Secure SD-WAN Engine scripts run when the Secure SD-WAN Engine changes its state.
The script names and locations cannot be changed. If the scripts are not found, engine operation continues as normal. If a script is found, it is executed and a log entry is created. To stop scripts from running, you must delete or move the script.
Note: If you want to use a script in a cluster, create or copy the script on all nodes in the cluster. Then all nodes function in the same way when their state changes.
Steps
-
Create a text file with the commands you want the engine to execute (the first line of the script must be
#!/bin/sh
) in one of the following ways:
- Create and edit the script on the engine’s command line using the vi text editor.
- Create and edit the script on a different host and transfer the file to the engine, for example, using SSH.
-
Save the script in the correct folder on the engine.
Table 1. Possible scripts on the engines
Triggering event |
Script location and name |
Engine operating system boots |
/data/run-at-boot |
Administrator refreshes or installs the policy |
/data/run-at-policy-apply |
Engine enters the Online state |
/data/run-at-online |
Administrator issued the ‘Lock Online’ command |
/data/run-at-locked-online |
Engine enters the Offline state |
/data/run-at-offline |
Administrator issued the ‘Lock Offline’ command |
/data/run-at-locked-offline |
Engine enters the Standby state |
/data/run-at-standby |
-
Make the file executable by typing the following command:
chmod a+x /data/<script name>
Result
The script is executed whenever the engine encounters the triggering event for running the script.