1.17. Release Notes 1.4.0

NetSpyGlass v1.4.0

1.17.1. New features

  • NET-1132 classify interfaces “inside”, “outside” on Cisco ASA as “virtual interfaces”

  • skip virtual interfaces while discovering L2 topology from FDB (e.g. Cisco ASA “inside” and “outside” interfaces)

  • NetSpyGlass server can now work in the “views tester” mode that can be used to develop views builder script using separate live instance of NetSpyGlass server that works with a snapshot of the information about network devices collected during discovery but does actually poll devices. In the Views Tester mode the server works with temporary in-memory database and does not require configuration file. It loads information about devices from json files created by the ‘real’ NSG server at the end of discovery. These files can be found in the directory $home/reports/$network_name/discovery/0/nodes/json. Views Tester does not keep permanent state and always loads devices, rebuilds network topology graph and all maps when it starts. After that, it starts web server on port 9100 that serves generated maps. View Tester watches view builder hook script and rebuilds maps when the script changes.

  • User can specify SNMP version in the configuration file, separately for each device:

    { address = "device_name", snmpCommunity = public, snmpVersion = 1 },

    Default version (if parameter snmpVersion is missing) is 2.

  • NET-1135 user can add device with blank snmp community to the config. Device like this is not going to be polled or discovered but will appear in maps and L3 link to it will be added to the map

  • NET-1131 implemented support for Cisco ASA CPU load monitoring for devices that do not support “revised” OID cpmCPUTotal1minRev in CISCO-PROCESS-MIB so we have to fall back onto deprecated OID cpmCPUTotal1min

  • A change in the behavior of JSON API calls that use rules to match monitoring variables (see Format of the variable matching rule): all parameters of the matching rule are now optional. For example, if parameter name is missing but tags is present, then the rule matches any monitoring variables with given combination of tags regardless of their name. If parameters name, devices, components and tags (that is, those that actually match various fields of monitoring variable object) are missing, then the rule is considered to be “empty” and does not match any variables.

  • NSGDB-49 phase 1: implemented ability to add tags to the alert and associated monitoring variable via argument tags that can be added to the call to alert()

  • NSGDB-49 phase 2: JSON API call GET /api/alerts/networks/:netid/alerts[?active=true|false][rule_spec] can use matching rule to match alerts. See GET /api/alerts/networks/:netid/alerts[?active=true|false][rule_spec]. This allows for matching alerts by tags and other fields.

  • beginning with this version, NetSpyGlass supports reports that use the same python script and class but different templates.

  • NET-1142 implemented discovery of IPSEC tunnels on Cisco ASA devices and traffic monitoring through tunnels

  • Implemented discovery of policy-based IPSEC tunnels on Juniper SRC devices and traffic monitoring through these tunnels

  • Variables ifInUtilization and ifOutUtilization will appear in the Graphing Workbench. This also means they are automatically pushed from secondary servers to the primary, thus fixing NSGDB-53

  • Now the server detects when IP address of a device defined by name in the config changes in DNS and picks up its new address.

  • NET-1144 implemented discovery and monitoring of the active sessions count and rate of the session setup for firewalls (Cisco ASA and Juniper SRX). Variables globalFwStatsConnSetupRate, globalFwStatsSessionsActive and jnxJsPolicyStatsSessionRate (Juniper) in category Firewall.

  • NSGDB-57 dictionary passed with parameter details in the call to alert() can be used to set Jira issue fields

  • Added support for discovery and monitoring of CPU and memory utilization on Vyatta devices

1.17.2. Bug fixes

  • RPC call used to pass information about allocated devices and monitoring variables from server to server and from server to monitor has been redesigned to minimize time spent inside of RPC service. Devices and variables are processed by the server ahead of time and prepared data is cached for each downstream cluster member. When cluster memvers connect, they download prepared configuration with no delay. Serialized device and variable objects are compressed to reduce amount of data this RPC call needs to pass. This speeds up its operation when client connects to the server over the network with big latency. All of this greatly improves stability of NetSpyGlass cluster that operates over the network with big latency.
  • NSGDB-48 fix algorithm used to calculate totalPacketDrops variable. Before this change, the second argument in the call to add() (the CoS drops variable) where some instances could be missing because they were NaN or did not exist. When add() is called with second argument like that, it does not put corresponding instances of first argument (totalPacketDrops in this case) into the output, even though these instances existed in the input. In the end, this lead to empty totalPacketDrops variable if even one CoS drops variable instance for the fiven deivce:interface had last value NaN or simply did not exist.
  • NET-1134 fix race condition that happened when user added (or removed) device in the configuration and started discovery before the server completed device reload. This issue lead to the situation when the server thought device configuration was up to date but the new device was not in fact part of the device repository. With the fix it is still possible to start discovery too soon, in which case new device is not going to be discovered, but it will be part of the system and running discovery again will include it.
  • NSGDB-53 secondary servers should push ifInUtilization and ifOutUtilization variables to the primary because these variables are used to set link colors in maps.
  • NSGDB-52 force expiration of the monitoring variables and alerts when operator removes or renumbers device