Juniper Networks AVT
The Juniper Networks Application Volume Tracking (AVT) DSM for JSA accepts events by using Java Database Connectivity (JDBC) protocol.
JSA records all relevant events. To integrate with Juniper Networks NSM AVT data, you must create a view in the database on the Juniper Networks NSM server. You must also configure the Postgres database configuration on the Juniper Networks NSM server to allow connections to the database since, by default, only local connections are allowed.
This procedure is provided as a guideline. For specific instructions, see your vendor documentation.
Log in to your Juniper Networks AVT device command-line interface (CLI).
Open the following file:
/var/netscreen/DevSvr/pgsql/data/pg_hba.conf file
Add the following line to the end of the file:
host all all <IP address>/32 trust
Where: <IP address> is the IP address of your JSA console or Event Collector that you want to connect to the database.
Reload the Postgres service:
su - nsm -c "pg_ctl reload -D /var/netscreen/DevSvr/pgsql/data"
As the Juniper Networks NSM user, create the view by using the following input:
create view strm_avt_view as SELECT a.name, a.category, v.srcip,v.dstip,v.dstport, v."last", u.name as userinfo, v.id, v.device, v.vlan,v.sessionid, v.bytecnt,v.pktcnt, v."first" FROM avt_part v JOIN app a ON v.app =a.id JOIN userinfo u ON v.userinfo = u.id;
The view is created.
You are now ready to configure the log source in JSA.
JDBC Log Source Parameters for Juniper Networks AVT
If JSA does not automatically detect the log source, add an Juniper Networks AVT log source on the JSA Console by using the JDBC protocol.
When using the JDBC protocol, there are specific parameters that you must use.
The following table describes the parameters that require specific values to collect JDBC events from Juniper Networks AVT:
Parameter |
Value |
---|---|
Log Source Type |
Juniper Networks AVT |
Protocol Configuration |
JDBC |
Database Type |
Postgres |
Database Name |
profilerDb |
IP or Hostname |
The IP address or host name of the SQL server that hosts the Juniper Networks AVT database. |
Username |
Type the user name the log source can use to access the Juniper Networks AVT database. |
Password |
Type the password the log source can use to access the Juniper Networks AVT database. The password can be up to 255 characters in length. |
Predefined Query |
From the list, select Juniper Networks AVT. |
Use Prepared Statements |
The Use Prepared Statements check box must be clear. The Juniper Networks AVT DSM does not support prepared statements. |
Polling Interval |
Type the polling interval, which is the amount of time between queries to the view you created. The default polling interval is 10 seconds. You can define a longer polling interval by appending H for hours or M for minutes to the numeric value. The maximum polling interval is 1 week in any time format. Numeric values that are entered without an H or M poll in seconds. |
EPS Throttle |
Type the number of Events Per Second (EPS) that you do not want this protocol to exceed. The default value is 20000 EPS. |
Selecting a parameter value greater than 5 for the Credibility parameter weights your Juniper Networks AVT log source with a higher importance that is compared to other log sources in JSA.