Specifications

ManualsBrandsCabletron Systems ManualsComputer equipmentETWMIM

Custom Action:

Check Custom Action and click Edit to open the Specify Program for Action window where you can

customize the response to an event by selecting a program to be executed.

In the Program to run field, type a script name, if known or use the Select button to open a

file browser window and choose a script. The Program to run field does not allow using

options. For example, you cannot enter

myscript.bat –i <IP Address> −m <MAC

Address>

in the Program to run field.

TIP: To execute a script with options, create a script without options that executes

another script that has options (Windows only). For example:

Create a script named,

asm_script.bat

with an entry to call

myscript.bat

such as:

C:\Program Files\My Custom Files\myscript.bat –i %1 −m %2".

Uncheck all but the Threat IP and Threat MAC checkboxes and select

Unformatted without spaces (you don't want to send any keyword (thip=

or thmac=) to your script.). The variable %1 returns <Threat IP Address>

and %2 returns the <Threat MAC Address>

If you are using PERL script, you might want to use a different argument

variable, such as $ARGV[0] (First argument) or @ARGV (all arguments).

Also, using the shell script, is similar to a Windows batch file script (%1 for

the first argument, %* for the all arguments).

NOTE: When a custom action script does not specify the path for its

output, the output is placed in the <install area>

\Enterasys

Networks\NetSight Console\server\jboss\bin

directory.

Select elements of the threat message that you want to pass to your program from the

Parameters to pass to program area.

Select a format that will be used for the information that is passed to your program.

When Formatted with keyword is selected, the parameters are passed using a

format that includes a keyword associated with each parameter (e.g.,

keyword="value"

). So, for example, if Sender Name is selected as a parameter, the

keyword sname is used and the information passed to the script would be

sname="dragon_id"

followed by a space and then the keyword and value for the next

parameter. The following table defines the keywords for each parameter and the order

that the values are passed to the script (listed from top to bottom in the table).

Parameter Keyword

Sender Name sname

Sender ID sid

Event Category ecat

Threat IP thip

•

Automated Security Manager Help

How to Create and Edit Automated Security Manager Rules 62