apm_bridge Configuration

Install the apm_bridge package from the CA UIM archive on the discovery_server hub. Typically, the primary hub. No license is required. Please ensure that the uimapi 9.0.2 or later package is downloaded and deployed on the UMP robot.
Install the apm_bridge package from the CA UIM archive on the discovery_server hub. Typically, the primary hub. No license is required. Please ensure that the uimapi 9.0.2 or later package is downloaded and deployed on the UMP robot.
  1. Ensure that the apm_bridge probe is deployed on the primary hub robot in your CA UIM 9.0.2 or later environment.
  2. Download the uimapi 9.0.2 or later package from the web archive to the hub local archive.
  3. Deploy the uimapi 9.0.2 or later package on the UMP robot in your CA UIM 9.0.2 or later environment.
  4. Verify that DOI mode is enabled as Use Case for apm_bridge from Raw Config.
    1. In Raw Config, navigate to Setup, Use Case, and verify the following key/value pairs:
    2. scenario = doi
    3. probe_list = probe 1, probe 2 comma-separated (For for example, aws, vmware)
Use the probe utility (pu) to configure the apm_bridge.
In the probe utility, follow these steps:
  1. Call the
    callback to configure the apm_bridge connection to the CA UIM API. Create or set the following key/value pairs:
    1. host
      - the host server for wasp probe with UMP and UIMAPI deployed.
    2. port
      - the port number used by wasp (with UIM API deployed). Typically, the wasp port is 80.
    3. user
      - specify the CA UIM administrator user name.
    4. password
      - specify the CA UIM administrator password.
  2. Call the
    callback to configure access to the CA DOI API for a single tenant. When the proper configuration is provided, the integration becomes active for that tenant.
    1. port
      - Specify the Port number (
      Default: 80
    2. host
      - Specify the TAS Service OpenShift route/ Hostname
      1. Obtain and enter the NASS / TAS URL (apmservices-gateway endpoint)
        • If you are using
          oc get routes -n<namespace> | egrep apmservices-gateway
        • If you are using
          kubectl get ingress -n<namespace> | grep apmservices-gateway
    3. token
      - generate a new security token in CA DOI, Service Analytics UI, Add Service, Topology Store. Copy and paste the token that is generated by CA DOI into the token field.
      For steps to generate the token, see Copy Topology Token from Service Analytics UI, in the Digital Operational Intelligence documentation.
    4. origin
      - specify the CA UIM origin that is dedicated to the tenant. The origin is typically the CA UIM primary hub where the apm_bridge is installed.
      If you wish to send data from the secondary hub through apm_bridge, specify the secondary hub hostname comma separated after the primary hub in the Origin field.
    5. useSSL
      - Set to TRUE to use SSL. Default value is FALSE.
      SSL is enabled by default for cloud installations of CA Digital Operational Intelligence. If SSL is disabled for CA DOI in an on-premise installation, for example, set this value to FALSE.
    6. adminConsoleHost
      - Specify the Admin Console host (default protocol: http, default port: 80).
    7. operatorConsoleHost
      - Specify the Operator Console host (default protocol: http, default port: 80).
      To use a custom protocol or port for “adminConsoleHost” or “operatorConsoleHost”, specify as the following.
      Example: https://hostname:8443
You do not need to restart the apm_bridge probe after running the callbacks. The configuration file is automatically read during the next update cycle.
Synchronization Rate
You can modify the frequency (in minutes) in which the data is synchronized from apm_bridge to NextGen TAS, by modifying the value for the
key. The default value is 5 (Minutes).
sync_rate = 5
Config Items
You can enable CI (Config Items) to be published, by adding the publish_config_items key.
Add the
key, if you wish to publish CI data, Devices and folders. If the value for this key is 0, only devices are published.
Deleting a profile
  1. Call the
    callback to delete the profile. 
Control Callbacks
callback attempts to empty and disable all the queues that are created by the probe, and deactivate the probe. Typically, the probe creates one queue for alarms, one queue for QoS, and one queue for inventory. Use the
callback if you experience issues.
callback attempts to activate all the queues that the probe uses. The callback does not create queues. The queues must already exist. If the queues are already active, the callback does nothing. Use the
callback to restore service after a call to
Access UIMAPI over https protocol
The following steps are needed when the UIMAPI is accessible only over https protocol. Perform these steps on the server on which apm_bridge is deployed.
  1. Download UMP/UIM API Server SSL certificate into a temporary folder {tempfolder} by running the command
    "openssl s_client -connect {UMP/UIMAPI Server}:{SSL Port} < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > public.crt".
    Access UMP/UIM API url https://{UMP/UIMAPI Server}:{port}/uimapi through browser and save the certificate from site information into a temporary folder {tempfolder}. Sample UIM API URL over SSL: https://<uimserver>/uimapi/docs/index.html
  2. Execute the following command
    "[UIM JRE Path]\bin\keytool" -import -alias umpcert -keystore "[UIM JRE Path]\lib\security\cacerts" -file "C:\tmp\umpcert.cer"
    When prompted for "Enter Keystore Password:" - enter the value "changeit".
    When prompted for "Trust this certificate? " - enter the value "yes".
    "C:\Program Files\Nimsoft\jre\jre8u232b09\bin\keytool" -import -alias umpcert -keystore "C:\Program Files\Nimsoft\jre\jre8u232b09\lib\security\cacerts" -file "C:\tmp\umpcert.cer".
Update default payload size on slower networks
Additional Configuration:
Default chunk size set to 1000 and probe sends every 1000 vertices or edges at once.
You may configure the size using
<setup> .... <inventory_service> sync_rate = 5 apmgraph_chunksize = 1000 </inventory_service> .... </setup>
Support for large-scale deployments with more number of UIM groups
Additional Configuration:
Currently probe considers only 50 parent groups. If there are more than 50 parents groups, it sends devices without group data.
You can configure the size using
<setup> .... <inventory_service> sync_rate = 5 apmgraph_chunksize = 1000
grp_recursion_level = 50
</inventory_service> .... </setup>
Troubleshooting and Additional Logs
To change the apm_bridge configuration, edit the
configuration file with a text editor, or use Raw Configure to update key/value pairs. You can add the following key/ value pairs to enable additional logs and for troubleshooting:
save_incoming_graphs = 1
log_outgoing_request = 1
publish_config_items = 0
All the keys are disabled by default, (value = 0). Modify the value of the config key to enable the parameter (value=1).
  • Enable the
    key, to save the incoming topology from vmware or aws probe to the Debug folder.
  • Enable the
    key, to log information sent by apm_bridge to NextGen TAS for CA APM. This information is saved in the Debug > tasrequests folder. Please ensure that you have adequate space in your machine, as enabling this will take up available free space.
apm_bridge probe does not send all devices to DXI
apm_bridge probe is not sending all the UIM devices to the DXI OI console.
All the UIM devices are not displayed in the DXI OI console due to the origin setting. You can get all the devices and groups in the DXI OI console by adding all the origins (comma-separated) in the apm_bridge settings.