Onboard Automation with EEM

Onboard	Automation	with
Embedded	Event	Manager	
Shaila	Sharmin
Senior	Engineer,	Core	&	IP	Network
Banglalion Communications	LTD
Index
• Embedded	Event	Manager	(EEM)	Overview	
• Understanding	EEM	Event	Detectors	
• EEM	Policies	with	sample	scripts
• EEM	Demos
Introduction:	EEM(Embedded	Event	manager	
)
EEM	is	a	software	component	of	cisco	IOS,	XR,	and	NX-OS	that	allows	
you	to	run	a	script	or	a	set	of	commands	upon	an	event	and	makes	life	
easier	for	administrators	by	tracking	and	classifying	events	that	take	
place	on	a	router	and	providing	notification	options	for	those	events.	.	
There	are	two	independent	pieces:	Applets	and	Scripting
->	Applets	are	a	collection	of	CLI	commands
->	Scripts	are	actions	coded	up	in	TCL(interpreter	language)
EEM	Core	Event	Detectors	&	Components
EEM	detectors	can	be
1)	Syslog
2)	CLI	events
3)	Counter
4)	Timers	
5)	SNMP	
6)	IP	SLA	and	Netflows events.
7)	None	:	simply	"event	manager	run"	
command.
EEM	Components:
EEM	server
EEM	publisher	(detector)
EEM	subscriber	(policy)
Determining	the	Version	of	EEM
CISCO	ACCESS	ROUTERS	- Current	Models	
CISCO	ACCESS	ROUTERS	- Old	Models
Determining	the	Version	of	EEM
CISCO	SERVICE	AGGREGATION/CORE	ROUTERS	
CISCO	CATALYST	SWITCHES
Creating	an	EEM	applet
There	are	three	steps	to	creating	this	EEM	applet.
1:	Create	the	applet	and	give	it	a	name
R6(config)#event	manager	applet	Intf_Management
2:	Tell	the	applet	what	to	look	out	for
R6(config-applet)#event	syslog	pattern	"%LINK-5-CHANGED:	Interface	Loopback0,	changed	state	to	administratively	down“
3:	What	do	you	want	the	router	to	do	when	it	sees	what	you	have	defined	in	step	2	– simple!
R6(config-applet)#action	1.0	cli	command	“enable”
R6(config-applet)#action	2.0	cli	command	“conf t”
R6(config-applet)#action	3.0	cli	command	"interface	loopback	0"
R6(config-applet)#action	4.0	cli	command	“no	shut”
R6(config-applet)#action	5.0	cli	command	"end"
R6(config-applet)#action	6.0	cli	command	"who"
R6(config-applet)#action	7.0	mail	server	"58.97.254.49"	to	"s.sharmin@banglalionwimax.com"	from "s.sharmin@banglalionwimax.com"	subject
"ISP1_Interface_loopback	0	SHUTDOWN" body	"Current	users	$_cli_result"
R6(config-applet)#end
Sample	EEM	applet
EEM	Event	Detector	– Syslog	ED
Functionality	
Triggers	Event	on	Matches	for	Syslog	Messages	Based	on	Regular	Expression
Example	
event	syslog	pattern	"%LINK-5-CHANGED:	Interface	Loopback0,	changed	state	to	
administratively	down“
Use	Case	
Troubleshooting,	Automatic	Fault	Detection	and	Alert
Syslog	ED	Example
Syslog	messages	are	the	messages	that	show	up	by	default	on	console.	This	example	shows	the	
syslog	event	detector.	
Configuration:
SMTP	Server	is	reachable,	Loopback0	is	up.
Syslog	ED	Example	continue..
When	the	Loopback0interface	has	been	shutdown,	the	below	applet	automatically	runs	to	turn	on	the	
interface	and	send	the	alert	to	specific	email	address	including	logged	in	user	information.
To	display	the	Embedded	Event	Manager	events	that	have	been	triggered	
in	R1,	use	the	following	command:
Sample	mail	received	by	network	administrator
EEM	Event	Detector	– CLI	ED	
Functionality	
Triggers	Synchronous	or	Asynchronous	Events	When	Certain	CLI	Is	Executed.	Allow	
Custom	CLI	Creation	(EEM	3.0).		
Example	
event	cli	pattern	"reload"	sync	no	skip	yes	occurs	1
Use	Case	
Config Management,	Security,	Feature	Customization
CLI	ED ED	Example
It	can	take	action	based	on	commands	that	are	used	on	the	CLI
Configuration:
Instead	of	looking	for	a	pattern	in	syslog,	this	time	we’re	waiting	for	a	pattern	entered	onto	the	CLI.	
break	down	:
event	cli	pattern:	Defines	the	event	criteria	to	initialize	the	EEM	applet.
sync: Specifies	if	the	policy	should	be	executed	synchronously	before	the	CLI	commands	executes
skip: Indicates	if	the	CLI	commands	should	be	executed
occurs:	Indicates	the	number	of	occurrences	before	the	EEM	applet	is	triggers.
When	we	attempt	to	reload	the	router,	the	results	are	as	expected
EEM	Event	Detector	– Interface	ED	
Functionality	
Triggers	Event	When	Interface	Counters	Cross	Threshold.	22	Counters	Supported,	
Including	input_error,		interface_reset,	transmit_rate,	etc.	
Example	
event	tag	if_1	interface	name	Fa0/0	parameter	input_errors_crc entry-op	ge entry-
val 10	entry-type	increment	poll-interval	60
Use	Case	
Real	Time	Alert	and	Recovery	of	Interface	Error
Interface	ED	Example
Monitor	CRC	errors	on	multiple	WAN	interfaces	and	notify	the	operator	(via	e-mail)	 when	an	
interface	has	more	than	two	errors	per	minute.
Configuration:
event	manager	applet	multiple_if
event	tag	if_1	interface	name	Fa0/0	parameter	input_errors_crc entry-op	ge entry-val 2	entry-type	increment	poll-interval	60
event	tag	if_2	interface	name	Gi01/0	parameter	input_errors_crc entry-op	ge entry-val 2	entry-type	increment	poll-interval	60
trigger
correlate	event	if_1	or	event	if_2		
action	1.0	syslog	msg "CRC	failure	leased	line	$_interface_name"
action	2.0	mail	server		"58.97.254.49"	to	"s.sharmin@banglalionwimax.com"	from	"s.sharmin@banglalionwimax.com"	subject	"CRC	problems	on		
$_info_routername interface	$_interface_name"	body	"CRC	failures	have	exceeded	the	threshold“
To	view	the	registered	policies	on	router	R1,	you	can	use	the	following	command:
EEM	Event	Detector	– Timer	ED	
Functionality	
Triggers	Events	on	Watchdog,	Count	Down,	cron and	Absolute	Timer	
Example	
event	timer	cron cron-entry	"0	19	*	*	0-7"	
event	timer	watchdog	time	300
Use	Case	
System	Monitoring	via	Periodic	Action,	Periodic	Data	Collection	and	Reporting
Timer	ED	Example
This	applet	is	put	into	Cron,	which	will	be	triggered	at	the	exact	specific	time.	It	is	composed	of	5	
values	separated	by	a	space.	Minutes	hours	day	month	{day	of	week	(0-6,	0	is	Sunday)}
Configuration:
EEM	Event	Detector	– SNMP	ED	
Functionality	
Triggers	Event	Based	on	SNMP	OID	Value	Crossing	Predefined	Threshold	
Example	
event	snmp oid " 1.3.6.1.4.1.9.9.109.1.1.1.1.5	"	get-type	exact	entry-op	ge entry-val
50	exit-op	le	exit-val 5	poll-interval	5
Use	Case	
System	Stats	Monitoring	and	Alerting,	e.g.	CPU	and	Memory	Utilization
SNMP	ED	Example
Following	EEM	script	run	the	command	when	the	CPU	goes	above	a	certain	value.	
Configuration:
event	manager	applet	highcpu
event	snmp oid " 1.3.6.1.4.1.9.9.109.1.1.1.1.5	"	get-type	exact	entry-op	ge entry-val 50	exit-op	le	exit-val 5	poll-interval	5
action	1.0	cli	command	"enable"
action	2.0	cli	command	"show	proc cpu sorted"
action	3.0	mail	server	"58.97.254.49"	to	"s.sharmin@banglalionwimax.com"	 from	"s.sharmin@banglalionwimax.com"	 subject	 "High	CPU	Alert"	body	
"$_cli_result"
End
This	will	poll	the	five	second	CPU	utilization	of	the	route	processor	every	five	seconds.		If	the	
utilization	is	at	or	above	50%,	the	event	will	fire.		The	event	will	not	fire	again	until	the	CPU	drops	
below	5%,	then	goes	back	to	50%.
The	definitions	of	variables	are:
highcpu - name	of	the	event	manager	applet/script
1.3.6.1.4.1.9.9.109.1.1.1.1.5	 /	cpmCPUTotal5min	- Object	identifier	(OID)	for	polling	the	total	CPU	utilization	of	the	route	processor	(RP)
entry-val 50	 - CPU	utilization	that	triggers	the	script
poll-interval	0.5	- Frequency	(every	0.5	seconds)	the	script	monitors	the	CPU
EEM	Event	Detector	– IPSLA	ED	
Functionality	
Trigger	Events	When	IPSLA	Test	Results	Cross	Certain	Threshold.	Integrated	with	Auto	
IPSLA	Group	to	Monitor	Large	Number	of	IPSLA	Operation	Results	
Example	
event	manager	applet	watch-jitter	
event	ipsla operation-id	1	reaction-type	jitterAvg
action	001	cli command	"enable"	
action	002	if	$_ipsla_measured_threshold_value >	$_ipsla_threshold_rising
action	003		cli command	"config t"	
action	004		cli command	"ip	route	10.10.20.0	255.255.255.0	192.168.15.1"	
action	005		cli command	"end“	
Use	Case	
Link	Failure	Detection,	Diagnostics	and	Recovery	
The	definitions	of	variables	are:
operation-id	 - Specifies	the	IP	SLAs	operation	ID.
operation-id-value	- Number	in	the	range	from	1	to	2147483647.
reaction-type		- Specifies	the	reaction	to	be	taken	for	the	specified	IP	SLAs	operation.
jitterAvg Jitter	Average	in	both	the	directions
EEM	TCL-Based	Policy	Example
EEM	scripts	are	written	using	TCL.	TCL	
(Tool	Control	Language)	is	a	scripting	
language	used	 by	Cisco	for	testing	and	
automating	of	various	functions	in	the	
IOS.	In	this	example,	small	TCL	script	
configured	to	check	reachability	of	few	
IP	from	the	Core	router.
EEM	Demos
The	Problem	: An	Enterprise	network	connected	with	two	ISP.	While	load	sharing	
traffic	with	both	ISP	,	if	one	link	to	ISP	fails	then	traffic	should	shift	to	another	ISP.
But	NAT	translations	are	not	clearing	after	the	primary	link	fails.	When	the	primary	
link	recovers	,	traffic	still	going	over	the	back-up	link.
The	Solution	:	Using	IP	SLA	and	EEM	applet	to	failover	the	traffic	using	NAT.
1. Dual	ISP:	NAT	Problem
Topology
EEM	Action	
event	manager	applet	link-ISP-1-Down
event	syslog	pattern	"1	ip sla 1	reachability	 Up->Down"
action	1.0	cli	command	"enable"
action	1.1	cli	command	"configure	terminal"
action	1.2	cli	command	"no	ip nat inside	source	list	101	interface	GigabitEthernet1/0	overload"
action	1.3	cli	command	"no	ip nat inside	source	list	102	interface	GigabitEthernet2/0	overload"
action	1.4	cli	command	"ip nat inside	source	list	100	interface	GigabitEthernet2/0	overload"
event	manager	applet	link-ISP-1-UP
event	syslog	pattern	"1	ip sla 1	reachability	 Down->Up"
action	1.0	cli	command	"enable"
action	1.1	cli	command	"configure	terminal"
action	1.2	cli	command	"no	ip nat inside	source	list	100	interface	GigabitEthernet2/0	overload"
action	1.3	cli	command	"ip nat inside	source	list	102	interface	GigabitEthernet2/0	overload"
action	1.4	cli	command	"ip nat inside	source	list	101	interface	GigabitEthernet1/0	overload"
event	manager	applet	link-ISP-2-Down
event	syslog	pattern	"2	ip sla 2	reachability	 Up->Down"
action	1.0	cli	command	"enable"
action	1.1	cli	command	"configure	terminal"
action	1.2	cli	command	"no	ip nat inside	source	list	101	interface	GigabitEthernet1/0	overload"
action	1.3	cli	command	"no	ip nat inside	source	list	102	interface	GigabitEthernet2/0	overload"
action	1.4	cli	command	"ip nat inside	source	list	100	interface	GigabitEthernet1/0	overload"
event	manager	applet	link-ISP-2-UP
event	syslog	pattern	"2	ip sla 2	reachability	 Down->Up"
action	1.0	cli	command	"enable"
action	1.1	cli	command	"configure	terminal"
action	1.2	cli	command	"no	ip nat inside	source	list	100	interface	GigabitEthernet1/0	overload"
action	1.3	cli	command	"ip nat inside	source	list	102	interface	GigabitEthernet2/0	overload"
action	1.4	cli	command	"ip nat inside	source	list	101	interface	GigabitEthernet1/0	overload"
!
Resources
• Support forums for this technology are GREAT
• “Living” documentat https://supportforums.cisco.com/docs/DOC-12757 Contains helpful tips
and tricks to get the most out of EEM .
• For reading material and further resources for this session,visit www.pearson-
books.com/CLMilan2014.
• https://networklessons.com/network-management/cisco-ios-embedded-event-manager/.
• http://www.techtutsonline.com/cisco-ios-embedded-event-manager/
• http://www.cisco.com/c/en/us/td/docs/ios/netmgmt/configuration/guide/12_2sx/nm_12_2sx_bo
ok/nm_eem_overview.htmlfor basic info
• http://www.cisco.com/c/en/us/td/docs/ios/netmgmt/configuration/guide/12_2sx/nm_12_2sx_bo
ok/nm_eem_policy_cli.htmlfor Policies Using the Cisco IOS CLI
• http://www.cisco.com/c/en/us/td/docs/ios/netmgmt/configuration/guide/12_2sx/nm_12_2sx_bo
ok/nm_eem_policy_tcl.htmlfor Policies Using Tcl
Questions?
1 of 27

Recommended

Embedded Event Manager (EEM) on IOS (CiscoLive 2015) by
Embedded Event Manager (EEM) on IOS (CiscoLive 2015)Embedded Event Manager (EEM) on IOS (CiscoLive 2015)
Embedded Event Manager (EEM) on IOS (CiscoLive 2015)Arie Vayner
1.2K views81 slides
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK by
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
593 views142 slides
Automating for Monitoring and Troubleshooting your Cisco IOS Network by
Automating for Monitoring and Troubleshooting your Cisco IOS NetworkAutomating for Monitoring and Troubleshooting your Cisco IOS Network
Automating for Monitoring and Troubleshooting your Cisco IOS NetworkCisco Canada
9.7K views73 slides
Empower Your Security Practitioners with Elastic SIEM by
Empower Your Security Practitioners with Elastic SIEMEmpower Your Security Practitioners with Elastic SIEM
Empower Your Security Practitioners with Elastic SIEMElasticsearch
6.3K views31 slides
Presentation f5 – beyond load balancer by
Presentation   f5 – beyond load balancerPresentation   f5 – beyond load balancer
Presentation f5 – beyond load balancerxKinAnx
15.4K views47 slides
McAfee SIEM solution by
McAfee SIEM solution McAfee SIEM solution
McAfee SIEM solution hashnees
4K views64 slides

More Related Content

What's hot

Cybersecurity by
CybersecurityCybersecurity
CybersecuritySanjana Agarwal
1.1K views31 slides
What is IANA? by
What is IANA?What is IANA?
What is IANA?ICANN
2.5K views12 slides
At&t cybersecurity introduction with alien vault by
At&t cybersecurity introduction with alien vaultAt&t cybersecurity introduction with alien vault
At&t cybersecurity introduction with alien vaultMohamed Abdelhakim
801 views23 slides
Defend Your Data Now with the MITRE ATT&CK Framework by
Defend Your Data Now with the MITRE ATT&CK FrameworkDefend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK FrameworkTripwire
938 views45 slides
Next-Gen security operation center by
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation centerMuhammad Sahputra
1.3K views20 slides
Workshop Trend Micro by
Workshop Trend MicroWorkshop Trend Micro
Workshop Trend MicroAymen Mami
3.1K views162 slides

What's hot(20)

What is IANA? by ICANN
What is IANA?What is IANA?
What is IANA?
ICANN2.5K views
At&t cybersecurity introduction with alien vault by Mohamed Abdelhakim
At&t cybersecurity introduction with alien vaultAt&t cybersecurity introduction with alien vault
At&t cybersecurity introduction with alien vault
Mohamed Abdelhakim801 views
Defend Your Data Now with the MITRE ATT&CK Framework by Tripwire
Defend Your Data Now with the MITRE ATT&CK FrameworkDefend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK Framework
Tripwire938 views
Workshop Trend Micro by Aymen Mami
Workshop Trend MicroWorkshop Trend Micro
Workshop Trend Micro
Aymen Mami3.1K views
The Elastic Stack as a SIEM by John Hubbard
The Elastic Stack as a SIEMThe Elastic Stack as a SIEM
The Elastic Stack as a SIEM
John Hubbard3K views
VoIP Wars: Attack of the Cisco Phones by Fatih Ozavci
VoIP Wars: Attack of the Cisco PhonesVoIP Wars: Attack of the Cisco Phones
VoIP Wars: Attack of the Cisco Phones
Fatih Ozavci72.1K views
The next generation of IT security by Sophos Benelux
The next generation of IT securityThe next generation of IT security
The next generation of IT security
Sophos Benelux1.2K views
Quantum SD-WAN - High Level Customer PPT - 1-Mar-2023.pdf by MiguelFernandoBarrio
Quantum SD-WAN - High Level Customer PPT - 1-Mar-2023.pdfQuantum SD-WAN - High Level Customer PPT - 1-Mar-2023.pdf
Quantum SD-WAN - High Level Customer PPT - 1-Mar-2023.pdf
TechWiseTV Workshop: Cisco Stealthwatch and ISE by Robb Boyd
TechWiseTV Workshop: Cisco Stealthwatch and ISETechWiseTV Workshop: Cisco Stealthwatch and ISE
TechWiseTV Workshop: Cisco Stealthwatch and ISE
Robb Boyd2K views
Cisco CCNA- NAT Configuration by Hamed Moghaddam
Cisco CCNA- NAT ConfigurationCisco CCNA- NAT Configuration
Cisco CCNA- NAT Configuration
Hamed Moghaddam3.8K views
OWASP Melbourne - Introduction to iOS Application Penetration Testing by eightbit
OWASP Melbourne - Introduction to iOS Application Penetration TestingOWASP Melbourne - Introduction to iOS Application Penetration Testing
OWASP Melbourne - Introduction to iOS Application Penetration Testing
eightbit8.4K views
ISO 27001 - information security user awareness training presentation -part 2 by Tanmay Shinde
ISO 27001 - information security user awareness training presentation -part 2ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2
Tanmay Shinde4.7K views
Howto createOpenFlow Switchusing FPGA (at FPGAX#6) by Kentaro Ebisawa
Howto createOpenFlow Switchusing FPGA (at FPGAX#6)Howto createOpenFlow Switchusing FPGA (at FPGAX#6)
Howto createOpenFlow Switchusing FPGA (at FPGAX#6)
Kentaro Ebisawa2.6K views

Viewers also liked

RPKI Deployment Status in Bangladesh by
RPKI Deployment Status in Bangladesh RPKI Deployment Status in Bangladesh
RPKI Deployment Status in Bangladesh Bangladesh Network Operators Group
845 views35 slides
Community Tools to Fight Against DDoS by
Community Tools to Fight Against DDoS Community Tools to Fight Against DDoS
Community Tools to Fight Against DDoS Bangladesh Network Operators Group
1.2K views28 slides
The Future of SIP in WebRTC by
The Future of SIP in WebRTCThe Future of SIP in WebRTC
The Future of SIP in WebRTCBangladesh Network Operators Group
8K views11 slides
বাংলায় নেটওয়ার্কিং স্বাদ! by
বাংলায় নেটওয়ার্কিং স্বাদ!বাংলায় নেটওয়ার্কিং স্বাদ!
বাংলায় নেটওয়ার্কিং স্বাদ!Bangladesh Network Operators Group
1.9K views16 slides
Misused top ASNs by
Misused top ASNsMisused top ASNs
Misused top ASNsBangladesh Network Operators Group
659 views17 slides
Prefix Filtering BCP by
Prefix Filtering BCP Prefix Filtering BCP
Prefix Filtering BCP Bangladesh Network Operators Group
812 views32 slides

Viewers also liked(20)

Similar to Onboard Automation with EEM

LogChaos: Challenges and Opportunities of Security Log Standardization by
LogChaos: Challenges and Opportunities of Security Log StandardizationLogChaos: Challenges and Opportunities of Security Log Standardization
LogChaos: Challenges and Opportunities of Security Log StandardizationAnton Chuvakin
2.2K views32 slides
NA Element May 2014 Webinar_Widescreen Format by
NA Element May 2014 Webinar_Widescreen FormatNA Element May 2014 Webinar_Widescreen Format
NA Element May 2014 Webinar_Widescreen FormatMichael Christofferson
428 views26 slides
Syslog for SIEM using iSecurity by
Syslog for SIEM using iSecurity Syslog for SIEM using iSecurity
Syslog for SIEM using iSecurity Raz-Lee Security
469 views22 slides
Windows内核技术介绍 by
Windows内核技术介绍Windows内核技术介绍
Windows内核技术介绍jeffz
2.3K views40 slides
SNMP Network Tracker Project by
SNMP Network Tracker ProjectSNMP Network Tracker Project
SNMP Network Tracker ProjectPraveen Mathews
1.8K views21 slides
Tavve Zone Ranger by
Tavve   Zone RangerTavve   Zone Ranger
Tavve Zone RangerJeff Olson
784 views15 slides

Similar to Onboard Automation with EEM (20)

LogChaos: Challenges and Opportunities of Security Log Standardization by Anton Chuvakin
LogChaos: Challenges and Opportunities of Security Log StandardizationLogChaos: Challenges and Opportunities of Security Log Standardization
LogChaos: Challenges and Opportunities of Security Log Standardization
Anton Chuvakin2.2K views
Windows内核技术介绍 by jeffz
Windows内核技术介绍Windows内核技术介绍
Windows内核技术介绍
jeffz2.3K views
Tavve Zone Ranger by Jeff Olson
Tavve   Zone RangerTavve   Zone Ranger
Tavve Zone Ranger
Jeff Olson784 views
fUML-Driven Design and Performance Analysis of Software Agents for Wireless S... by Luca Berardinelli
fUML-Driven Design and Performance Analysis of Software Agents for Wireless S...fUML-Driven Design and Performance Analysis of Software Agents for Wireless S...
fUML-Driven Design and Performance Analysis of Software Agents for Wireless S...
Luca Berardinelli650 views
Exploring the Final Frontier of Data Center Orchestration: Network Elements -... by Puppet
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
Puppet2.2K views
Configuring Data Sources in AlienVault by AlienVault
Configuring Data Sources in AlienVaultConfiguring Data Sources in AlienVault
Configuring Data Sources in AlienVault
AlienVault5.8K views
Threat intelligence solution by ARUN REDDY M
Threat intelligence solutionThreat intelligence solution
Threat intelligence solution
ARUN REDDY M99 views
RTI-CODES+ISSS-2012-Submission-1 by Serge Amougou
RTI-CODES+ISSS-2012-Submission-1RTI-CODES+ISSS-2012-Submission-1
RTI-CODES+ISSS-2012-Submission-1
Serge Amougou195 views
Automate threat detections and avoid false positives by Elasticsearch
  Automate threat detections and avoid false positives  Automate threat detections and avoid false positives
Automate threat detections and avoid false positives
Elasticsearch524 views
Managing enterprise networks with cisco prime infrastructure_ 1 of 2 by Abdullaziz Tagawy
Managing enterprise networks with cisco prime infrastructure_ 1 of 2Managing enterprise networks with cisco prime infrastructure_ 1 of 2
Managing enterprise networks with cisco prime infrastructure_ 1 of 2
Abdullaziz Tagawy254 views

More from Bangladesh Network Operators Group

IPv6 Deployment in South Asia 2022 by
IPv6 Deployment in South Asia  2022IPv6 Deployment in South Asia  2022
IPv6 Deployment in South Asia 2022Bangladesh Network Operators Group
43 views20 slides
Introduction to Software Defined Networking (SDN) by
Introduction to Software Defined Networking (SDN)Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Bangladesh Network Operators Group
138 views27 slides
RPKI Deployment Status in Bangladesh by
RPKI Deployment Status in BangladeshRPKI Deployment Status in Bangladesh
RPKI Deployment Status in BangladeshBangladesh Network Operators Group
45 views21 slides
An Overview about open UDP Services by
An Overview about open UDP ServicesAn Overview about open UDP Services
An Overview about open UDP ServicesBangladesh Network Operators Group
217 views15 slides
12 Years in DNS Security As a Defender by
12 Years in DNS Security As a Defender12 Years in DNS Security As a Defender
12 Years in DNS Security As a DefenderBangladesh Network Operators Group
111 views21 slides
Contents Localization Initiatives to get better User Experience by
Contents Localization Initiatives to get better User ExperienceContents Localization Initiatives to get better User Experience
Contents Localization Initiatives to get better User ExperienceBangladesh Network Operators Group
71 views31 slides

More from Bangladesh Network Operators Group(20)

Recently uploaded

Existing documentaries (1).docx by
Existing documentaries (1).docxExisting documentaries (1).docx
Existing documentaries (1).docxMollyBrown86
13 views5 slides
𝐒𝐨𝐥𝐚𝐫𝐖𝐢𝐧𝐝𝐬 𝐂𝐚𝐬𝐞 𝐒𝐭𝐮𝐝𝐲 by
𝐒𝐨𝐥𝐚𝐫𝐖𝐢𝐧𝐝𝐬 𝐂𝐚𝐬𝐞 𝐒𝐭𝐮𝐝𝐲𝐒𝐨𝐥𝐚𝐫𝐖𝐢𝐧𝐝𝐬 𝐂𝐚𝐬𝐞 𝐒𝐭𝐮𝐝𝐲
𝐒𝐨𝐥𝐚𝐫𝐖𝐢𝐧𝐝𝐬 𝐂𝐚𝐬𝐞 𝐒𝐭𝐮𝐝𝐲Infosec train
9 views6 slides
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdf by
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdfOpportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdfRIPE NCC
9 views12 slides
informing ideas.docx by
informing ideas.docxinforming ideas.docx
informing ideas.docxMollyBrown86
12 views10 slides
UiPath Document Understanding_Day 2.pptx by
UiPath Document Understanding_Day 2.pptxUiPath Document Understanding_Day 2.pptx
UiPath Document Understanding_Day 2.pptxRohitRadhakrishnan8
292 views21 slides
AI Powered event-driven translation bot by
AI Powered event-driven translation botAI Powered event-driven translation bot
AI Powered event-driven translation botJimmy Dahlqvist
16 views31 slides

Recently uploaded(20)

Existing documentaries (1).docx by MollyBrown86
Existing documentaries (1).docxExisting documentaries (1).docx
Existing documentaries (1).docx
MollyBrown8613 views
𝐒𝐨𝐥𝐚𝐫𝐖𝐢𝐧𝐝𝐬 𝐂𝐚𝐬𝐞 𝐒𝐭𝐮𝐝𝐲 by Infosec train
𝐒𝐨𝐥𝐚𝐫𝐖𝐢𝐧𝐝𝐬 𝐂𝐚𝐬𝐞 𝐒𝐭𝐮𝐝𝐲𝐒𝐨𝐥𝐚𝐫𝐖𝐢𝐧𝐝𝐬 𝐂𝐚𝐬𝐞 𝐒𝐭𝐮𝐝𝐲
𝐒𝐨𝐥𝐚𝐫𝐖𝐢𝐧𝐝𝐬 𝐂𝐚𝐬𝐞 𝐒𝐭𝐮𝐝𝐲
Infosec train9 views
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdf by RIPE NCC
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdfOpportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
RIPE NCC9 views
AI Powered event-driven translation bot by Jimmy Dahlqvist
AI Powered event-driven translation botAI Powered event-driven translation bot
AI Powered event-driven translation bot
Jimmy Dahlqvist16 views
IETF 118: Starlink Protocol Performance by APNIC
IETF 118: Starlink Protocol PerformanceIETF 118: Starlink Protocol Performance
IETF 118: Starlink Protocol Performance
APNIC186 views
UiPath Document Understanding_Day 3.pptx by UiPathCommunity
UiPath Document Understanding_Day 3.pptxUiPath Document Understanding_Day 3.pptx
UiPath Document Understanding_Day 3.pptx
UiPathCommunity101 views
Building trust in our information ecosystem: who do we trust in an emergency by Tina Purnat
Building trust in our information ecosystem: who do we trust in an emergencyBuilding trust in our information ecosystem: who do we trust in an emergency
Building trust in our information ecosystem: who do we trust in an emergency
Tina Purnat92 views
PORTFOLIO 1 (Bret Michael Pepito).pdf by brejess0410
PORTFOLIO 1 (Bret Michael Pepito).pdfPORTFOLIO 1 (Bret Michael Pepito).pdf
PORTFOLIO 1 (Bret Michael Pepito).pdf
brejess04107 views
Serverless cloud architecture patterns by Jimmy Dahlqvist
Serverless cloud architecture patternsServerless cloud architecture patterns
Serverless cloud architecture patterns
Jimmy Dahlqvist17 views
We see everywhere that many people are talking about technology.docx by ssuserc5935b
We see everywhere that many people are talking about technology.docxWe see everywhere that many people are talking about technology.docx
We see everywhere that many people are talking about technology.docx
ssuserc5935b6 views
google forms survey (1).pptx by MollyBrown86
google forms survey (1).pptxgoogle forms survey (1).pptx
google forms survey (1).pptx
MollyBrown8614 views

Onboard Automation with EEM