Help

Network state change triggers?

Go to solution
PhillyPhoto
Valued Contributor

Posted on ‎11-07-2016 11:34 AM

Is there anyway to trace what exact network change caused the trigger to run a policy scoped to that? I have some machines that seem to be having issues, and they have a lot of network state changes in their history (I'm running 'jamf log' to update the IP address when triggered). Sometimes this policy runs several times within a few minutes, and I want to see what's causing it. We have 802.1x in our environment, and I would like to be able to eliminate this as a cause.

Labels:
0 Kudos
Reply
2 ACCEPTED SOLUTIONS

Go to solution
alexjdale
Valued Contributor III

Posted on ‎11-07-2016 02:06 PM

If it works the way I expect it does, the binary monitors a preference file for any changes and triggers from that. The problem is that the file can change for reasons besides an actual physical network transition.

For that reason, I only use the trigger sparingly. If you need to use it you can script something that will add a "cooldown" by writing a "last run" timestamp to disk and reading it in and exiting if it's been executed in the last minute/hour/whatever.

View solution in original post

0 Kudos
Reply

Go to solution
PhillyPhoto
Valued Contributor

Posted on ‎11-08-2016 09:07 AM

So this is what I came up with. I made it command agnostic, so I can use it with whatever command I want in the future. 

#!/bin/bash

######################################################################################
#
# ABOUT THIS PROGRAM
#
# NAME
#   NetworkStateChange.sh -- Checks for a file modified time before running a command
#
# SYNOPSIS
#   sudo NetworkStateChange.sh
#
######################################################################################
#
# HISTORY
#
#   Version: 1.0
#
#   - v.1.0 Luie Lugo, 08.11.2016
#
######################################################################################

scriptVer="1.0"
cmdToRun="$4"
touchFile="$5"
timeBeforeRun=$(($6*60))

echo "Script Version: $scriptVer"
echo "Running command: "$cmdToRun""
echo "Minimum time (in seconds): $timeBeforeRun"
echo "File to check for: $touchFile"

cmdFunc () {
    ${cmdToRun}
}

if [ -f $touchFile ]
then
    timeDiff=$(( `date +%s` - `stat -f "%a" $touchFile` ))

    echo "File ($touchFile) does exist!"
    echo "Is "$timeDiff" greater than "$(( $timeBeforeRun ))"?"
    if [ "$timeDiff" -gt "$timeBeforeRun" ]
    then
        echo "Yup, running command!"
        cmdFunc
    else
        echo "Nope!"
    fi
else
    echo "File ($touchFile) does NOT exist! Running command!"
    cmdFunc
fi

touch $touchFile

You would then configure the parameters like this:
32db971a0f664cc888517991ff28ac33

View solution in original post

0 Kudos
Reply
4 REPLIES 4

Go to solution
Look
Valued Contributor III

Posted on ‎11-07-2016 11:57 AM

I have found the network state change triggers to be very poor for basically the same reason. If you have a device using Wi-Fi and Ethernet and a complex 802.1x environment where devices are moved automatically between subnets it just ends up going off all the time!
It needs some kind of timeout so that they can't occur within 60 seconds of each other or something!

0 Kudos
Reply

Go to solution
alexjdale
Valued Contributor III

Posted on ‎11-07-2016 02:06 PM

If it works the way I expect it does, the binary monitors a preference file for any changes and triggers from that. The problem is that the file can change for reasons besides an actual physical network transition.

For that reason, I only use the trigger sparingly. If you need to use it you can script something that will add a "cooldown" by writing a "last run" timestamp to disk and reading it in and exiting if it's been executed in the last minute/hour/whatever.

0 Kudos
Reply

Go to solution
PhillyPhoto
Valued Contributor

Posted on ‎11-07-2016 03:11 PM

@alexjdale that's not a bad idea. I'll look at scripting that soon.

0 Kudos
Reply

Go to solution
PhillyPhoto
Valued Contributor

Posted on ‎11-08-2016 09:07 AM

So this is what I came up with. I made it command agnostic, so I can use it with whatever command I want in the future. 

#!/bin/bash

######################################################################################
#
# ABOUT THIS PROGRAM
#
# NAME
#   NetworkStateChange.sh -- Checks for a file modified time before running a command
#
# SYNOPSIS
#   sudo NetworkStateChange.sh
#
######################################################################################
#
# HISTORY
#
#   Version: 1.0
#
#   - v.1.0 Luie Lugo, 08.11.2016
#
######################################################################################

scriptVer="1.0"
cmdToRun="$4"
touchFile="$5"
timeBeforeRun=$(($6*60))

echo "Script Version: $scriptVer"
echo "Running command: "$cmdToRun""
echo "Minimum time (in seconds): $timeBeforeRun"
echo "File to check for: $touchFile"

cmdFunc () {
    ${cmdToRun}
}

if [ -f $touchFile ]
then
    timeDiff=$(( `date +%s` - `stat -f "%a" $touchFile` ))

    echo "File ($touchFile) does exist!"
    echo "Is "$timeDiff" greater than "$(( $timeBeforeRun ))"?"
    if [ "$timeDiff" -gt "$timeBeforeRun" ]
    then
        echo "Yup, running command!"
        cmdFunc
    else
        echo "Nope!"
    fi
else
    echo "File ($touchFile) does NOT exist! Running command!"
    cmdFunc
fi

touch $touchFile

You would then configure the parameters like this:
32db971a0f664cc888517991ff28ac33

0 Kudos
Reply