Setting Up User and System Preferences
Depending on your privileges, the Preferences page displays either user settings or a combination of user settings and system settings. One or more of the following preference tabs appear when you open the Preferences page:
User—All users can choose whether monitors and reports display the local time or the server time.
Search—Network administrators can configure options for search indexing.
Config & Deploy—Network administrators can:
choose to enable or disable import of configuration group data into Network Director.
specify the Auto Approval or Manual Approval mode for device configuration deployments.
Monitoring—As a network administrator you can change the polling interval for data collection for Monitor mode monitors and enable or disable the internal processes used for data collection. You can also specify the IP address of the Data Learning Engine server, if installed, and the database record retention periods.
Fault—As a network administrator you can enable or disable alarms. They can also set the retention period for alarms and the number of events per alarm.
Report—Network administrators can specify the period of time for which Network Director reports are retained.
Topology—Network administrators can specify a retention period for the deleted links in Topology view.
Virtualization—Network administrators can modify the synchronization time interval between Network Director and the cloud infrastructure.
This topic describes:
Accessing the Preferences Page
To open the Preferences page, click in the Network Director banner and select Preferences as shown in Figure 1.
The Preferences page opens with User Preferences as the default tab.
Choosing Server Time or Local Time
All users can specify whether Network Director displays local time or the server’s time in monitors and reports on the User Preferences tab. The default setting is to display local time. To change the setting to display the server’s time:
- In the Preferences page, select Use Server Time from the list.
- Click OK to save your changes or click Cancel to close Preferences.
Specifying Search Preferences
Network Director indexes the device inventory data periodically to enable users to perform efficient searches. You can specify a time interval after which Network Director initiates the next indexing on the Search tab. You can also specify to stop indexing while devices are imported into Network Director. If you are running short of system memory, selecting this option helps save some memory and speed up the discovery and import of new devices. By default, this option is selected and the search index update interval is set to 900 seconds.
Enabling Import of Configuration Group Data from Ethernet Design
For Network Director to be able to import configuration group data.
To enable the import of configuration group data:
Selecting the Approval Mode
Use the Config & Deploy tab of System Preferences to configure the approval mode:
Configuring the approval mode must be a one-time operation. Do not change the approval mode frequently.
To change the approval mode from Auto Approval to Manual Approval,
you must either deploy or discard the device configuration changes.
You are unable to change the approval mode to Manual Approval, or
from Manual Approval to Auto Approval if local changes are in pending
deployment state. The message: Do you want to retain
the Change Request history?
is displayed when you
change the approval mode. If you choose to retain the change request
history, all the existing change requests are retained by the system.
Hence, even if you switch to the Auto Approval mode, you can view
the change requests that were created in Manual Approval mode.
While configuring the Manual Approval mode, you can specify any number of approvers. If you specify more than one approver while configuring the Manual Approval mode, after any approver accepts or rejects a proposed change, the change request is not listed for the other approvers and they cannot approve or reject the same change request.
Setting up Auto-resynchronization Preferences
If you enable auto-resynchronization in Network Director, any configuration changes made on the physical device, including out-of-band CLI commits and change-request updates, automatically trigger resychronization on the device.
To set up auto-resynchronization:
Retaining Network Director Reports
By default, Network Director retains reports for 30 days. However, Network Administrators can change the retention period within the range 0 through 365 days. To change the setting, move the slider right or left on the Report tab of Preferences to the new setting. Click OK to save the setting.
Changing Monitor Mode Settings
The Monitoring tab of Preferences has three tabs under it. These are:
Monitoring Settings—Enables you to change the default polling interval for data collection for Monitor mode monitors. You can also disable or reenable the internal processes used for data collection on this sub-tab.
Client Session History—Enables you to set the retention period for history records and the frequency that these records are checked for deletion.
Data Learning Engine Settings—Enables you to specify the IP address of the Data Learning Engine (DLE) server or servers that supports the flow path analysis and high-frequency statistics features in Network Director.
Device Settings—Allows you to enable or disable data collection for one or more devices.
This section describes:
- Disabling Data Collection for Monitors
- Changing the Polling Interval
- Enabling and Disabling Collection for Managed Devices
- Specifying Database History Retention
- Installing and Configuring Data Learning Engine for Network Director
- Installing DLE
- Specifying the Data Learning Engine (DLE) Settings
- What to Do Next
Disabling Data Collection for Monitors
Network Director internally gathers data for monitors by using a set of data collection processes. You can disable these data collectors if they do not pertain to your installation. For example, if you do not use Virtual Chassis, you can disable the data collection processes used for Virtual Chassis.
The data collection processes are divided into the following categories:
Client
Equipment
FM
Traffic
Virtual
One data collector can be used by multiple monitors. Likewise, some monitors can be supported by multiple data collectors. These data collectors are enabled by default. To ensure proper data collection, if you enable the equipment data collectors, you must also enable the traffic collectors..
To disable or reenable a data collector:
Changing the Polling Interval
The frequency at which data is collected is determined by the polling interval. Table 2 shows the default polling intervals used by each data collector.
Collector |
Polling Interval |
---|---|
ClientMonitorCollector |
10 minutes |
SessionCountCollector |
10 minutes |
EquipmentMonitorVCStatsCollector |
30 minutes |
EquipmentMonitorAPCollector |
10 minutes |
EquipmentMonitorEndPointCollector |
1440 minutes |
EquipmentMonitorDeviceStatusCollector |
10 minutes |
FMAlarmCountCollector |
10 minutes |
PortTrafficMonitorCollector |
10 minutes |
VirtualHostPMCollector |
10 minutes |
VirtualNICStatsCollector |
10 minutes |
VirtualMachineStatsCollector |
10 minutes |
VirtualMachineWeeklyStatsCollector |
30 minutes |
To change the polling interval:
- Select the polling interval for a data collector in the Monitor Settings table.
- Type the new interval level in whole minutes. For example, do not specify 1.5 minutes. Recommended intervals are 5, 10, or 20 minutes.
- Click OK and then Yes to verify the change to the configuration.
Enabling and Disabling Collection for Managed Devices
By default all the devices that are discovered and managed by Network Director are enabled for data collection. You can disable or re-enable data collectors across all categories for devices that are managed by Network Director from this tab.
To enable or disable data collectors for devices
Specifying Database History Retention
To keep the database manageable, the system periodically checks the age of the records and retires those that have past an expiration date. By default, Network Director ages database records off at 90 days and runs a database cleanup every 6 hours.
Use the Client Session History sub-tab to change the default values:
Installing and Configuring Data Learning Engine for Network Director
Data Learning Engine (DLE) enables Network Director to collect and analyze high-frequency statistics and sFlow data for devices that are managed by Network Director. Only the QFX Series devices support the analytics feature that is required for generating high-frequency statistics data. Network Director uses high-frequency statistics data to create network heat maps and to monitor latency in QFX devices and sFlow data to monitor network traffic in EX and QFX devices.
This topic contains the following sections:
Installing DLE
DLE runs on a dedicated CentOS server. You can install DLE either directly on a CentOS server or on a virtual machine (VM) that runs CentOS. Following are the system requirements to install DLE:
The server or the VM on which you install DLE must have:
CentOs version 7.6, 64 bit
16 GB RAM
8 CPUs
100 GB of hard disk space
The Network Director server, the DLE server, and all the devices that are to be monitored using the analytics feature must be connected over a network, and have the following system time configurations:
Configured with the same time zone.
System clocks synchronized with a Network Time Protocol (NTP) server.
Before you install DLE make sure you have:
CentOs Version 7.6
Verified that CentOS version 7.6 is installed on the server as shown in the following example:
[root@user ~]# rpm --query centos-release centos-release-7-6.1810.2.el7.centos.x86_64
Or
[root@user ~]# grep OS /etc/centos-release CentOS Linux release 7.6.1810 (Core)
Synchronized the time on the DLE server, Network Director server, and the devices using a common NTP server as shown in the following example:
[root@user log]# ntpdate –u ntp.example.net 13 Jan 12:51:02 ntpdate[11386]: adjust time server 192.0.2.1 offset -0.101819 sec
Note:You can either specify the domain name/host name or IP address of the server.
Note:Juniper Networks recommends that you use an NTP server to synchronize the time between DLE, Network Director, and devices. However, if you do not use an NTP server, you need to synchronize the time manually.
Verified that the network ports 8080, 4242, 50005, 8282, 8081, 50006, 50009, 9160, 7000, and 9042 are in listening mode by entering the
netstat -anp |grep <port number>
command as shown in the following example:[root@user] # netstat -anp | grep 8282 tcp 0 0 0.0.0.0:8282 0.0.0.0:* LISTEN 1839/java
Alternatively, you can disable firewall on the DLE server to make sure that all the network ports are accessible as shown in the following example:
[root@user log]# service iptables stop iptables: Setting chains to policy ACCEPT: filter [ OK ] iptables: Flushing firewall rules: [ OK ] iptables: Unloading modules: [ OK ]
Noted down the CentOS server IP address for configuring DLE in Network Director.
To install DLE:
Specifying the Data Learning Engine (DLE) Settings
The Data Learning Engine (DLE) enables Network Director to collect and analyze high-frequency statistics data from devices and to perform flow path analysis.
Each DLE supports up to a specific number of Compute Agents (CAs) running on network devices. If you have more CAs in a network than a single DLE can support, you might require multiple DLEs.
Use the Data Learning Engine Settings sub-tab under the Monitoring tab to specify which Data Learning Engine (DLE) server or servers Network Director uses. You can also change the default ports used by the DLE.
To configure DLE in Network Director:
What to Do Next
After you have installed DLE on the CentOS server, you must perform the following operations to identify the applications that contribute to the traffic, traffic statistics, and the top applications:
Changing Alarm Settings
Use the Fault tab to enable individual alarms, set the retention period for alarms, configure alarm notifications, configure threshold alarms, and to specify the number of events to keep for each alarm. The Fault tab has multiple sections, which you can expand and collapse by clicking the arrow next to the section title:
Global Settings, for configuring Faults settings such as global alarm notifications and alarm data retention.
Individual Alarms and Threshold Settings, for configuring settings for individual alarms and threshold alarms.
This section describes the following tasks that you can perform by using the Fault tab:
- Configuring Global Alarm Notifications
- Retaining Alarm History
- Specifying Event History
- Enabling Alarms
- Changing the Severity of Individual Alarms
- Configuring Threshold Alarms
- Configuring Individual Alarm Notifications
Configuring Global Alarm Notifications
You can configure global e-mail notifications to be sent when any alarm with notifications enabled is generated. To configure global e-mail notifications, enter the e-mail addresses to receive global alarm notifications in the Alarm Notifications Destinations field in the Global Settings section. Separate addresses with a comma (,). For information about enabling notification for an alarm, see Configuring Individual Alarm Notifications.
Retaining Alarm History
Use the No. of days to keep Alarm field in the Global Settings section to specify the number of days to keep alarm history. The default retention time is 120 days; but you can specify a period of 7 through 1000 days. Specifying a longer retention time consumes more database resources. To change the alarm retention duration, type a new value and click OK and Yes to confirm the change.
Specifying Event History
Use the Events/Alarm field in the Global Settings section to specify the number of event entries that are kept in the alarm history. The default setting for events is 20. To change the setting, type a new value and click OK and Yes to confirm the change.
Enabling Alarms
Ensure all devices are configured to send traps to Network Director. This task is performed for the devices in Deploy mode through Set SNMP Trap Configuration.
Use the Individual Alarms and Threshold Settings section to disable and re-enable individual alarms or all alarms. Alarms appear on both tabs in the section: Alarm Settings and Threshold Settings. Fault alarms are preconfigured and initially enabled. To enable or disable alarms:
- (Optional) Sort the alarms. By default, the list of alarms is sorted alphabetically within each category. You can also sort by description or alarm severity within a category by clicking a column heading.
- Review the alarms and either select the check box in the heading to select all of the alarms or select the check box for the individual alarms you want to enable. For a full description of each of the alarms, see Table 4.
- Click OK and Yes to confirm the alarm change.
Alarm Name |
Description |
Device Type |
---|---|---|
BFD |
||
BfdSessionDetectionTimeAlarm |
Generated when the threshold value for detection time is set and the BFD session detection-time adapts to a value greater than the threshold. |
EX Series Switch |
BfdSessionTxAlarm |
Generated when the threshold value for transmit interval (in microseconds) is exceeded. |
EX Series Switch |
BGP |
||
BgpM2BackwardTransitionAlarm |
Generated when the BGP FSM moves from a higher-numbered state to a lower-numbered state. |
EX Series Switch |
BgpM2EstablishedAlarm |
Generated when the BGP Finite State Machine (FSM) enters the ESTABLISHED state. |
EX Series Switch |
Chassis |
||
FanFailureAlarm |
Generated when the specified cooling fan or impeller has failed (is not spinning). |
EX Series Switch |
FEBSwitchoverAlarm |
Generated when the Forwarding Engine Board (FEB) has switched over. |
EX Series Switch |
FRUCheckAlarm |
Generated when the device has detected that a field-replaceable unit (FRU) has some operational errors and has gone into check state. |
EX Series Switch |
FRUFailedAlarm |
Generated when a FRU has failed. |
EX Series Switch |
FRUInsertionAlarm |
Generated when the system detects that the specified FRU is inserted into the chassis. |
EX Series Switch |
FRUOfflineAlarm |
Generated when the specified FRU goes offline. |
EX Series Switch |
FRUOnlineAlarm |
Generated when the specified FRU goes online. |
EX Series Switch |
FRUPowerOffAlarm |
Generated when the specified FRU is powered off. |
EX Series Switch |
FRUPowerOnAlarm |
Generated when the specified FRU is powered on. |
EX Series Switch |
FRURemovalAlarm |
Generated when the system detects that the specified FRU was removed from the chassis. |
EX Series Switch |
HardDiskFailedAlarm |
Generated when the hard disk for the specified routing engine has failed. |
EX Series Switch |
HardDiskMissingAlarm |
Generated when the hard disk in the specified routing engine is missing from the boot device list. |
EX Series Switch |
PowerSupplyFailureAlarm |
Generated when the specified power supply has failed (bad DC output). |
EX Series Switch |
RedundancySwitchOverAlarm |
Generated when a graceful Routing Engine switchover (GRES) occurs on a switch with dual Routing Engines or on a Virtual Chassis. |
EX Series Switch |
TemperatureAlarm |
Generated when the device has over heated. |
EX Series Switch |
Configuration (Configuration) |
||
CmCfgChangeAlarm |
Generated when the jnxCMCfgChgEventTable records a configuration management event. |
EX Series Switch |
CMRescueChangeAlarm |
Generated when a change is made to the rescue configuration. |
EX Series Switch |
Core |
||
Device alarm |
Generated when the device status changes (up to down or down to up). |
EX Series Switch |
CoS |
||
CoSAlmostOutOfDedicatedQueuesAlarm |
Generated when only 10% of CoS queues are available. |
EX Series Switch |
CoSOutOfDedicatedQueuesAlarm |
Generated when there are no more available dedicated CoS queues. |
EX Series Switch |
DHCP |
||
JdhcpLocalServerDupClientAlarm |
Generated when a DHCP client is detected changing interfaces. |
EX Series Switch |
JdhcpLocalServerlfLimitExceededAlarm |
Generated when the client limit is reached on an interface. |
EX Series Switch |
Jdhcpv6LocalServerLimitExceededAlarm |
Generated when the client limit is reached on an interface for DHCPv6. |
EX Series Switch |
DOM |
||
DomAlertSetAlarm |
Generated when an interface detects Digital Optical Monitor (DOM) alarm conditions. |
EX Series Switch |
Flow Collection (FlowCollection) |
||
CollFlowOverloadAlarm |
Generated when a collector PIC detects a hard or soft flow overload. |
EX Series Switch |
CollFtpSwitchOverAlarm |
Generated when an FTP server switchover occurs. |
EX Series Switch |
CollMemoryUnavailableAlarm |
Generated when a PIC is out of memory or the memory is unavailable. |
EX Series Switch |
CollUnavailableDestAlarm |
Generated when a file transfer destination is unavailable. |
EX Series Switch |
CollUnsuccessfulTransferAlarm |
Generated when a collector file is unable to transfer because the destination is unavailable. |
EX Series Switch |
General |
||
Authentication Failure Alarm |
Generated when a protocol message is received that is not properly authenticated. |
EX Series Switch |
Cold Start Alarm |
Generated when a device is re-initializing and its configuration might have changed. |
EX Series Switch |
Link Down Alarm |
Generated when a link is down. The trap is generated when the ifOperStatus object for a communication link is about to enter the down state from another state other than notPresent. This other state is indicated by the included value of ifOperStatus. |
EX Series Switch |
Link Up Alarm |
Generated when a link comes up that was previously in the down state. The trap is generated when the ifOperStatus object for a communication link left the down state and transitioned into another state other than notPresent state. This other state is indicated by the included value of ifOperStatus. |
EX Series Switch |
Warm Start Alarm |
Generated when a device is re-initializing and its configuration has not changed. |
EX Series Switch |
Generic (GenericEvent) |
||
GenericEventTrapAlarm |
Generated by an Op script or event policies. This notification can include one or more attribute-value pairs. The pairs are identified by the jnxEventAvAttribute and jnxEventAvValue objects. |
EX Series Switch |
L2ALD |
||
L2aldGlobalMacLimitAlarm |
Generated when the MAC limit is reached for the entire system. This trap is sent only once, when the limit is reached. |
EX Series Switch |
L2aldInterfaceMacLimitAlarm |
Generated when the given interface reaches the MAC limit (jnxl2aldInterfaceMacLimit). |
EX Series Switch |
L2aldRoutingInstMacLimitAlarm |
Generated when the MAC limit is reached for a given routing instance (jnxl2aldRoutingInst). |
EX Series Switch |
L2CP |
||
LacpTimeOutAlarm |
Generated when LACP has timed out. |
EX Series Switch |
PortBpduErrorStatusChangeTrapAlarm |
Generated when the port’s BPDU error state (no-error or detected) changes. |
EX Series Switch |
PortLoopProtectStateChangeTrapAlarm |
Generated when the port’s loop-protect state (no-error or loop-prevented) changes. |
EX Series Switch |
PortRootProtectStateChangeTrapAlarm |
Generated when the port’s root-protect state (no-error or root-prevented) changes. |
EX Series Switch |
MAC Forwarding Database (MACFDB) |
||
MacChangedNotificationAlarm |
Generated when MAC addresses of the monitored devices are learned or removed from the forwarding database (FDB). |
EX Series Switch |
PoE (Power over Ethernet) |
||
PoE Port ON-OFF Alarm |
Generated when the PoE power is turned on or off. |
EX Series Switch |
PoE Power Usage High |
Generated when Power over Ethernet (PoE) used is below or above the defined threshold. |
EX Series Switch |
Passive Monitoring (PassiveMonitoring) |
||
PMonOverloadSetAlarm |
Generated when an overload condition is detected on a Passive Monitoring Interface. |
EX Series Switch |
Ping |
||
PingEgressJitterThresholdExceededAlarm |
Generated when egress time jitter (jnxPingMaxEgressUs minus jnxPingResultsMinEgressUs) exceeds the configured threshold (jnxPingCtlEgressJitterThreshold) causing the egressJitterThreshold bit to be set. |
EX Series Switch |
PingEgressStdDevThresholdExceededAlarm |
Generated when the standard deviation of the egress time (jnxPingResultsStddevEgressUs) exceeds the configured threshold (jnxPingCtlEgressTimeThreshold) and causes the egress bit to be set. |
EX Series Switch |
PingEgressThresholdExceededAlarm |
Generated when the egress time (jnxPingResultsStdevEgressUs) exceeds the configured threshold (jnxPingCtlEgressTimeThreshold) and the egress threshold bit is set in jnxPingCtlTrapGeneration. |
EX Series Switch |
PingIngressJitterThresholdExceededAlarm |
Generated when ingress time jitter (jnxPingResultsMaxIngressUs minus jnxPingResultsMinIngressUs) exceeds the configured threshold (jnxPingCtlIngressJitterThreshold) and the ingressJitterThreshold bit is set in jnxPingCtlTrapGeneration. |
EX Series Switch |
PingIngressStddevThresholdExceededAlarm |
Generated when the standard deviation of the ingress time (jnxPingResultsStdDevIngressUs) exceeds the configured threshold (jnxPingCtlIngressStddevThreshold) and the ingress StdDevThreshold bit is set in jnxPingCtlTrapGeneration. |
EX Series Switch |
PingIngressThresholdExceededAlarm |
Generated when the ingress time jitter (jnxPingResultsIngressUs) exceeds the configured threshold (jnxPingCtlIngressTimeThreshold) and the ingress threshold bit (jnxPingIngressThresholdExceeded) is set in jnxPingCtlTrapGeneration. |
EX Series Switch |
PingRttJitterThresholdExceededAlarm |
Generated when the round trip time jitter (jnxPingResultsMaxRttUs minus jnxPingResultsMinRttUs) exceeds the configured threshold (jnxPingCtlRttJitterThreshold) and the rttJitterThreshold bit is set in jnxPingCtlTrapGeneration. |
EX Series Switch |
PingRttStdDevThresholdExceededAlarm |
Generated when the standard deviation of the round trip time (jnxPingResultsStdDevRttUs) exceeds the configured threshold (jnxPingCtlRTTStdDev) and the rttStdDevThreshold bit is set in jnxPingCtlTrapGeneration. |
EX Series Switch |
PingRttThresholdExceededAlarm |
Generated when the round trip time (jnxPingCtlRttThreshold) exceeds the configured threshold (jnxPingCtlRttThreshold) and the rttThreshold bit is set in jnxPingCtlTrapGeneration. |
EX Series Switch |
RMon |
||
RmonAlarmGetFailureAlarm |
Generated when a GET request for an alarm variable returns an error. The specific error is identified by a varbind in jnxRmonAlarmGetFailReason. |
EX Series Switch |
SONET |
||
SonetAlarmSetAlarm |
Generated when there is a notification of a recently set SONET or SDH alarm on an interface. |
EX Series Switch |
SONET APS (SONETAPS) |
||
APSEventChannelMismatchAlarm |
Generated when the value of an instance of apsStatusChannelMismatches increments. |
EX Series Switch |
APSEventFEPLFAlarm |
Generated when the value of an instance of apsEventFEPLFs increments. |
EX Series Switch |
APSEventModeMismatchAlarm |
Generated when the value of an instance of apsEventModeMismatch increments. |
EX Series Switch |
APSEventPSBFAlarm |
Generated when the value of an instance of apsStatusPSBFs increments. |
EX Series Switch |
APSEventSwitchoverAlarm |
Generated when the value of an instance of apChanStatusSwitchover increments. |
EX Series Switch |
Virtual Chassis (VirtualChassis) |
||
VccpMemberAlarm |
Generated when a member has completed transition from the down state to another state. |
EX Series Switch |
VccpPortAlarm |
Generated when one of the member's communication links has completed transition from the down state to another state. |
EX Series Switch |
VNetwork |
||
HostConnectivityLostAlarm |
Generated when all the uplink ports of a virtual switch residing in a host loses network connectivity. |
Host |
HostNetworkRedundancyLostAlarm |
Generated when some uplink ports of a virtual switch residing in a host loses network connectivity. It indicates that there are one or more ports that still has network connectivity. |
Host |
VNetworkConnectivityLostAlarm |
Generated when Network Director loses network connectivity with the vCenter server. |
Virtual Network |
Changing the Severity of Individual Alarms
You can change the severity of the alarms to match your corporate procedures and guidelines. For example, at your company a DoS attack might be considered a critical alarm, while Network Director has a default severity for DoS attacks as a major alarm. Alarms appear on both tabs in the Individual Alarms and Threshold Settings section: Alarm Settings and Threshold Settings.
To change the severity of an alarm:
Configuring Threshold Alarms
Threshold alarms are alarms that are generated when a monitored value crosses the configured threshold. They provide enhanced visibility into potential issues on the network. You configure and manage threshold alarms the same way as other alarms. You also have the option of setting the threshold level of individual threshold alarms.
To edit the threshold of threshlod alarms:
Configuring Individual Alarm Notifications
You can configure e-mail notifications to be sent when an individual alarm is generated. When you enable notification for an alarm, the notifications are sent to the e-mail addresses configured for the alarm and the addresses configured for global alarm notifications. Alarms appear on both tabs in the Individual Alarms and Threshold Settings section: Alarm Settings and Threshold Settings.
To configure e-mail notification for an alarm name: