Cisco DNA plugin
Monitor your Cisco DNA Center devices. This plugin allows you to add a data source with a small selection of data streams so you can to view the status of devices on your network.
How to add a Cisco DNA data source
Note: This data source is an on-premises data source.
An on-premises data source connects a service running in your internal network to SquaredUp. They require an agent installed on a machine that has access to your internal network.
Configure and deploy an agent
If you have already created an agent in SquaredUp that you can use for this data source, you can skip this step and choose the agent group you want to use while adding the data source.
Create a unique API key for your agent and add the agent to an agent group in SquaredUp.
You create an API key by creating an agent in SquaredUp:
Go to Settings > Relay and add an Agent.
Give the new agent a name and a description that helps you identify where the agent is installed. For example:
Name: server1.domain.localDescription: Test server in production domain
Choose the Agent Group for this agent:
If you already have agent groups, assign it to an existing group and click create.
If you don't have any agent groups yet or want to assign the new agent to a new group, leave the Agent Groups field empty and click create. Then create the agent group by clicking on Add Agent Group and select the new agent in the Agents field for the new group.
After you created the agent, the API key for this agent will be shown to you. Copy the key and store it until you inserted the key into the configuration of the agent you want to deploy on your machine.
The API key will only be displayed to you once. If you lose this API key, you need to generate a new one (by creating a new agent) and any references to the old API key in the configuration of the agent you deployed on your machine will need to be updated.
- The agent status will show as gray until the next stage of configuring the service is completed successfully.
Deploy the agent on a machine that has access to the service the data source connects to.
Download the latest release of the SquaredUp agent zip file, by clicking the download icon under Options next to the agent you have just added.
Prerequisites for agentsThe agent needs to run on a Windows machine that has access to the entry point for the on-premises data source
Make sure the agent is able to make outbound connections on port 443 (no inbound required) to SquaredUp, *.amazonaws.com and Microsoft APIs (Azure Relay).
Optional DNS-based restrictions: *.servicebus.windows.net
For information about Relay Agent versions see Release Notes - Relay Agent
On a Windows machine, with access to the entry point your data source needs to use, extract the downloaded zip file.
In the folder of the extracted zip file, open PowerShell as an administrator and run the following command:
Copy./Install-SQUPAgent.ps1 -ApiKey "key" -AsService -ServiceSuffix "name" -ServiceAccount domain\username
Parameters to replace:
-ApiKey "key"
Mandatory Replace key
with the API key you created for the agent in SquaredUp-AsService
Recommended Run the agent as a service on the machine -ServiceSuffix "name"
Optional To change the default service name of squpagent replace name
with your new service name.-ServiceAccount domain\username
Optional To run the agent as a domain service account (for example, for the SCOM data source), provide the username as domain\username
and it will prompt for the password when it sets up the service-InstallPath
Optional Specify a folder location for where the agent will be installed. If this is not specified then the agent will be installed in the folder where the zip file is extracted. Consider restricting access to the folder where the agent is installed to prevent anyone from updating or viewing the configuration files.
Configure a domain service account using the installation script, for example:
./Install-SQUPAgent.ps1 -ApiKey "key" -AsService -ServiceAccount domain\username
where
key
is the API key, anddomain\username
is the domain service accountAlternatively, in Services > SquaredUp Cloud Agent > Properties select the account on the Log On tab.
Use a dedicated user account for the agent's service identity. Create a special service account for this domain service account, do not use an existing user account.
The account (typically a service account) needs to have the log on as a service permission.
Adjust any permissions for the service and start the service.
How to start the agent serviceYou can start the agent service from Services > SquaredUp Cloud Agent, or using PowerShell using either:
Start-Service -Name <ServiceName>
Where
<ServiceName>
should be replaced with the service name shown in brackets in the upgrade script output (or Properties of the service).For example:
Start-Service -Name squpagent
or
Start-Service -DisplayName <DisplayName>
Where
<DisplayName>
should be replaced with the service name shown before the brackets in the upgrade script output (or Properties of the service).How to find the agent folder location or Service name in PropertiesLook at the Properties of the SquaredUp Cloud Agent service:
On the server running the agent, open Services
Scroll down to the SquaredUp Cloud Agent in the list
Right-click on the SquaredUp Cloud Agent service and then Properties
Here you can see the Service name, Display name and Path to the agent folder.
You can also start or stop the service from here.
- Check the agent status in SquaredUp Settings > Relay
Running the agent as a domain service accountBy default, the SquaredUp agent service uses the local system identity, but this can be changed to a domain service account if required, for example for the SCOM data source.
Add a Cisco DNA data source in SquaredUp
Now use the API token to configure the data source in SquaredUp:
To add a data source click on the + next to Data Sources on the left-hand menu in SquaredUp. Search for the data source and click on it to open the Configure data source page.
Display Name:
Enter a name for your data source. This helps you to identify this data source in the list of your data sources.
Agent Group:
Select the Agent Group that contains the agent(s) you want to use.
Cisco DNA URL:
Enter the URL of your Cisco DNA server.
Account Username:
Enter the username for your Cisco DNA account.
The account must have API access.
Password:
Enter the password for the API user.
Optionally, select whether you would like to restrict access to this data source instance. By default, restricted access is set to off.
Restrict access to this data sourceThe term data source here really means data source instance. For example, a user may configure two instances of the AWS data source, one for their development environment and one for production. In that case, each data source instance has its own access control settings.
By default, Restrict access to this data source is set to off. The data source can be viewed, edited and administered by anyone. If you would like to control who has access to this data source, switch Restrict access to this data source to on.
Use the Restrict access to this data source dropdown to control who has access to the workspace:
By default, the user setting the permissions for the data source will be given Full Control and the Everyone group will be given Link to workspace permissions.
Tailor access to the data source, as required, by selecting individual users or user groups from the dropdown and giving them Link to workspace or Full Control permissions.
If the user is not available from the dropdown, you are able to invite them to the data source by typing in their email address and then clicking Add. The new user will then receive an email inviting them to create an account on SquaredUp. Once the account has been created, they will gain access to the organization.
At least one user or group must be given Full Control.
Admin users can edit the configuration, modify the Access Control List (ACL) and delete the data source, regardless of the ACL chosen.
Data source access levelsAccess Level:
Link to workspace
- User can link the data source to any workspace they have at least Editor permissions for.
- Data from the data source can then be viewed by anyone with any access to the workspace.
User can share the data source data with anyone they want.
User cannot configure the data source in any way, or delete it.
Full Control - User can change the data source configuration, ACL, and delete the data source.
See Access control for more information.
Click Test and add to validate the data source configuration.
Testing outcomesTesting passed – a success message will be displayed and then the configuration will be saved.
Testing passed with warnings – warnings will be listed and potential fixes suggested. You can still use the data source with warnings. Select Save with warnings if you believe that you can still use the data source as required with the warnings listed. Alternatively, address the issues listed and then select Rerun tests to validate the data source configuration again. If the validation now passes, click Save.
Testing Failed – errors will be listed and potential fixes suggested. You cannot use the data source with errors. You are able to select Save with errors if you believe that a system outside of SquaredUp is causing the error that you need to fix. Alternatively, address the issues listed and then select Rerun tests to validate the data source configuration again. If the validation now passes, click Save.
You can edit any data source configurations at any time from Settings > Data Sources.
You can also add a data source from Settings > Data Sources > Add data source, but sample dashboards are not added when using this method.
Using the Cisco DNA data streams
Data streams standardize data from all the different shapes and formats your tools use into a straightforward tabular format. While creating a tile you can tweak data streams by grouping or aggregating specific columns. Depending on the kind of data, SquaredUp will automatically suggest how to visualize the result, for example as a table or line graph.
Data streams can be either global or scoped:
Global data streams are unscoped and return information of a general nature (e.g. "Get the current number of unused hosts").
A scoped data stream gets information relevant to the specific set objects supplied in the tile scope (e.g. "Get the current session count for these hosts").
There are four data streams installed with the data source:
All Devices
Shows data for all wireless controllers, all unified APs and all unreachable devices.
Unreachable Devices
Devices with an error next to Reachability Status will be shown.
All Wireless Controllers
Shows data for all wireless controllers.
All Unified APs
Shows data for all access points.
How to create a data stream for this data source:
Write a custom data stream (advanced use) see Writing a custom data stream (advanced users)
Writing a custom data stream (advanced users)
You can create new data streams that will filter on specific properties by adding that property to the datasourceconfig. You are able to do this by setting the value to the search value from the following list: hostname
, managementIpAddress
, family
, reachabilityStatus
, managementState
, location
, softwareVersion
, id
.
For example:
"dataSourceConfig": {
"endpointUrl": "/dna/intent/api/v1/network-device",
"hostname": "testing.global.example.com"
},