Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Riverbed SteelCentral NetProfiler (Cascade Profiler) Audit

 

The JSA DSM for Riverbed SteelCentral NetProfiler Audit collects audit logs from your Riverbed SteelCentral NetProfiler system. This product is also known as Cascade Profiler.

The following table identifies the specifications for the Riverbed SteelCentral NetProfiler DSM:

Table 1: Riverbed SteelCentral NetProfiler Specifications

Specification

Value

Manufacturer

Riverbed

DSM name

SteelCentral NetProfiler Audit

RPM file name

DSM-RiverbedSteelCentralNetProfilerAudit

-JSA_version-build_number.noarch.rpm

Event format

Log file protocol

Recorded event types

Audit Events

Automatically discovered?

No

Includes identity?

Yes

Includes custom properties?

No

More information

Riverbed website (http://www.riverbed.com/)

To integrate Riverbed SteelCentral NetProfiler Audit with JSA, complete the following steps:

  1. If automatic updates are not enabled, download and install the most recent versions of the following RPMs on your JSA Console.

    • Protocol-LogFile RPM

    • Riverbed SteelCentral NetProfiler Audit RPM

  2. Create an audit report template on your Riverbed host and then configure a third-party host to use the template to generate the audit file. See Creating a Riverbed SteelCentral NetProfiler Report Template and Generating an Audit File.

  3. Create a log source on the JSA Console. The log source allows JSA to access the third-party host to retrieve the audit file. Use the following table to define the Riverbed-specific parameters:

    Table 2: Riverbed SteelCentral NetProfiler Log Source Parameters

    Parameter

    Description

    Log Source Type

    Riverbed SteelCentral NetProfiler Audit

    Protocol Configuration

    LogFile

    Remote IP or Hostname

    The IP address or host name of the third-party host that stores the generated audit file

    Remote User

    The user name for the account that can access the host.

    Remote Password

    The password for the user account.

    Remote Directory

    The absolute file path on the third-party host that contains the generated audit file.

    FTP File Pattern

    A regex pattern that matches the name of the audit file.

    Recurrence

    Ensure that recurrence matches the frequency at which the SteelScript for Python SDK script is run on the remote host.

    Event Generator

    Line Matcher

    Line Matcher RegEx

    ^\d+/\d+/\d+ \d+:\d+,

Creating a Riverbed SteelCentral NetProfiler Report Template and Generating an Audit File

To prepare for Riverbed SteelCentral NetProfiler integration with JSA, create a report template on the Riverbed SteelCentral NetProfiler and then use a third-party host to generate an audit file. The third-party host must be a system other than the host you use for Riverbed SteelCentral NetProfiler or JSA.

Ensure that the following items are installed on a third-party host that you use to run the audit report:

PythonDownload and install Python from the Python website (https://www.python.org/download/).
SteelScript for PythonDownload and install the SteelScript for Python SDK from the Riverbed SteelScript for Python website (https://support.riverbed.com/apis/steelscript/index.html). The script generates and downloads an audit file in CSV format. You must periodically run this script.
  1. Define the audit file report template.
    1. Log in to your Riverbed SteelCentral NetProfiler host user interface.

    2. Select System >Audit Trail.

    3. Select the criteria that you want to include in the audit file.

    4. Select a time frame.

    5. On the right side of the window, click Template.

    6. Select Save As/Schedule.

    7. Type a name for the report template.

  2. To run the report template and generate an audit file, complete the following steps
    1. Log in to the third-party host on which you installed Python.

    2. Type the following command:

      Tip

      Record the report template name and file path. You need to use the name to run the report template and when you configure a log source in the JSAinterface.