Aruba IMC Orchestrator 6.2 Configuration Guide

Brand: Aruba

Model: IMC Orchestrator 6.2

Type: Configuration Guide

Aruba IMC Orchestrator 6.2 is an advanced network operations monitoring solution that provides comprehensive visibility and control over your network infrastructure. With IMC Orchestrator 6.2, you can:

Monitor the health and performance of your network devices in real-time, including switches, routers, firewalls, and wireless access points.
Receive prompt notifications of network issues via SMS, email, or SNMP traps, enabling you to take quick action before they deteriorate or interrupt services.
Troubleshoot network problems quickly and efficiently using IMC Orchestrator's powerful diagnostic tools.

Monitor the health and performance of your network devices in real-time, including switches, routers, firewalls, and wireless access points.
Receive prompt notifications of network issues via SMS, email, or SNMP traps, enabling you to take quick action before they deteriorate or interrupt services.
Troubleshoot network problems quickly and efficiently using IMC Orchestrator's powerful diagnostic tools.

IMC Orchestrator 6.2 Operations Monitoring

Configuration guide

The information in this document is subject to change without notice.

i 
Contents 
Overview ························································································1 
IMC PLAT as the network operations monitoring platform ·························2 
Prerequisites ······························································································································· 2 
Configure the physical devices for operations monitoring ····································································· 2 
Configure IMC PLAT for network operations monitoring ······································································ 3 
Deploy DNS services ············································································································· 3 
Example: Send alarm notifications via SMS ················································································ 4 
Example: Send alarm notifications via email ··············································································· 7 
Filter, clear, or acknowledge alarms ························································································ 11 
View global resource monitoring information ············································································· 14 
Monitor network devices ······································································································· 15 
Review system logs ············································································································· 16 
Configure SNMP to send alarms in traps ················································································· 16 
Configure system log settings ································································································ 17 
Use an external platform for network operations monitoring ····················· 19 
Configure IMC PLAT to send controller system logs to an external operations monitoring platform ····· 19 
Configure the physical devices to send system log messages and SNMP notifications to an external 
platform ····························································································································· 19 
Appendix A   Alarm and trap management on IMC PLAT ·························0 
Manage alarms on IMC PLAT ········································································································· 0 
Manage system alarms ·········································································································· 0 
Alarm messages reference······································································································ 6 
Obtain trap definitions from IMC PLAT ····························································································· 8 
Log in to IMC PLAT ··············································································································· 8 
View trap definitions ··············································································································· 9 
Filter trap definitions ·············································································································· 9 
Commonly used filtering criteria ····························································································· 10 
 

Overview

With the IMC Orchestrator 6.2 solution, you can use one of the following methods to monitor network

operations:

• Use IMC PLAT to monitor network operations.

• Use an external network operations monitoring platform. This platform receives Syslog and

SNMP notifications from the controller or network devices.

The procedure to configure network operations monitoring differs depending on the method you use.

IMC PLAT as the network operations

monitoring platform

Prompt notification of network issues enables administrators to take quick action on the issues before

they deteriorate or interrupt services. IMC PLAT supports notifications of alarms via SMS, and email.

The configuration procedure differs by notification method.

Prerequisites

The alarm feature depends on the network application package, which is licensed-based. Before

you configure IMC PLAT to monitor network operations, make sure you have installed the network

application package and its license.

Configure the physical devices for operations

monitoring

The physical devices (primarily switches and security appliances) use SNMP to push events to the

operations monitoring platform. The monitoring platform can also polls the MIBs on the devices to

generate alarms.

The following information describes the SNMP configuration procedure on the network devices. If

underlay automation is used, some of the SNMP settings are automatically deployed on the

incorporated devices and you do not need to configure them.

1. Enable the information center and the SNMP agent.

[device] info-center enable

[device] snmp-agent

2. Configure a read-only community string and a read and write community string. Then, enable

SNMP versions. This example enables all SNMP versions.

[device] snmp-agent community read public

[device] snmp-agent community write private

[device] snmp-agent sys-info version all

3. Enable SNMP notifications and enable SNMP notifications for service modules, for example,

BGP.

[device] snmp-agent trap enable

[device] snmp-agent trap enable bgp

4. Specify IMC PLAT as a target host to receive SNMP notifications at the northbound service

VIP of its cluster. Optionally, configure authentication for security purposes.

[device] snmp-agent target-host trap address udp-domain 192.168.10.100 params

securityname public v2c

If the northbound service VIP belongs to a VPN, you are required to specify the VPN. In the

following example, VPN instance mgmt is specified.

[device] snmp-agent target-host Trap address udp-domain 1.1.1.1 vpn-instance mgmt

params securityname public v2c

5. Specify IMC PLAT as a log host to receive logs at the northbound service VIP of the Installer

cluster.

[device] info-center loghost 192.168.10.100

Configure IMC PLAT for network operations

monitoring

Deploy DNS services

If external connectivity is deployed for the data center network, you must deploy a DNS server. The

server uses a distributed database to translate domain names to IP addresses. The DNS server

listens for requests on UDP port 53.

To deploy a DNS server on IMC PLAT:

1. Open a Web browser and enter https://Installer_ip_address:8443/matrix/ui in the address

bar to log in to Installer. The Installer_ip_address argument represents the northbound

service VIP of the Installer cluster.

2. Navigate to the Deploy > Clusters page, and then click the Cluster Parameters tab.

Figure 1 Cluster parameters

3. Click the Edit icon to edit the cluster parameters.

4. Select External DNS Server, and click Add DNS Server.

Figure 2 Adding a DNS server

5. In the dialog box that opens, enter a DNS server IP address and a service port number, and

then click Apply, as shown in Figure 3.

Figure 3 Adding a DNS server

6. Click Apply to deploy the DNS server.

Example: Send alarm notifications via SMS

This example uses the Emay SMS platform to deliver SMS alarm notifications.

Prerequisites

• Make sure you have license information (serial number and encryption key) for registration

with the Emay SMS platform.

• Make sure IMC Orchestrator Controller has incorporated the monitored network devices and

can receive SNMP notifications from them.

• Make sure a DNS server address has been specified on IMC PLAT and IMC PLAT has

Internet connectivity.

Configure the SMS center

1. Open a Web browser, and then enter http://ip_address:30000/central in the address bar to

Installer cluster.

2. Navigate to the System > System Settings > SMSC Settings page.

Figure 4 SMS settings

3. Select the Emay SMS Sender option for the Sending Method field.

4. Enter the serial number and encryption key for registration with the Emay platform.

5. In the Internet Connection Info area, click Edit.

6. In the dialog box that opens, select a connection type, and then click OK.

In this example, select Direct Connection.

Figure 5 Configuring the Internet connection

7. On the SMS settings page, click Refresh. Verify that the Internet connection information has

been set successfully.

8. In the SMS Signature area, enter a signature template.

9. In the Test Info area, enter a test number and the test content.

10. Click Test to send the test content to the test number. Make sure the SMS message can be

sent successfully.

Configure alarm forwarding via SMS messages

1. Log in to IMC PLAT.

2. Navigate to the Monitor> Alarm > Alarm Forward page.

Figure 6 Alarm forwarding rules

3. Click Add to add an alarm forwarding rule.

Figure 7 Adding an alarm forwarding rule

4. Configure the alarm forwarding rule:

 Rule Name: Assign a name to the rule.

 Alarm Severity Levels to be Concerned: Select the severity levels of alarms to be sent

via SMS. The system sends alarms via SMS only for the selected severity levels.

 Resources to be Concerned: Select resources of interest. The system sends alarms via

SMS only for resources of interest. By default, the All Resources option is selected.

 Alarm to be Concerned: Select alarms of interest. The system sends only alarms of

interest via SMS. This example selects the All Alarms option.

5. Click SMS Forwarding.

Figure 8 SMS forwarding

6. Specify the period of time during which alarms are generated, enter a phone number, and

then click Add. By default, the All option is selected for the Alarm Time field.

Figure 9 Adding a mobile phone number

7. Click OK.

In the Action Settings area, verify that the SMS alarm forwarding rule has been added.

Figure 10 Adding an SMS alarm forwarding rule

8. Click OK.

Verify that the SMS alarm forwarding rule has been added to the rule list, and the rule is in

enabled (On) state.

Figure 11 SMS alarm forwarding rule list

When an alarm occurs, the specified mobile phone will receive a notification of the alarm.

9. Navigate to the System > System Settings > SMS Message Records page to view the

SMS messages that have been sent.

Example: Send alarm notifications via email

Configure IMC PLAT to promptly notify remote maintenance staff of alarms via email.

Prerequisites

• Only a user with administrator permissions can configure the mail server and alarm

forwarding rules.

• Make sure the mail server has been set up successfully and can access the mail sending

ports, such as POP and SMTP.

• Make sure the mail client can send and receive mails through the mail server.

Summary procedure

1. Add a mail account on the mail server.

2. Configure the mail server information.

3. Configure alarm forwarding rules.

4. Verify the configuration.

Configure the mail server information

To send mail notifications, you must first specify a mail server.

1. Log in to IMC PLAT, and then navigate to the System > System Settings > Mail Server

Settings page.

Figure 12 Mail server settings

2. Configure the mail server settings:

 Server Address: Enter the domain name or IP address of the mail server. In this example,

use the address of the mail server set up on the internal network.

 Server Port: Enter the port number of the mail server. The default is 25.

 Secure Connection (SSL/TLS): Select TLSv1, TLSv1.1, TLSv1.2, or SSL for secure

connection to the server. If a secure connection is not required, select None.

 Client Authentication: Specify the same client authentication settings as those on the

server. If client authentication is enabled on the mail server, you must also enable client

authentication for the mail server in the system, and enter the sender's username and

password. If the mail server does not require client authentication, do not configure client

authentication.

 Sender’s Email Address: Enter the mail address of the sender. In this example, enter

user2@mail.hpe.com.

3. Click Send Test Mail to test server connectivity and correctness of the username and

password.

NOTE:

If the mail server cannot be pinged, the system makes continuous attempts to send the test

mail until after the mail is sent successfully or the maximum number of attempts is reached.

Figure 13 Successful mail test

4. Click OK.

Add an alarm forwarding rule

1. Navigate to Monitor > Alarm > Alarm Forwarding Rules.

2. Click Add.

Figure 14 Adding an alarm forwarding rule

3. Configure the alarm forwarding rule:

 Rule Name: Assign a name to the mail alarm forwarding rule. In this example, enter test.

 Alarm Severity Levels to be Concerned: Select one or multiple alarm severity levels of

interest. Use the default settings in this example.

 Resources to be Concerned:

− To forward alarms generated by any resources, select the All Resources option.

− To forward alarms generated by only resources of interest, select the Selected

Resources option, and then select resources or resource groups of interest. If you

select a group, all resources in that group are selected.

 Alarms to be Concerned:

− To forward all alarms, select the All Alarms option.

− To forward only a subset of alarms, select the Selected Alarms option, and then click

Select. In the dialog box that opens, select alarms of interest.

Figure 15 Configuring alarm forwarding via email

4. In the Action Settings area, click Email Forwarding.

5. Configure the alarm forwarding rule:

 Alarm Time: Specify the period of time during which alarms are generated. Select the All

or Absolute Time Span option.

− All: The system forwards alarms regardless of when they are generated.

− Absolute Time Span: The system forwards only alarms generated within the selected

time span. For example, if you set the time span to 00:00-23:59 for a day, the system

forwards all alarms generated on this day.

This example uses the default setting.

 Mail Address: Specify the mail addresses for receiving alarm notification mails. You can

specify one or multiple unique mail addresses. The mail address format is

login_username@host_name.domain_name. In this example, enter

user2@mail.hpe.com.

6. Click OK to add the alarm forwarding rule.

Figure 16 Email alarm forwarding rule added successfully

NOTE:

If an alarm matches multiple alarm forwarding rules, the alarm is forwarded based on each

matching rule. If the matching rules contain the same destination (for example, the same mail

address, mobile phone number, or message template), the system sends only one notification of

the alarm to that destination.

Verify the configuration

Access the mail box for receiving alarm notifications to verify that it can receive alarm notifications

of interest pushed by IMC PLAT.

After receiving an alarm notification, you can log in to IMC PLAT to process the alarm.

Filter, clear, or acknowledge alarms

Filter alarms by alarm status

1. Navigate to the Monitor > Alarm > Active Alarms page.

2. Click the Search Conditions link. To view alarms in any states, select All for the Status field.

To view alarms in a particular state, select that state.

Figure 17 Active alarms

Acknowledge alarms

If you verify that an unacknowledged alarm has been cleared, click the Unacked link in the Ack

State column for that alarm to acknowledge it.

Figure 18 Acknowledging an alarm

Filter alarms by using advanced criteria

1. Click the icon at the upper right of the page to expand the advanced search area.

2. Specify the alarm state, resources, resource groups, and alarm categories to display only the

matching alarms.

If you select All for the Status field, you can see information about alarms in any state.

including the source of each alarm and when they were generated. If an alarm has been

cleared, the page also shows when it was cleared. On this page, you can clear, acknowledge,

and delete alarms as needed.

3. Click a column heading of the alarm list to sort the alarms in descending or ascending order.

You can sort the alarms by the severity, alarm source, first alarm time, cleared at (alarm

clearing time), or repetitions field.

Figure 19 Advanced search area

View and delete history alarms

History alarms are alarms that were cleared prior to the present day.

Navigate to the Monitor > Alarm > History Alarms page.

The system displays the following information about each alarm:

• Severity: Severity level of the alarm. Available severity levels are info, warning, minor,

major, and critical, from the least severe level to the most severe level.

• Alarm Source: Name and IP address of the device that generated the alarm.

• Alarm Info: Event description.

• Clearing State: Whether the alarm has been cleared. If the alarm has been cleared

automatically by the system, this field displays $SYSTEM. If the alarm has been manually

cleared by a user, this field displays the username.

• Ack State: Whether the alarm has been acknowledged. If the alarm has been acknowledged,

this field displays the username of the user who acknowledged the alarm. If the alarm is not

acknowledged, this field displays Unacked.

• First Alarm: Date and time when the alarm first occurred.

• Cleared At: Date and time when the alarm was cleared.

• Repetitions: Number of alarm recurrences before the alarm was cleared.

• Duration: Period of time from when the alarm was generated to when the alarm was cleared.

• Actions: Actions that can be performed on the alarm. You can only delete a history alarm.

View alarms generated by a device

This feature is available for devices incorporated by the controller.

To view all alarms generated on an incorporated device, click its link in the Alarm Source column of

the alarm list.

Figure 20 Alarm source

Figure 21 Alarms from a device

View global resource monitoring information

IMC PLAT presents a holistic view of resource statistics for the entire network. For example, you can

view network-wide statistics for switches, virtual devices, VLANs, and VXLANs.

View resource capacity statistics

To view network resource capacity statistics, navigate to the Monitor > Performance > Network

page.

View physical device performance statistics

To view physical device performance statistics, navigate to the Monitor > Performance > Network >

Physical Devices page.

View physical device health statistics by device role

To view physical device health statistics by device role, navigate to the Monitor > Performance >

Resource > Physical Devices page.

View virtual device health statistics by device role

To view virtual device health statistics, navigate to the Monitor > Performance > Resource > Virtual

Devices page.

View event statistics

To view event statistics, navigate to the Monitor > Performance > Resource > Events page.

View IP address& VNID resource statistics

To view IP address and VNID resource statistics, navigate to the Monitor > Performance >

Resource > IP & VNID Resources page.

View interface event statistics

To view interface event statistics, navigate to the Monitor > Performance > Resource > Interface

Events page.

View VNI traffic Statistics

To view traffic statistics for VNIs, navigate to the Monitor > Performance > Resource > VNI Traffic

Statistics page.

Monitor network devices

To monitor the health and performance of a network device, add that device to the list of monitored

devices. The collected statistics can help you make data-driven optimization and scaling decisions

to improve network performance.

View the list of monitored network devices

1. Navigate to the Monitor > Performance > Network page.

The system displays the following information for each monitored network device:

 Device Label: Device label for the monitored network device. By default, a device label is

in resource-type_management-IP format. You can change the device labels as needed for

the ease of management.

 IP Address: IP address of the network device.

 Device Model: Model of the network device.

 Monitor Templates: The monitor templates that apply to the network devices.

 CPU Usage (%): CPU usage of the network device.

 Memory Usage (%): Memory usage of the network device.

 Response Time (ms): Delay (milliseconds) for the controller to receive a response from

the network device.

 Unreachability Radio (%): The percentage of network device reachability test failures in

all reachability tests for the present day.

 Maintenance State: Whether the network device is in maintenance state. You can place a

device in maintenance state for scheduled or non-scheduled maintenance or when you

must shut down it.

 Actions: Actions that can be performed on the network device, including:

 : View monitoring details. This action is available only when the network device is

monitored.

 : View detailed interface information.

 : View performance data.

 : Edit monitoring settings.

 : Synchronize data with the network device.

 : Delete the network device.

Enable or disable monitoring

1. To disable monitoring a network device, click the icon. Then, the system stops collecting

performance data from the network device.

2. To enable monitoring a network device, click the icon. Then, the system starts collecting

performance data from the network device.

Figure 22 Monitored network devices

Add a network device to the monitor system

To monitor a network device, perform this task.

Before you do that, make sure that device can communicate with the servers that deploy IMC PLAT.

To add a network device:

1. Navigate to the Monitor > Performance > Network page.

2. Click Add.

3. Enter basic information about the device:

 Specify the management IP address of the device.

 Specify the subnet mask for the management network.

 Enter a device label for the device for the ease of identification.

 Select whether to have the device send traps (SNMP notifications) to the system.

 Select the support of the device for ping operations.

The device, for example, a firewall, does not support ping operations if it filters or does not

respond to the ping packets sent by the system.

 Select whether to add the device to the system even if it cannot be pinged.

4. Configure the SNMP, telnet, and SSH parameters for the device.

5. In the monitor settings area, click Select to select monitor templates for the device.

6. Click OK.

Review system logs

Navigate to the System > Log Center > System Log List page. On this page, you can review the

system logs for all components of IMC PLAT.

Configure SNMP to send alarms in traps

Set up SNMP on Installer

The system supports SNMPv1, SNMPv2c, and SNMPv3. SNMPv1 and SNMPv2c use community

names (also called community strings) for authentication. SNMPv3 uses username and password

pairs for authentication.

1. Configure the local SNMP engine ID:

a. Navigate to the SYSTEM > Settings > SNMP page.

b. In the local SNMP engine ID setting area, click Edit.

c. In the dialog box that opens, edit the local SNMP engine ID, and then click Apply.

2. Add a community name:

a. Navigate to the SYSTEM > Settings > SNMP page, and then click the Communities tab.

b. Click Add.

c. In the dialog box that opens, specify the community name, and then click Apply.

Delete community strings as needed.

3. Add users:

a. Navigate to the SYSTEM > Settings > SNMP page, and then click the Users tab.

b. Click Add.

c. In the dialog box that opens, configure parameters such as the username and security

mode.

d. Click Apply.

Edit or delete users as needed.

4. Specify SNMP notification recipient hosts:

a. Navigate to the SYSTEM > Settings > SNMP page, and then click the Target Hosts tab.

b. Click Add.

c. In the dialog box that opens, configure whether to send traps, enter the IP address and

port number of the recipient host, select an SNMP protocol, and specify the community

name or username.

d. Click Apply.

Edit or delete recipient hosts as needed.

Configure trap forwarding rules on IMC PLAT

To have IMC PLAT send SNMP notifications to an external system:

1. Log in to IMC PLAT.

2. Navigate to the Monitor > Alarm > Traps > Trap Forwarding Rules page.

Figure 23 Configuring trap forwarding rules

Table 1 Trap forwarding rule parameters

Field

Description

Rule Name

Name of the rule, a string of 1 to 32 characters. It can contain these special characters:

percentage sign (%), ampersand (&), underscore (_), and dot (.).

IP Address

Destination IP address for the matching traps.

Port

Destination service port number for the matching traps.

Configure system log settings

1. Log in to IMC PLAT, and then navigate to the System > Log Center > System Log Setting

page to configure settings for system log management.

2. Configure the log retention period (log saving days) and time to clear expired log entries.

3. Specify the IP address and port number of the log server.

You can specify a maximum of two log servers.

Figure 24 Configuring system log settings

4. To send only a subset of log entries, click Add Filter. In the dialog box that opens, select

source components of interest and other filtering conditions, and then click Apply.

5. Click Apply.

Page is loading ...

Aruba IMC Orchestrator 6.2 Configuration Guide

Brand: Aruba

Model: IMC Orchestrator 6.2

Type: Configuration Guide

Monitor the health and performance of your network devices in real-time, including switches, routers, firewalls, and wireless access points.
Receive prompt notifications of network issues via SMS, email, or SNMP traps, enabling you to take quick action before they deteriorate or interrupt services.
Troubleshoot network problems quickly and efficiently using IMC Orchestrator's powerful diagnostic tools.

Download PDF

report

Aruba IMC Orchestrator 6.2 Configuration Guide

Aruba IMC Orchestrator 6.2 Configuration Guide

Related papers

Other documents