Monday, March 31, 2014

How can I use a script to customize the snmp utility mib?

Juniper has a custom mib called the utility-mib where you can populate this with any value you want. This could be useful if say you want to create a custom counter. Your snmp server can then retrieve this information and use it.

example via cli

jnpr@Chef-RE0> request snmp utility-mib set instance test object-type string object-value ABC
Utility mib result: successfully populated utility mib database

jnpr@Chef-RE0> show snmp mib walk jnxUtil
jnxUtilStringValue.116.101.115.116 = ABC

jnpr@Chef-RE0> request snmp utility-mib clear instance test object-type string
Utility mib result: successfully de-populated utility mib database

jnpr@Chef-RE0> show snmp mib walk jnxUtil

----------
via script:


jnpr@Chef-RE0> op mib-util value "Hello World"

jnpr@Chef-RE0> show snmp mib walk jnxUtil
jnxUtilStringValue.116.101.115.116 = Hello World


---------------------------------------------------








version 1.0;

ns junos = "http://xml.juniper.net/junos/*/junos";
ns xnm = "http://xml.juniper.net/xnm/1.1/xnm";
ns jcs = "http://xml.juniper.net/junos/commit-scripts/1.0";
ns ext = "http://xmlsoft.org/XSLT/namespace";

import "../import/junos.xsl";

var $arguments = <argument> {
    <name> "value";
    <description> "object value";
}
param $value;

match / {

        <op-script-results> {



                var $mibset-subs = <request-snmp-utility-mib-set> {

                    <object-type> "string";

                    <instance> "test";

                    <object-value> $value;

                }

                var $result=jcs:invoke($mibset-subs);

                }

Sunday, March 30, 2014

Op script - Sort of an array

Defining ENUM-like data structure in the script itself. A simple tutorial script on how to sort via slax.


[edit]
jnpr@Boomer-RE0# run op array    
10.10.10.3
10.10.10.2
10.10.10.1

---------------
version 1.0;
 
ns junos = "http://xml.juniper.net/junos/*/junos";
ns xnm = "http://xml.juniper.net/xnm/1.1/xnm";
ns jcs = "http://xml.juniper.net/junos/commit-scripts/1.0";
 
import "../import/junos.xsl";
 
match / {
    <op-script-results> {
        <output method= "text"> {

            var $enum := {
               <ipaddr>"10.10.10.1";
               <ipaddr>"10.10.10.2";
               <ipaddr>"10.10.10.3";
            }


            for-each ($enum/ipaddr) { 
                <xsl:sort select = "." order = "descending">;
                expr . _ "\n";
            }
        }
    }
}

Saturday, March 29, 2014

Split an IP address and convert decimal to hex using Junos scripting

Here's a simple script to convert decimal to hex. There could be a reason to get the hex value of an ip address.
user@router# run op HEX
BEFORE 192.168.1.1
AFTER C0A811
script
-------------
version 1.0;
/* OP SCRIPT BY FERDINAND */
ns junos = "http://xml.juniper.net/junos/*/junos";
ns xnm = "http://xml.juniper.net/xnm/1.1/xnm";
ns jcs = "http://xml.juniper.net/junos/commit-scripts/1.0";
import "../import/junos.xsl";
match / {
    <op-script-results> {
        <output method= "text"> {
        var $ip_address = "192.168.1.1";
          expr "BEFORE " _ $ip_address _ "\n";
          var $field = jcs:split('\\.', $ip_address);
          expr "AFTER ";
            for-each ($field) {
               call dec_to_hex($value = .);
            }
        }
    }
}
template dec_to_hex ($value) {
    if ($value >= 16) {
        call dec_to_hex($value = floor($value div 16));
    }
    var $hex_digits = "0123456789ABCDEF";
    expr substring($hex_digits,($value mod 16) + 1, 1);
}

Thursday, March 27, 2014

Network Automation - Creating routing instances using a Juniper commit script

Juniper has a scripting language called slax. This language is based on XML. By using a commit script, a network administrator can automate creating Customer tenant vpls instances. If you have a predefined template of how you create your instances and want to simplify this with only 1 command you can do the following.

There is a hidden command called apply-macro. The apply-macro is a place holder for arguments to pass to a commit script. This commit script will create a vpls instance, using the router-id as part of the route distinguisher, the last octect will be used for the site-identifier and will automatically increment the routing-instance name VPLS_CUST_X by counting how many routing instances were previously built. To add a customer name use the argument name "cust" followed by the name in the apply-macro. The script will also use the system host-name to create the VPLS name of the site. After committing, the script will delete the apply-macro. There is also error checking to see if the router-id and AS number is present.

first put the script in your /var/db/scripts/commit directory on the router and then point to the script
---------

user@router# show system
scripts {
    commit {
        file vpls-add.slax;
    }
}
script in action
---------
user@router# set routing-instances apply-macro vpls-add ifl xe-3/2/0.513

[edit]
user@router# show routing-instances
apply-macro vpls-add {
    ifl xe-3/2/0.513;
}

[edit]
user@router# commit
warning: host-name is router
warning:                VPLS NAME is VPLS_CUST_1
                        router-id is 1.1.1.1
                        SID is 1
                        IFL is xe-3/2/0.513
                        RD is 513
                        COUNT is 0
[edit routing-instances apply-macro vpls-add data ifl]
  warning: Adding routing instance VPLS_CUST_1
[edit]
  warning: deleting apply-macro vpls-add
commit complete

[edit]
user@router# show interfaces xe-3/2/0
vlan-tagging;
encapsulation extended-vlan-vpls;
unit 513 {
    vlan-id 513;
    family vpls;
}

[edit]
user@router# show routing-instances
VPLS_CUST_1 {
    instance-type vpls;
    vlan-id 513;
    interface xe-3/2/0.513;
    route-distinguisher 1.1.1.1:513;
    vrf-target target:100:513;
    protocols {
        vpls {
            site router_513 {
                site-identifier 1;
                interface xe-3/2/0.513;
            }
        }
    }
}


user@router# set routing-instances apply-macro vpls-add ifl xe-3/2/0.514

[edit]
user@router# set routing-instances apply-macro vpls-add cust JNPR_USER

[edit]
user@router# commit
warning: host-name is router
warning:                VPLS NAME is JNPR_USER
                        router-id is 1.1.1.1
                        SID is 1
                        IFL is xe-3/2/0.514
                        RD is 514
                        COUNT is 1
[edit routing-instances apply-macro vpls-add data ifl]
  warning: Adding routing instance JNPR_USER
[edit]
  warning: deleting apply-macro vpls-add
commit complete

[edit]
user@router# show routing-instances
JNPR_USER {
    instance-type vpls;
    vlan-id 514;
    interface xe-3/2/0.514;
    route-distinguisher 1.1.1.1:514;
    vrf-target target:100:514;
    protocols {
        vpls {
            site router_514 {
                site-identifier 1;
                interface xe-3/2/0.514;
            }
        }
    }
}

script
--------------------------------

version 1.0;


/*
* This script builds VPLS instances based on the following apply-macro layout
* config line: set routing-instances apply-macro vpls-add ifl xe-3/2/0.513
 */
ns junos = "http://xml.juniper.net/junos/*/junos";
ns xnm = "http://xml.juniper.net/xnm/1.1/xnm";
ns jcs = "http://xml.juniper.net/junos/commit-scripts/1.0";

import "../import/junos.xsl";

match configuration {
    if (routing-instances/apply-macro[name == "vpls-add"]) {
        var $instance = routing-instances;
        var $count = count(routing-instances/instance);
        var $lo0 = routing-options/router-id;
        var $rid = normalize-space($lo0);
        
        if (not($lo0)) {
            <xnm:error> {
                <message> "\"no router-id, please configure router-id under routing-options\"";
            }
        }
        var $ASN = routing-options/autonomous-system;
        var $AS = normalize-space($ASN);
        if (not($ASN)) {
            <xnm:error> {
                <message> "\"no autonomous-system, please configure autonomous-system under routing-options\"";
            }
        }
        var $HOST = system/host-name;
        <xnm:warning> {
            <message> {
                expr "host-name is ";
                expr $HOST;
            }
        }
        var $site = substring-before($rid, ".");
        
        for-each ($instance/apply-macro/data[starts-with(name, "ifl")]) {
            var $ifname = ./value;
            var $if = normalize-space($ifname);
            var $rd = substring-after($ifname, ".");
            var $ifl = substring-before($ifname, ".");
            expr "\n\n* Check to see if there is a Customer name. If not then pre-assign one.\n";
            var $name = $instance/apply-macro/data[name == "cust"]/value;
            var $cust = {
                if (not($name)) {
                    expr "VPLS_CUST_";
                    expr $count + 1;
                
                } else {
                    expr $name;
                }
            }
            expr "\n\n* Check to see if there is a vlan id. If not then use the ifl.\n";
            var $vlan = $instance/apply-macro/data[name == "vlan"]/value;
            var $vid = {
                if (not($vlan)) {
                    expr $rd;
                
                } else {
                    expr $vlan;
                }
            }
            <xnm:warning> {
                <message> {
                    expr "\n                        VPLS NAME is ";
                    expr $cust;
                    expr "\n                        router-id is ";
                    expr $rid;
                    expr "\n                        SID is ";
                    expr $site;
                    expr "\n                    IFL is ";
                    expr $if;
                    expr "\n                    RD is ";
                    expr $vid;
                    expr "\n                        COUNT is ";
                    expr $count;
                }
            }
            expr "\n\n\n* ADD INTERFACE\n                ";
            <change> {
                <interfaces> {
                    <interface> {
                        <name> $ifl;
                        <vlan-tagging>;
                        <encapsulation> "extended-vlan-vpls";
                        <unit> {
                            <name> $rd;
                            <vlan-id> $vid;
                            <family> {
                                <vpls> ;
                            }
                        }
                    }
                }
            }
            expr "\n\n* ROUTING INSTANCE ADD\n                ";
            <change> {
                <routing-instances> {
                    <instance> {
                        <name> $cust;
                        <instance-type> "vpls";
                        <vlan-id> $vid;
                        <interface> {
                            <name> $if;
                        }
                        <route-distinguisher> {
                            <rd-type> {
                                expr $rid;
                                expr ":";
                                expr $rd;
                            }
                        }
                        <vrf-target> {
                            <community> {
                                expr "target:";
                                expr $AS;
                                expr ":";
                                expr $rd;
                            }
                        }
                        <protocols> {
                            <vpls> {
                                <site> {
                                    <name> $HOST _ "_" _ $rd;
                                    <site-identifier> $site;
                                    <interface> {
                                        <name> $if;
                                    }
                                }
                            }
                        }
                    }
                }
            }
            call jcs:emit-change() {
                with $message = {
                    expr "Adding routing instance ";
                    expr $cust;
                 }
            }
        }
        expr "\n\n\n\n\n* DELETE THE APPLY-MARCO\n         ";
        var $macro = routing-instances/apply-macro[name == "vpls-add"];
        if ($macro) {
            <change> {
                <routing-instances> {
                    <apply-macro delete = "delete"> {
                        <name> "vpls-add";
                    }
                }
            }
            call jcs:emit-change() {
                with $message = {
                    expr "deleting apply-macro vpls-add";
                 }
            }
        }
    }
}


Wednesday, March 26, 2014

How to conditionally advertise a route

Let's say you have an ospf network and you are connecting to a RIP router. You want to advertise your network to the RIP router, but do not want to advertise all your routes in order to keep the amount of prefixes low in the RIP routing table. You can create an aggregate route, but you want to only advertise this route on the condition that a host route is available in OSPF.

First the setup. We've got a network subnet of 192.168/16. We then want to connect to the RIP router.



user@router# set protocols rip group RIPv4 neighbor ge-0/0/3 
                                        
[edit]
user@router# run show route    

inet.0: 46 destinations, 46 routes (46 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0          *[OSPF/150] 00:25:00, metric 0, tag 0
                      to 192.168.0.21 via ge-2/0/0.0
                      to 192.168.4.1 via ge-2/0/14.0
                    > to 192.168.4.2 via ge-2/0/14.0
192.168.0.0/30      *[OSPF/10] 5d 03:20:59, metric 100
                    > to 192.168.4.1 via ge-2/0/14.0
192.168.0.20/30     *[Direct/0] 5d 03:52:03
                    > via ge-2/0/0.0
192.168.0.22/32     *[Local/0] 1w0d 01:17:46
                      Local via ge-2/0/0.0
192.168.0.48/28     *[Direct/0] 6d 02:17:09
                    > via vlan.100
192.168.10.0/24     *[RIP/100] 00:00:36, metric 2, tag 0
                    > to 192.168.0.30 via ge-0/0/3.0
192.168.11.0/24     *[RIP/100] 00:00:36, metric 2, tag 0
                    > to 192.168.0.30 via ge-0/0/3.0
192.168.12.0/24     *[RIP/100] 00:00:36, metric 2, tag 0
                    > to 192.168.0.30 via ge-0/0/3.0
192.168.20.0/23     *[OSPF/150] 5d 20:50:14, metric 16777215, tag 0
                      Discard
192.168.20.0/24     *[OSPF/150] 5d 20:51:07, metric 2, tag 0
                    > to 192.168.0.59 via vlan.100
192.168.100.254/32  *[OSPF/150] 5d 20:51:07, metric 2, tag 0
                    > to 192.168.0.59 via vlan.100

                                        
Notice that we're going to only advertise if the 192.168.100.254 host route appears in the routing table. 

So now we'll use the "generate" route instead of an aggregate route, but also add a policy.

[edit]
user@router# set routing-options generate route 192.168/16 policy CHECK-HOST 

[edit]
user@router# set policy-options policy-statement CHECK-HOST term t1 from route-filter 192.168.100.254/32 exact 

[edit]
user@router# set policy-options policy-statement CHECK-HOST term t1 then accept                                  

[edit]
user@router# set policy-options policy-statement CHECK-HOST term t2 then reject    

[edit]
user@router# commit 
commit complete

Now let's check if the policy works.

[edit]
user@router# run show route 192.168/16 exact 

inet.0: 47 destinations, 47 routes (47 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

192.168.0.0/16      *[Aggregate/130] 00:00:15
                    > to 192.168.0.59 via vlan.100

[edit]
user@router# run show route 192.168/16 exact detail 

inet.0: 47 destinations, 47 routes (47 active, 0 holddown, 0 hidden)
192.168.0.0/16 (1 entry, 1 announced)
        *Aggregate Preference: 130
                Next hop type: Router, Next hop index: 542
                Address: 0x157da7c
                Next-hop reference count: 12
                Next hop: 192.168.0.59 via vlan.100, selected
                State: <Active Int Ext>
                Age: 17 
                Task: Aggregate
                Announcement bits (1): 0-KRT 
                AS path: I
                                Flags: Generate Depth: 0 Active
                Contributing Routes (1):
                192.168.100.254/32 proto OSPF

As you can see the contributing route is available, so we can now advertise this aggregate to the RIP router.

[edit]
user@router# set policy-options policy-statement AGG->RIP term t1 from protocol aggregate 

[edit]
user@router# set policy-options policy-statement AGG->RIP term t1 from route-filter 192.168/16 exact 

[edit]
user@router# set policy-options policy-statement AGG->RIP term t1 then accept                          

[edit]
user@router# set policy-options policy-statement AGG->RIP term LAST then reject  

[edit]
user@router# commit 
commit complete

[edit]
user@router# set protocols rip group RIPv4 export AGG->RIP 

[edit]
user@router# commit 
commit complete


Let's check to see if we're advertising the route.

[edit]
user@router# run show route advertising-protocol rip 192.168.0.29    

inet.0: 47 destinations, 47 routes (47 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

192.168.0.0/16      *[Aggregate/130] 00:02:08
                    > to 192.168.0.59 via vlan.100

Now if we stop receiving the host OSPF route.

user@router# run show route 192.168.100.254

user@router# run show route hidden detail 

inet.0: 24 destinations, 24 routes (23 active, 1 holddown, 1 hidden)
192.168.0.0/16 (1 entry, 1 announced)
         Aggregate
                Next hop type: Reject
                Address: 0x1147eec
                Next-hop reference count: 1
                State: <Hidden Int Ext>
                Age: 26:46 
                Task: Aggregate
                Announcement bits (1): 4-RIPv2 
                AS path: I
                                Flags: Generate Depth: 0 Inactive


Tuesday, March 25, 2014

How to load balance switched traffic over a spanning tree network using Juniper switches

This is a pretty simple setup. With normal spanning tree one of the redundant links will be blocked. So in order to make use of the blocked port, you can load balance traffic using MSTP (Multiple Spanning Tree).  First the basic setup.

user@SW-A# show interfaces ge-0/0/42 
description to-SW-B-0/0/42;
unit 0 {
    family ethernet-switching {
        port-mode trunk;
        vlan {
            members all;
        }
    }
}


user@SW-A# show interfaces ge-0/0/47    
description to-SW-B-ge-0/0/47;
unit 0 {
    family ethernet-switching {
        port-mode trunk;
        vlan {
            members all;
        }
    }
}
user@SW-A# show vlans 
v100 {
    vlan-id 100;
}
v200 {
    vlan-id 200;
}

user@SW-A# show protocols mstp 
msti 1 {
    vlan 100-199;
}
msti 2 {
    vlan 200-299;
}

user@SW-A# run show spanning-tree interface 

Spanning tree interface parameters for instance 0

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ge-0/0/42.0    128:555      128:555  32768.50c58dab9081     20000  FWD    DESG 
ge-0/0/47.0    128:560      128:560  32768.50c58dab9081     20000  FWD    DESG 

Spanning tree interface parameters for instance 1

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ge-0/0/42.0    128:555      128:555  32769.50c58dab9081     20000  FWD    DESG 
ge-0/0/47.0    128:560      128:560  32769.50c58dab9081     20000  FWD    DESG 

Spanning tree interface parameters for instance 2

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ge-0/0/42.0    128:555      128:555  32770.50c58dab9081     20000  FWD    DESG 
ge-0/0/47.0    128:560      128:560  32770.50c58dab9081     20000  FWD    DESG 

user@SW-B# show interfaces ge-0/0/42                              
description to-SW-A-0/0/42;
unit 0 {
    family ethernet-switching {
        port-mode trunk;
        vlan {
            members all;
        }
    }
}


user@SW-B# show interfaces ge-0/0/47    
description to-SW-A-ge-0/0/47;
unit 0 {
    family ethernet-switching {
        port-mode trunk;
        vlan {
            members all;
        }
    }
}


user@SW-B# show protocols mstp 
msti 1 {
    vlan 100-199;
}
msti 2 {
    vlan 200-299;
}

user@SW-B# run show spanning-tree interface 

Spanning tree interface parameters for instance 0

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ge-0/0/42.0    128:555      128:555  32768.50c58dab9081     20000  FWD    ROOT 
ge-0/0/47.0    128:560      128:560  32768.50c58dab9081     20000  BLK    ALT  

Spanning tree interface parameters for instance 1

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ge-0/0/42.0    128:555      128:555  32769.50c58dab9081     20000  FWD    ROOT   <<<<< NOTE
ge-0/0/47.0    128:560      128:560  32769.50c58dab9081     20000  BLK    ALT  

Spanning tree interface parameters for instance 2

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ge-0/0/42.0    128:555      128:555  32770.50c58dab9081     20000  FWD    ROOT 
ge-0/0/47.0    128:560      128:560  32770.50c58dab9081     20000  BLK    ALT  

SW-A is root bridge because of lowest mac address.

As you can see on SW-B, port ge-0/0/47 is blocked for all tagged and untagged traffic. 

There are two ways to influence spanning tree to change the forwarding state.

First, to affect the forwarding state of a particular spanning tree instance, you can use priorities on the root switch. This is useful to load balance traffic for under utilized links.

user@SW-A# set protocols mstp msti 1 interface ge-0/0/42 priority 240

On the remote switch SW-B

user@SW-B# run show spanning-tree interface    

Spanning tree interface parameters for instance 0

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ge-0/0/42.0    128:555      128:555  32768.50c58dab9081     20000  FWD    ROOT 
ge-0/0/47.0    128:560      128:560  32768.50c58dab9081     20000  BLK    ALT  

Spanning tree interface parameters for instance 1

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ge-0/0/42.0    128:555      240:555  32769.50c58dab9081     20000  BLK    ALT      <<<<<<<< Here we block traffic 
ge-0/0/47.0    128:560      128:560  32769.50c58dab9081     20000  FWD    ROOT  <<<< now traffic will be forwarded on this interface for vlans in the range 100-199

Spanning tree interface parameters for instance 2

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ge-0/0/42.0    128:555      128:555  32770.50c58dab9081     20000  FWD    ROOT 
ge-0/0/47.0    128:560      128:560  32770.50c58dab9081     20000  BLK    ALT  


The second method is to affect the traffic by adjusting the cost locally

user@SW-B# set protocols mstp msti 2 interface ge-0/0/47 cost 10000 

user@SW-B# commit 
configuration check succeeds
commit complete


user@SW-B# run show spanning-tree interface    

Spanning tree interface parameters for instance 0

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ge-0/0/42.0    128:555      128:555  32768.50c58dab9081     20000  FWD    ROOT 
ge-0/0/47.0    128:560      128:560  32768.50c58dab9081     20000  BLK    ALT  

Spanning tree interface parameters for instance 1

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ge-0/0/42.0    128:555      240:555  32769.50c58dab9081     20000  BLK    ALT  
ge-0/0/47.0    128:560      128:560  32769.50c58dab9081     20000  FWD    ROOT 

Spanning tree interface parameters for instance 2

Interface    Port ID    Designated      Designated         Port    State  Role
                         port ID        bridge ID          Cost
ge-0/0/42.0    128:555      128:555  32770.50c58dab9081     20000  BLK    ALT  
ge-0/0/47.0    128:560      128:560  32770.50c58dab9081     10000  FWD    ROOT  <<<<<<<< HERE


Now only untagged traffic will forward over the ge-0/0/42 interface.

Friday, March 14, 2014

How to pass an argument from an Event to a script - Juniper scripting

If you want to know more about how arguments are passed to a script using an event option, you can use this event script.

When an Event happens, such as when an interface goes down, a syslog message will be generated. Some information contained within the syslog message can be passed to a script.

My script will create a text file called "interface_down.txt" and writes the passed argument which is name of the interface that went down and the timestamp of when it occurred.

To learn more about what arguments can be passed during an event such as a LINK DOWN you need to look more into the details of the syslog:

jnpr@R1> help syslog SNMP_TRAP_LINK_DOWN    
Name:          SNMP_TRAP_LINK_DOWN
Message:       ifIndex <snmp-interface-index>, ifAdminStatus <admin-status>, ifOperStatus <operational-status>, ifName
               <interface-name>
Help:          linkDown trap was sent
Description:   The SNMP agent process (snmpd) generated a linkDown trap because the indicated interface changed state to
               'down'.
Type:          Event: This message reports an event, not an error
Severity:      warning
Facility:      LOG_DAEMON


Note the Message and <objects>. These are the arguments that can be passed. Also not that the type is "Event" and not an error.

The following configuration should be added to the router:


[edit]

user@router# show event-options

policy track_interface {

    events SNMP_TRAP_LINK_DOWN;

    then {

        event-script check-interface.slax {

            arguments {

                interface-name "{$SNMP_TRAP_LINK_DOWN.interface-name}";

            }

        }

    }

}

event-script {

    traceoptions {

        flag output;

    }

    file check-interface.slax;

}

Note that the syslog message $SNMP_TRAP_LINK_DOWN followed by the "." and the message <object> is needed.

Below is the output:

-------------------------------------

[edit]

user@router# run show interfaces terse

Interface               Admin Link Proto    Local                 Remote

ge-0/0/0                up    down

ge-1/0/0                up    up

ge-1/0/0.0              up    up   inet     10.1.1.1/24

                                   mpls

dsc                     up    up

fxp0                    up    up

fxp0.0                  up    up   inet     172.19.90.187/23

fxp1                    up    up

fxp1.0                  up    up   inet     10.0.0.4/8

                                            128.0.0.4/2

                                   inet6    fe80::200:ff:fe00:4/64

                                            fec0::a:0:0:4/64

                                   tnp      0x4

gre                     up    up

ipip                    up    up

lo0                     up    up

lo0.0                   up    up   inet     1.1.1.1/24

lo0.16384               up    up   inet     127.0.0.1           --> 0/0

lo0.16385               up    up   inet

lsi                     up    up

mtun                    up    up

pimd                    up    up

pime                    up    up

tap                     up    up



/* I manually disconnect the interface*/ 



[edit]

user@router# run file show /var/tmp/interface_down.txt

<?xml version="1.0"?>

Following interface: ge-1/0/0 went down on Fri Mar 14 11:55:43 2014


[edit]

user@router# run show interfaces terse

Interface               Admin Link Proto    Local                 Remote

ge-0/0/0                up    down

ge-1/0/0                up    down

ge-1/0/0.0              up    down inet     10.1.1.1/24

                                   mpls

dsc                     up    up

fxp0                    up    up

fxp0.0                  up    up   inet     172.19.90.187/23

fxp1                    up    up

fxp1.0                  up    up   inet     10.0.0.4/8

                                            128.0.0.4/2

                                   inet6    fe80::200:ff:fe00:4/64

                                            fec0::a:0:0:4/64

                                   tnp      0x4

gre                     up    up

ipip                    up    up

lo0                     up    up

lo0.0                   up    up   inet     1.1.1.1/24

lo0.16384               up    up   inet     127.0.0.1           --> 0/0

lo0.16385               up    up   inet

lsi                     up    up

mtun                    up    up

pimd                    up    up

pime                    up    up

tap                     up    up



Then you can use the argument passed to the script that is specific to the actual event. 

below is the event script file, it needs to be placed in /var/db/scripts/event folder 

-----------------

jnpr@R1> file show /var/db/scripts/event/check-interface.slax 
version 1.0;
ns junos = "http://xml.juniper.net/junos/*/junos";
ns xnm = "http://xml.juniper.net/xnm/1.1/xnm";
ns jcs = "http://xml.juniper.net/junos/commit-scripts/1.0";
ns ext = "http://xmlsoft.org/XSLT/namespace";
ns redirect extension  = "org.apache.xalan.xslt.extensions.Redirect";

import "../import/junos.xsl";

var $arguments ={
<argument>{
<name> "interface-name";
<description> "Interface that has been disabled";
   }
}


param $interface-name;

match /
{

   <event-script-results>
    {
       var $file = "/var/tmp/interface_down.txt";
        <redirect:write select="$file">{
        expr "Following interface: " _ $interface-name _ " went down on " _  $localtime;
        }

    }
}