3 Replies Latest reply: Nov 23, 2016 7:01 PM by Wil Bowes RSS

Automating Workflow Using SteelScript/REST API

Wil Bowes

Hi,

 

I'm looking at developing an automated workflow that is triggered by an SNMP trap sent from NetProfiler. Specifically I want to run a top talkers report from SteelScript (or via the REST API) when I received an SNMP trap from NetProfiler for a SteelHead WAN interface exceeding 85%.

 

So far I'm successfully receiving SNMP traps that contain the NetProfiler event ID for the violation, however I can't see how to retrieve the contents of the event beyond running a report that returns all of the events. This approach would be OK if events had a 1 to 1 mapping with violating interfaces, but often I see events containing multiple interfaces and these are shown as 255.255.255.255:0 in the events report.

 

I've looked at the Event Viewer API too, but this only seems to work via a browser - retrieving it via curl just presents a lot of script but no sign of the data I was after.

 

At this point I'm keen to know if there is a way to query and retrieve the contents of a specific event using the event ID provided in the SNMP trap. I need to be able to do this via SteelScript and/or the REST API so I can further run a report against all of the violating SteelHead interfaces contained within the event.

 

Many thanks,

 

Wil

  • Re: Automating Workflow Using SteelScript/REST API
    Neil Osuch

    Wil,

     

    I'm interested to hear a response to this question. I have a similar use case.

     

    In a related question, has anyone used SteelScript App Framework or the NetProfiler REST API to automate the process of retrieving the contents of a remote text file which would be used to update the ByLocation definitions file?

     

    Thank you,

    Neil

    riverbed

    Riverbed Staff

    Mike Garabedian

    • Re: Automating Workflow Using SteelScript/REST API
      Wil Bowes

      Hi Neil,

       

      I had to backtrack on this a bit as after discussing it with our APM SE it appeared that using a single policy for multiple interface threshold alerting was fundamentally flawed. The recommendation was to create a policy per interface which should prevent the appearance of 255.255.255.255 and therefore not require access to the event details (which also seems to be impossible via the API at the moment).

       

      So... as the prospect of managing per interface policies manually was just too horrendous to contemplate, I wrote a Python script that gets a list of SteelHead interfaces from the NetProfiler via the REST API, then uses that to create and managed a User Defined Interface Policy for each (that was 144 policies at the last count, created in 7 minutes via the script).

       

      I haven't checked the SNMP trap as yet (too much else to do at the moment), but assuming it or the event summary list now shows me the interface ip and index it should be pretty easy to run a top talkers interface report every time we get an alert. As an interim solution I did get my policy script to add a URL to the description field that now lets us click through to an interface report for the violating interface.

       

      To your other question, I have similar plans (as well as updating bandwidth overrides based on WAN router configs). I would suggest checking the API documentation and using something like Insomnia to probe the REST URLs.

       

      https://support.riverbed.com/apis/profiler/1.4/service.html

       

      https://support.riverbed.com/apis/profiler/1.4/service.html#resource-Host_Group_Types

       

      Also, the NetProfiler has some great online help and live examples built in, you should be able to access via this URL:

       

      https://mynetprofiler/rest/api/index.php

       

      The go to "General Info / Coding Examples / Reports / Python" for some example code that contains a bunch of routines that can be called to do the GET and POST functions (as well as being used to template PUT and DELETE actions).

       

      Hope that helps some...

       

      Wil

  • Re: Automating Workflow Using SteelScript/REST API
    Wil Bowes

    I just wanted to loop back and close this one off as I've more or less arrived at a solution.

     

    After avoiding per interface policies on NetProfiler for a long time due to the onerous nature of creating and managing them consistently I wrote a Python scipt to create user-defined Interface policies via the REST API. It then struck me that I should be able to create Link Congestion Policies under Performance and Availability to leverage the NetProfiler's analytics engine and produce significantly more useful violation alerts.

     

    Unfortunately, although you can create User-defined Policies and Service Maps via the REST API, the facility to do anything with Performance and Availability Policies is not present (I've asked our SE to raise an enhancement request for this).

     

    Now this is were it gets contentious as CLI commands exist on the NetProfiler to create the policies I require, however use of these are not supported for Partner or Customer use. I did manage to create a Bash shell script in the 'lab' that extracted a list of known WAN interfaces from NetProfiler, and then created an XML file containing policy definitions that was then fed back in via another CLI command.

     

    This appears to work well and didn't break anything, however I look forward to REST API support for the Performance and Availability Policies arriving!

     

    Wil