Getting Started with NAE
Installing Scripts and Creating Agents
Introduction
The Aruba Network Analytics Engine (NAE) is a first-of-its-kind built-in analytics framework for network assurance and remediation, with no license or extra software download required.
Capitalizing on the full automation and deep visibility capabilities of AOS-CX, this unique technology allows monitoring, troubleshooting, and effortless network data collection by employing simple script agents.
When an issue arises, the NAE agent offers information needed to resolve the issue and, even better, can take corrective action based on established policies. When it detects an anomaly, it proactively collects additional statistics and data to automate the troubleshooting process.
NAE scripts make use of the power of Python, APIs, and databases, and each script contains its own recipe or instructions required to spawn agents.
The logical makeup of an NAE script can be broken down into monitors, rules, conditions, and actions. As a monitor watches over a specified switch database value, an associated rule and condition determines when an alert may be triggered should the tracked value deviate from the predefined acceptable range. When an alert is triggered, NAE can also take corrective steps to rectify the issue.
The agent is also represented on an automatically generated graph which enables visual analysis to assist in troubleshooting network issues. Furthermore, the graph captures all configuration checkpoints to provide supplementary historical context to the timeline.
https://files.readme.io/2317b6a-NAE.png
In order for NAE to process API calls there needs to be some configuration done on the switch's CLI.
Also, agents require administrator authority to perform certain tasks, such as executing CLI commands. Thus you must be logged in as a user possessing administrator privileges in order to create, delete, enable, disable, or reconfigure agents.
NAE Components
Script
NAE scripts are written in Python. The script is the exact Python code wherein the monitors, the alert-trigger logic, and the remedial actions are defined.
To upload an NAE script with the REST API, you must first convert the file to base64 encoding.
If you upload the script using the Web UI, the conversion is done automatically.
Agent
NAE agents are instances of scripts that are instantiated by users to run. Once activated, these agents collect relevant network information and also trigger alerts when specific events occur.
Monitor
Monitors track data points on the switch. Each monitor uses the REST URI of a resource to identify and keep tabs on that particular field.
Databases
NAE is tied to the switch's configuration and state database, as well as a time-series database. NAE monitors the values in the configuration and state database and tracks their history in the time-series database.
- Through the AOS-CX REST API, NAE has direct visibility into the entire current state of the device, including all statistics. This omniscience also helps agents correlate a network event to a specific configuration change, which is useful when analyzing whether the root cause of an issue is related to such a configuration change.
- The tie-in with the time-series database gives users the ability to essentially rewind time and revisit the context surrounding a network event.
REST API
The REST API is covered in the AOS-CX API section.
Programmable Actions
Actions are tasks executed by agents in response to predefined conditions. Actions can be automated to emulate many of the steps an administrator might take to troubleshoot network issues.
Although an action must be specified as part of a rule, actions are optional.
Built-in agents, such as system_resource_monitor.default, cannot be deleted.
Enabling REST API Access on the Switch
Changing the mode to read-write allows POST, PUT, and DELETE operations to be called on all configurable elements in the switch configuration database.
switch(config)# user admin group administrators password plaintext mypassword
switch(config)# https-server rest access-mode read-write
switch(config)# https-server vrf mgmt
switch(config)# https-server vrf default
By using these command, you enable access to both the Web UI and to the REST API on the specified VRF. You can enable access on multiple VRFs.
As of v10.04 by default, REST access-mode is set to read-write on the default VRF.
Aruba Solution Exchange
For Aruba-created, Aruba-tested, and Aruba-curated scripts, Aruba Solution Exchange (ASE) is the place to browse. Best practice is to install only NAE scripts from ASE, as these scripts are written, tested, and certified by Aruba.
On ASE, Aruba-certified scripts possess the tag nae-aruba-certified. These scripts can be downloaded here: Aruba Solution Exchange.
Installing NAE Scripts
Using the switch's web UI to install NAE scripts
- In your web browser, navigate to the switch's IP address or hostname, making sure to use HTTPS:
Landing message and page for AOS-CX web UI
- Log in with the username and password of the user possessing administrator privileges:
Login context
- Click on Analytics in the menu on the left-hand side:
Left-side menu pane
- Click on the title of the Scripts tile:
Scripts tile on the Agent dashboard page
At the top of the window, click the cloud ASE icon towards the right:
ACCEPT the license agreement:
License agreement
- Wait for the window to be populated with the Aruba-curated scripts. Only those that are tagged for the platform you are using will be shown. Select the appropriate script to monitor the desired values, and click INSTALL:
ASE listing of available scripts compatible with the particular switch's platform
Uploading a script from your local machine
- On the Analytics page, click the title in the Scripts tile:
The Scripts tile on the Agent dashboard page
At the top of the window, click the UPLOAD button towards the left:
Upload button, among other buttons
- Navigate to the location containing the script (which should be a Python file with the appropriate .py extension) and select it:
File-selector prompt
- Follow the upload prompt and click NEXT:
Upload confirmation page
Creating an Agent
After the script has been installed on the system, to initiate the monitoring process an Agent needs to be created.
- Select the script in the Scripts window from which you want to create an agent and click + CREATE AGENT:
Scripts page on which agents can be created
- In the "Create Agent" form, name the agent (nomenclature requirements shown in red), fill in all mandatory fields (i.e. those without default values) and optional fields, and click CREATE. This will create your agent which will begin monitoring immediately.
Agent creation form
Upon creating the agent you are brought to the Agents list page, where you can see your newly created agent among all the other agents.
Agents page showing all existing agents
From this page, you can click on the name of an agent in order to view its Agent Details page and graph.
Agent details page
Model Specific Differences
| Switch Model | Max # of Scripts | Max # of Agents | Max # of Monitors | Max Script Size | # of Days Stored in Database* | Amount of Disk Storage Allocated |
|---|---|---|---|---|---|---|
| 8400 | 50 | 100 | 300 | 256KB | 400 | 18GB |
| 8360 | 25 | 50 | 150 | 256KB | 400 | 9GB |
| 8325 | 25 | 50 | 150 | 256KB | 400 | 9GB |
| 8320 | 25 | 50 | 150 | 256KB | 400 | 9GB |
| 6400 | 10 | 10 | 130 | 256KB | 45 | 3.1GB |
| 6300 | 10 | 10 | 130 | 256KB | 45 | 3.1GB |
| 6200 | 10 | 10 | 130 | 256KB | 15 | 1GB |
Amount of days listed is the maximum as long as data does not go over the above amount of disk storage allocated to NAE for that particular model. If the disk storage allocated has reached it's max, NAE will remove the oldest data in order to make space for newer data added.
NAE Scripts to Start with
- Identifies general faults and helps protect against network loops and issues caused by defective peripherals.
- Minimum firmware version 10.04 required. Monitors overall hardware device health using the Temperature Sensor, Fan Sensor, and Fault Finder scripts.
- Minimum firmware version 10.04 required. Monitors overall software device health using the MAC Count, MAC Decrease Rate, Fault Finder, Daemon Resource, and VSX Health scripts.
Updated about 4 years ago