Spectrum TrapInsight Dashboard View

From 10.4.2,
DX NetOps Spectrum
TrapInsight provides a real-time trap trend analysis dashboard for the distributed
DX NetOps Spectrum
environment. The administrator can run this tool to get the trap analysis trend; it is disabled by default. This feature is part of SDC with TrapX installation. When a new trap is received, TrapX forwards the trap to Logstash. Logstash processes and sends the trap to the Influx database using the logstash-influx-output plugin.
DX NetOps Spectrum
installer configures the TrapInsight server.
A user named
spectrum
and the TrapInsight database is automatically created. The Influx database is installed only OneClick server in the
$SPECROOT\influx
folder. It runs on a default port 9445 and uses HTTP communication.
You can configure multiple SDCs with Logstash to send the trap information to the same Influx database.
Implementing TrapInsight sends the trap information to the configured Influx database, allowing you to visualize the data and create the dashboards to get the trap trend analysis. You can review the dashboard at regular intervals and take preventive action if you find any dissimilarity in the trend.
Spectrum TrapInsight Architecture
The following diagram shows the Spectrum TrapInsight architecture:
Trap_Insight_Architecture
Deploy Logstash
To deploy Logstash, enable the Trapx option when you install SDC. Once the installation is done, the Logmonitor folder is created as part of the installation.
Ensure that the Influx database server is running before executing the setup_logstash script. Login to the OneClick server and run the following command from the Influx directory to check if Influx is running:
influx -port 9445 -username spectrum -password spectrum
In the Windows environment:
  • The bash file is located at
    SDC_Installation_Directory\SDMConnector\NT-TOOLS\SDCRE
    directory.
  • Use the SDC shipped Cygwin for executing the setup_logstash script to avoid failure.
  • A new command prompt is opened while executing the script, do not close the window. You must stop the Logstash process using
    CTRL+C
    from this window.
Follow these steps:
  1. In case of
    fresh install
    or
    upgrade
    of
    DX NetOps Spectrum
    , run the following script from the
    SDC_Installation_Directory/bin
    folder to enable the Spectrum TrapInsight functionality:
    ./setup_logstash <Influx DB IP Address> <SDC IP Address>
    For example,
    /c/Program Files/CA/SDMConnector/bin > ./setup_logstash.sh 10.175.90.201 10.175.90.200
    Once the script execution is done, you can find the Logstash logs (
    logstash-plain.log
    ) in the
    \Logmonitor\logstash\Logs\
    directory. The SDC service is restarted as part of this execution. The script updates the
    TrapX.config
    file to forward the traps to Logstash.
    Port 9162 is used for Logstash. If the port is used by another process, change it.
  2. (Optional) Change the Logstash port in the
    logmon.conf
    file in the
    SDC_Installation_directory/bin
    folder if the default port is used by another process.
Enable SSL for TrapInsight
When the Influx database is running with SSL enabled, you must enable SSL for TrapInsight.
Follow these steps:
  1. Open the
    logmon.conf
    from
    SDC_Installation_directory/bin
    folder.
  2. Set the value of the parameter
    ssl
    to
    true
    By default, SSL is set to false.
TrapInsight Dictionary
Trap Insight Dictionary is used to map the trap OID to the corresponding name. The dictionary is created using the Mibtools database and shipped with Logstash deployment.
Update the MIB Name Mapping
After you import any new MIB, to view the newly added trap OID to its corresponding name in the TrapInsight dashboard update the TrapNameList.yaml file.
Follow these steps: in 21.2.2 or earlier release:
  1. In SpectroSERVER, run the
    fetch_trap_info.sh
    command from
    $SPECROOT/mysql/bin
    folder.
    The script generates the
    TrapNameList.yaml
    file at
    MYSQL_DIR/data/mibtools
    directory.
  2. Move the
    TrapNameList.yaml
    file to
    \Logmonitor\logstash\bin
    directory in the SDC Trapx machine to update the new mib name mapping.
    Ensure that the
    TrapNameList.yaml
    file is not present in the
    MYSQL_DIR/data/mibtools
    directory.
Follow these steps: in 21.2.4 release:
  1. In SpectroSERVER, run the fetch_trap_info.sh command from the
    $SPECROOT/mysql/bin
    folder.
    The script generates the
    TrapNameList.yaml
    file at
    $SPECROOT/Install-Tools
    directory.
  2. Move the
    TrapNameList.yaml
    file to
    \Logmonitor\logstash\bin
    directory in the SDC Trapx machine to update the new mib name mapping.
Install and Import Dashboard in Grafana
This section describes the procedure to install and import the Influx dashboard into Grafana.
If Grafana is not available in your pod/machine, install it.
Follow these steps:
  1. Log in to the Grafana portal.
    Default Credentials: admin/admin
  2. Add the Influx database data source name as "InfluxDB" (URI : http://<oneClickServername>:9445, username: spectrum /password).
    Spectrum Health View Data
  3. Create a dashboard folder with the name Spectrum Trap Insight.
  4. Import the following files from the
    $SPECROOT/insideView/dashboard
    directory into Grafana and place under the Spectrum Trap Insight directory.
    • Spectrum_Trap_Insight.json
    • Trap_details_on_Device.json
    • Spectrum_TrapInsight_Ledger_View.json
    Trap_Insight_Dashboard
  5. You can open the individual dashboard to see the following views:
    Spectrum Trap Insight
    Spectrum_Trap_Insight
    Trap Insight Details on Device
    Trap_Insight_Details_on_Device
    Spectrum TrapInsight Ledger View
    Spectrum_TrapInsight_Ledger_view
Stop the Logstash
You must stop the Logstash before the SDC upgrade or changing the Influx server. Stopping Logstash stops sending the trap information to Influx.
Follow these steps:
  • On Linux:
    Run the
    stoplogstash.sh
    script in
    SDC_Installation_directory/bin
    folder.
  • On Windows:
    Click on the window opened by Logstash, type CTRL+C, and press Enter.