NPM Monitor Cisco ACI

You can monitor ACI on the APIC level if you have SNMP enabled. SNMP access however is dependent on what contract you have.

Hello Deltona,

Could you please elaborate on the specifics of what you've done to make it work at the APIC level?  And I'm assuming here you're referring to SNMP polling, not the APICs sending Traps.

Currently I have NPM 12.1 polling leaf and spine switches just fine for hardware health and port status using SNMP v3, and can send Traps or Syslog messages out as well, but I can not get NPM to SNMP v3 poll the actual APICs themselves.  So if this is what you are referring to that you're actively doing (again, polling the APICs not sending SNMP Traps), I'm sure a number of people would be interesting in knowing the config steps in ACI needed.

• For background info for others, ACI 2.2 should allow for the SNMP polling of leaf/spine switches (likely earlier versions as well).  I'm running ACI 3.0 at the moment though, having upgraded recently.

Thanks,

-Marek

Hi Marek,

were  you able by chance to find some more information on this ? We are deploying ACI now and i would welcome to have option to get more information from APIS

thx

marek

Hello mtalas,

I responded to you directly (I'm not on here much), but in case you didn't get that and/or perhaps it'll help some other people here since I got it working, this is some general information... though you'll have to find the actual documentation/examples out there on your own.

So FWIW:

You can currently get the typical/standard NPM monitoring for Cisco ACI [hardware] using SNMP polling (I'm using v3) right now – At least for ACI 3.x for certain, this includes the Leafs, Spines, and APICs but I think 2.2 / 2.3 will as well.

To make that work though you need to do some prep on the ACI side of things - namely enabling SNMP in a few places (yes, there's more one spot), and additionally/separately you can set ACI to send SNMP Traps as well (or Syslog) to Orion.  The documentation out there is sparse but there are one or two documents that will get you there.  Note: The SNMP portions alone will get you the Leaf & Spines, like any other Cisco switch polled by NPM, but with ACI 3.x (maybe even 2.3 or 2.2) to get the APICs you need to define an OOB Management contract to allow Orion to query the APICs (assuming you're using out of fabric connections for OOBM [recommended]) - that part doesn't seem to be included in a lot of the info on the Internet and took me a bit to run across.  Basically Cisco changed the protocols allowed in by default, so you have to now explicitly allow in traffic to UDP 161 and you have to have your APICs entered in your Node Management Addresses section (likely only your leafs & spines are there).

It may not get all the hardware sensors or fields, but you can monitor general health & interfaces, and have alerts on them like normal.

Hope that helps.

Cheers,

-Marek

For some reason I was getting an error repeatedly when trying to add an image to my post above, but here's a sample APIC in NPM:

Dear Marek

Please provide details on Document and check point you have done in Cisco ACI side mentioned as below. we are using Cisco ACI 2.2.

1- Places in fabrics where we have to configure SNMP

2- One or 2 Document referred by you to configure SNMP

3- what is OOB Management Contract ? Where to configure

-----

"To make that work though you need to do some prep on the ACI side of things -

namely enabling SNMP in a few places (yes, there's more one spot), and

additionally/separately you can set ACI to send SNMP Traps as well (or Syslog)

to Orion.  The documentation out there is sparse but there are one or two

documents that will get you there.  Note: The SNMP portions alone will get you

the Leaf & Spines, like any other Cisco switch polled by NPM, but with ACI

3.x (maybe even 2.3 or 2.2) to get the APICs you need to define an OOB

Management contract to allow Orion to query the APICs (assuming you're using out

of fabric connections for OOBM [recommended]) - that part doesn't seem to be

included in a lot of the info on the Internet and took me a bit to run across.

Dear Marek

Please provide details on Document and check point you have done in Cisco ACI side mentioned as below. we are using Cisco ACI 2.2.

1- Places in fabrics where we have to configure SNMP

2- One or 2 Document referred by you to configure SNMP

3- what is OOB Management Contract ? Where to configure

-----

"To make that work though you need to do some prep on the ACI side of things -

namely enabling SNMP in a few places (yes, there's more one spot), and

additionally/separately you can set ACI to send SNMP Traps as well (or Syslog)

to Orion.  The documentation out there is sparse but there are one or two

documents that will get you there.  Note: The SNMP portions alone will get you

the Leaf & Spines, like any other Cisco switch polled by NPM, but with ACI

3.x (maybe even 2.3 or 2.2) to get the APICs you need to define an OOB

Management contract to allow Orion to query the APICs (assuming you're using out

of fabric connections for OOBM [recommended]) - that part doesn't seem to be

included in a lot of the info on the Internet and took me a bit to run across.