Original Message:
Sent: 10-14-2020 04:41 PM
From: Kishan Silva Ratnayake
Subject: Is it possible to get VPN user login count on NetOps dashboard
The new metric calculates MAX, so what you could do is create this trend line for a 2 week period and make sure you report on the MAX metric and select the daily roll up - this will take the max value for user connections for each device in the group for the day (using the daily rolled up data) and then SUM them.
Again - this will show a trend for each day for each group and requires the new metric.
The other option is an openAPI app - in this case you would not need to add the new metric, you could use the existing metric.
What you can do is:
1. Using OpenAPI get the daily rolled up max values for each device in a group for a 2 week period
2. Then within the OpenAPI app code perform the summation of each corresponding timestamp from each device
3. Repeat steps 1 and 2 for groups that you need this for
4. Display this data
Regards,
Kishan
Original Message:
Sent: 10-12-2020 04:08 PM
From: Tao Yang
Subject: Is it possible to get VPN user login count on NetOps dashboard
Thanks! So based on the first message from this thread, the up-management wants the daily login counts, but this will only bring 5 min count with Sum calculation. Will something like MAX count possible work if the up-management wants to see a daily trend over the past 2 weeks? However, I am also thinking even though I could use MAX, when I group them,say US devices, it will give the only MAX of them, without accumulate all VPN device values together as a total value of the group, say US Domestic group. So it kind of need SUM(MAX values from each devices)? Is it possible or I am thinking with wrong way?
Many thanks again!
Original Message:
Sent: 10-12-2020 03:55 PM
From: Kishan Silva Ratnayake
Subject: Is it possible to get VPN user login count on NetOps dashboard
You wouldn't want to change the existing one. Leave that one alone and add a new one.
So you would perform a PUT against: http://DAHOST:8581/typecatalog/metricfamilies/extension/NormalizedRASActivityInfo
and send the following XML:
<DataModel xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" namespace="http://im.ca.com/normalizer" xsi:noNamespaceSchemaLocation="IMDBCertificationFacet.xsd">
<Author>CA</Author>
<Version>1.6</Version>
<FacetType name="NormalizedRASActivityInfo" descriptorClass="com.ca.im.core.datamodel.certs.NormalizedFacetDescriptorImpl">
<FacetOf namespace="http://im.ca.com/core" name="Item"/>
<AttributeGroup name="RemoteAccessActivityGroup" external="true" list="true">
<Attribute name="ActiveSessionUsersTotal" type="Double">
<Documentation>ActiveSessionUsersTotal</Documentation>
<Minimum>true</Minimum>
<Percentile>0</Percentile>
<Percentile2>0</Percentile2>
<Percentile3>0</Percentile3>
<Baseline>false</Baseline>
<Polled>true</Polled>
<Variance>false</Variance>
<RollupExpression/>
<Maximum>true</Maximum>
<ProjectionPercentile>0</ProjectionPercentile>
<RollupStrategy>Sum</RollupStrategy>
<StandardDeviation>false</StandardDeviation>
<IsDbColumn>true</IsDbColumn>
</Attribute>
</AttributeGroup>
</FacetType>
</DataModel>
This will create a new metric.
Now you will need to update the OOTB vendor cert so it maps the metric to this new metric. To do that perform a PUT against:http://DAHOST:8581/typecatalog/certifications/snmp/extension/CiscoRASActivityMib
and send the following XML:
<DataModel xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" namespace="http://im.ca.com/certifications/snmp" xsi:noNamespaceSchemaLocation="SNMPCertificationFacet.xsd">
<Author>CA</Author>
<Version>1.1</Version>
<FacetType name="CiscoRASActivityMib" descriptorClass="com.ca.im.core.datamodel.certs.CertificationFacetDescriptorImpl">
<FacetOf namespace="http://im.ca.com/core" name="Item"/>
<Expressions>
<ExpressionGroup destCert="{http://im.ca.com/normalizer}NormalizedRASActivityInfo" name="CiscoRASActivityMibDS">
<Expression destAttr="ActiveSessionUsersTotal">crasNumUsers</Expression>
</ExpressionGroup>
</Expressions>
</FacetType>
</DataModel>
***Important:One thing to be aware with this solution is that you should only use this metric for a trend chart (like what you are looking to do) and it reporting on 5 min polled data. If the chart shows rolled up data for this new metric it will look incorrect; example when the hourly roll up takes place, it will sum all the 5 min polled data points, so in this case if you had 700 users connected from 7 am - 8 am, then your hourly roll up for the 7-8 am period would be 700*12 = 8400, which is incorrect. So please be aware that this metric should only be used for a trend chart using as polled (5 min) polled data.
Original Message:
Sent: 10-12-2020 03:30 PM
From: Tao Yang
Subject: Is it possible to get VPN user login count on NetOps dashboard
many thanks Kishan! I used POSTMAN and GET this from NormalizedRASActivityInfo, so I guess I can add one only change "Avg" as "Sum" and try again:
<Attribute name="ActiveSessionUsers" type="Double">
<Documentation>Active Session Users</Documentation>
<IsDbColumn>true</IsDbColumn>
<Baseline>false</Baseline>
<RollupExpression />
<Minimum>false</Minimum>
<Maximum>false</Maximum>
<RollupStrategy>Avg</RollupStrategy>
<StandardDeviation>false</StandardDeviation>
<Variance>false</Variance>
<Percentile>0</Percentile>
<Percentile2>0</Percentile2>
<Percentile3>0</Percentile3>
<ProjectionPercentile>0</ProjectionPercentile>
<Polled>true</Polled>
</Attribute>
Original Message:
Sent: 10-12-2020 11:27 AM
From: Kishan Silva Ratnayake
Subject: Is it possible to get VPN user login count on NetOps dashboard
Ah - yes you will get an aggregate value for each group as an average as the roll up strategy for that metric is Average.
What you could do for this particular need is to create a new metric with a roll up strategy of Sum - then when you plot this new metric against the group, it will provide an aggregate value for each group as a sum.
Are you aware of how to extend an OOTB certification?
Regards,
Kishan
Original Message:
Sent: 10-07-2020 07:14 PM
From: Tao Yang
Subject: Is it possible to get VPN user login count on NetOps dashboard
Thanks again Kishan!
The problem I have now is, I did the group but the value is not expected. I did a similar one as per device and you can look at these two screenshot, the single device values are even higher than group. I think the only metrics I can pick is "Active Session Users - Average", not sure how to accumulate users value(if I have US group with 4 devices, average users are 700,700,600,500, then I hope it to be 700+700+600+500 = 2500 average users). How can I make it? Thanks!
Original Message:
Sent: 10-07-2020 12:34 PM
From: Kishan Silva Ratnayake
Subject: Is it possible to get VPN user login count on NetOps dashboard
We don't have a way to represent this using bar charts, but you could report on each group of devices (group aggregation) using the following type of view:
First create the 3 groups and add the corresponding devices to each group.
Then create the dashboard and add the IM On-Demand/Multi-Metric Trend Report and configure it as such:
Original Message:
Sent: 10-07-2020 11:40 AM
From: Tao Yang
Subject: Is it possible to get VPN user login count on NetOps dashboard
Thanks Kishan! Yes I just setup a test chart with this metrics!
Is it possible that I can cumulate all US, asian, europe ASR devices into 3 groups so I can make something like the barchart stuff like the original screenshot I posted above? currently, what I set is from dashboard build GUI and selected "dynamic trend view" under "Dynamic Views" on the left side, then fix the group to an existing group, and I could get something like this screenshot showing as indivisual device,
Original Message:
Sent: 10-07-2020 11:09 AM
From: Kishan Silva Ratnayake
Subject: Is it possible to get VPN user login count on NetOps dashboard
Hi Tao,
Do you have the Remote Access Activity metric family associated with you Cisco ASR devices? This metric family provides active session user count:
Original Message:
Sent: 10-07-2020 10:26 AM
From: Tao Yang
Subject: Is it possible to get VPN user login count on NetOps dashboard
I was asked if it is possible to get VPN user login count to show on NetOps dashboard. Is it possible to get from NetFlow? Out client is using Cisco Anyconnect client, our VPN devices are Cisco ASR. Currently we have similar thing but built on Splunk dashboard like the following, some people want them to be on NetOps: