisco Error Message Database';
Hope this helps.
So, can you explain the columns? It looks to me that the "name" column is a coded field. Maybe program name plus some other things. Then, the message looks almost like a preg_match() string of the syslog message. Dump on my this?
Error Message %ACE-3-CEAL_REGISTRATION : ACE [chars] failed to register.
Explanation The ACE failed to register with CEAL.
Recommended Action Reset the hardware module.
So this is an example of error and detail. The name is likely the ACL-3-CEAL_REGISTRATION, the part after the columns would be the message, then you have an explanation and action from those two columns.
I did start looking into this four years ago it seems, but I have no idea what happened or how far I got so may as well start from scratch if you are bored @TheWitness
Whatever happens, it needs to be normalized to handle other manufacturers. Also, we should not be including Cisco IP. The entitled customer should be downloading it directly.
I worked out the later piece yesterday while being bored. After a while, say 80k or so games of Freecell later without loosing more than 10 games, life can get boring
@netniV You nailed in right!
The name column is the program name.
The message column gives a hint about possible parameters associated with the event.
The explanation column gives detailed description about the event.
The action column recommends suitable remedy to be taken to resolve the issue.
@TheWitness Glad that you took up this enhancement. I should have done this 4 years back!. In fact @netniV requested to share our implementation. Looking forward to assist.