Network state change triggers?

PhillyPhoto
Valued Contributor

Is there anyway to trace what exact network change caused the trigger to run a policy scoped to that? I have some machines that seem to be having issues, and they have a lot of network state changes in their history (I'm running 'jamf log' to update the IP address when triggered). Sometimes this policy runs several times within a few minutes, and I want to see what's causing it. We have 802.1x in our environment, and I would like to be able to eliminate this as a cause.

2 ACCEPTED SOLUTIONS

alexjdale
Valued Contributor III

If it works the way I expect it does, the binary monitors a preference file for any changes and triggers from that. The problem is that the file can change for reasons besides an actual physical network transition.

For that reason, I only use the trigger sparingly. If you need to use it you can script something that will add a "cooldown" by writing a "last run" timestamp to disk and reading it in and exiting if it's been executed in the last minute/hour/whatever.

View solution in original post

PhillyPhoto
Valued Contributor

So this is what I came up with. I made it command agnostic, so I can use it with whatever command I want in the future.

#!/bin/bash

######################################################################################
#
# ABOUT THIS PROGRAM
#
# NAME
#   NetworkStateChange.sh -- Checks for a file modified time before running a command
#
# SYNOPSIS
#   sudo NetworkStateChange.sh
#
######################################################################################
#
# HISTORY
#
#   Version: 1.0
#
#   - v.1.0 Luie Lugo, 08.11.2016
#
######################################################################################

scriptVer="1.0"
cmdToRun="$4"
touchFile="$5"
timeBeforeRun=$(($6*60))

echo "Script Version: $scriptVer"
echo "Running command: "$cmdToRun""
echo "Minimum time (in seconds): $timeBeforeRun"
echo "File to check for: $touchFile"

cmdFunc () {
    ${cmdToRun}
}

if [ -f $touchFile ]
then
    timeDiff=$(( `date +%s` - `stat -f "%a" $touchFile` ))

    echo "File ($touchFile) does exist!"
    echo "Is "$timeDiff" greater than "$(( $timeBeforeRun ))"?"
    if [ "$timeDiff" -gt "$timeBeforeRun" ]
    then
        echo "Yup, running command!"
        cmdFunc
    else
        echo "Nope!"
    fi
else
    echo "File ($touchFile) does NOT exist! Running command!"
    cmdFunc
fi

touch $touchFile

You would then configure the parameters like this:
32db971a0f664cc888517991ff28ac33

View solution in original post

4 REPLIES 4

Look
Valued Contributor III

I have found the network state change triggers to be very poor for basically the same reason. If you have a device using Wi-Fi and Ethernet and a complex 802.1x environment where devices are moved automatically between subnets it just ends up going off all the time!
It needs some kind of timeout so that they can't occur within 60 seconds of each other or something!

alexjdale
Valued Contributor III

If it works the way I expect it does, the binary monitors a preference file for any changes and triggers from that. The problem is that the file can change for reasons besides an actual physical network transition.

For that reason, I only use the trigger sparingly. If you need to use it you can script something that will add a "cooldown" by writing a "last run" timestamp to disk and reading it in and exiting if it's been executed in the last minute/hour/whatever.

PhillyPhoto
Valued Contributor

@alexjdale that's not a bad idea. I'll look at scripting that soon.

PhillyPhoto
Valued Contributor

So this is what I came up with. I made it command agnostic, so I can use it with whatever command I want in the future.

#!/bin/bash

######################################################################################
#
# ABOUT THIS PROGRAM
#
# NAME
#   NetworkStateChange.sh -- Checks for a file modified time before running a command
#
# SYNOPSIS
#   sudo NetworkStateChange.sh
#
######################################################################################
#
# HISTORY
#
#   Version: 1.0
#
#   - v.1.0 Luie Lugo, 08.11.2016
#
######################################################################################

scriptVer="1.0"
cmdToRun="$4"
touchFile="$5"
timeBeforeRun=$(($6*60))

echo "Script Version: $scriptVer"
echo "Running command: "$cmdToRun""
echo "Minimum time (in seconds): $timeBeforeRun"
echo "File to check for: $touchFile"

cmdFunc () {
    ${cmdToRun}
}

if [ -f $touchFile ]
then
    timeDiff=$(( `date +%s` - `stat -f "%a" $touchFile` ))

    echo "File ($touchFile) does exist!"
    echo "Is "$timeDiff" greater than "$(( $timeBeforeRun ))"?"
    if [ "$timeDiff" -gt "$timeBeforeRun" ]
    then
        echo "Yup, running command!"
        cmdFunc
    else
        echo "Nope!"
    fi
else
    echo "File ($touchFile) does NOT exist! Running command!"
    cmdFunc
fi

touch $touchFile

You would then configure the parameters like this:
32db971a0f664cc888517991ff28ac33