Backup Config to TFTP Server using EEM | Cisco Nexus

In this tutorial I am going to show how you can automate configuration backup to a TFTP server using Cisco’s EEM(Embedded Event Manager) feature.

Although Cisco already has an archive feature in the Cisco IOS and their KB states that it’s present in the NX-OS too but the command just does not exist. Well, I couldn’t find it and no option to enable it either. If you do please let me know too.

Hence, I had to use EEM instead which is pretty simple too.

I will be working on a Nexus 9000 series switch.

Let’s assume you already have TFTP setup. In this case the TFTP folder is at destination:

//172.16.20.10/archive/switch.lab/

First I will create a small script called CONFIG_BACKUP_TFTP on the switch which we will later specify in the EEM config.

switch.lab# echo "copy running-config tftp://172.16.20.10/archive/switch.lab/$(SWITCHNAME)_$(TIMESTAMP).UTC vrf management" >> CONFIG_BACKUP_TFTP

$(SWITCHNAME)_$(TIMESTAMP).UTC will be the file name. $(SWITCHNAME) and $(TIMESTAMP) are environment variables which we will use to create the config file name. This way it will be easy to identify the latest config in the TFTP folder.

I am also specifying vrf management since the management port of the switch is in this vrf.

Now I will configure EEM on the switch. Config is simple and self explanatory.

switch.lab(config)# event manager applet CONFIG_BACKUP_TFTP 
switch.lab(config-applet)#description "Backup-Running-Config-To-TFTP"
switch.lab(config-applet)#event cli match "copy running-config startup-config"
switch.lab(config-applet)# action 1.0 cli copy running-config startup-config
switch.lab(config-applet)#action 2.0 cli run-script bootflash:CONFIG_BACKUP_TFTP
switch.lab(config-applet)#action 3.0 syslog priority notifications msg TFTP-Backup-Complete
switch.lab(config-applet)#exit
switch.lab(config)#cli alias name wr copy  running-config startup-config
switch.lab(config)#exit
switch.lab#
switch.lab# wr
[########################################] 100%
Copy complete.

Note that we created an alias “wr” for the “copy running-config startup-config” command.

Here is the sequence of steps that will follow when you write the config.

1. “event cli match” command will trigger the event when we write the config by send the “wr” command.
2. “action 1.0” will run the first action of copying the running config to startup config.
3. “action 2.0” will run the second action of running the script only when the first action is completed.
4. Note that action 1.0, action 2.0, and so on are executed sequentially but action 1.1, action1.2 and so on are executed simultaneously which is not what want.
5. “action 3.0” will run the third action of sending a syslog message which we can check in the logs.

2019 Mar  6 16:45:28 switch.lab %EEM_ACTION-5-NOTIF: TFTP-Backup-Complete

My next blog would be to compare the latest written file with the previous one and notify the changes via an email using python.

Hope this helps!