Page:1of10

SCOPEDCERTIFIEDAPPLICATIONDESIGNCiscoTetrationApplication(1.0.0)

Templateeffectivedate:August2017

IntegrationDesignDocumentTemplate

Page:2of10

TableofContents1 Overview.........................................................................................................................3

1.1 References...............................................................................................................................32 Applicationoverviewandintendeduse...........................................................................3

2.1 Third-partydependencies.......................................................................................................4

3 Softwarearchitectureoverview.......................................................................................44 Softwaredesigndescription.............................................................................................4

5 Performanceconsiderationsandconcerns.......................................................................76 Securityconsiderationsandconcerns...............................................................................7

7 Applicationcomponents..................................................................................................7

7.1 Componentscreatedbytheapplication:................................................................................77.2 Integrationcomponentscreatedbytheapplication:..............................................................8

8 Futureplans.....................................................................................................................99 ServiceLevelAgreementDefinition..................................................................................9

10 Debuggingandtroubleshooting.......................................................................................9

10.1 Debuggingtips:..........................................................................Error!Bookmarknotdefined.10.2 Failuremodes:.......................................................................................................................10

IntegrationDesignDocumentTemplate

Page:3of10

1 Overview

CiscoTetrationAnalyticsusesrichtrafficflowtelemetrytoaddresscriticaldatacentreoperationalusecases.Itusesbothhardwareandsoftwareagentsastelemetrysourcesandperformsadvancedanalyticsonthedatacollected.CiscoTetrationAnalyticssystemusesRolebasedaccesscontrolandvisibilityofdatadependontheroleassignedtotheuser.RolescontainsetsofCapabilitiesandareassigned to users on theUserspage. A user can have any number of roles. Roles can have anynumberofcapabilities.

This rich information in the cluster is discovered through RESTful interfaces supported by CiscoTetrationAnalyticstopopulateServiceNowCMDB.

1.1 References

# DocumentIdentifier DocumentTitle

[1] http://www.cisco.com/c/en/us/products/data-center-analytics/tetration-analytics/index.html?stickynav=5

CiscoTetrationAnalytics

Table1

2 ApplicationoverviewandintendeduseTheapplicationisintendedtodothefollowing:• Import Tetration Analytics discovered devices into ServiceNow CMDB (utilizing Cisco

TetrationAnalyticsclusterasasourceoftruth)• Annotate required devices with the class, instance and discovery source information on

TetrationAnalyticsfromServiceNow

TheInventorydiscoveredbythisapplicationare:

TetrationAnalytics-Thesearetheminimalinformationthatareextracted:

§ ListofallVRFsfromTetration§ ListofallendpointswithSensoragentsinstalled§ ListofallEndPointsdiscoveredbyTetrationAnalyticswithfollowinginformation-

- IPAddress- MACAddress- AddressType- IFaceName- HostName- OperatingSystemanditsversion- ScopetowhichtheEndpointbelongs

This application helps customers maintain a single repository of the endpoints and post annotations based on requirement.

IntegrationDesignDocumentTemplate

Page:4of10

2.1 Third-partydependenciesThisapplicationusesHTTPSRESTAPIstoretrieveinformationfromCiscoTetrationAnalyticsClusterasdefinedin[1].ThisapplicationiscompatiblewithCiscoTetrationAnalyticsrelease2.0orhigherreleases.

3 SoftwarearchitectureoverviewTheapplicationcontainsthefollowingcomponents:

• StagingtablesthatextendsImportSetRow

• CItablethatextendsthebaseCI(cmdb_ci)forendpointelements.

• TransformmaptomovedatafromstagingtablestoCItables

• Script Includes – define REST messages and retrieve the response. The Responses areparsedandstagingtablespopulatedusingtheSNOWRESTAPI.

• ScheduledJobs-toexecutediscoveryondemand.

CiscoTetrationApplicationCITables Extends

CiscoTetrationVRFs ConfigurationItems(cmdb_ci)

CiscoTetrationSensors ConfigurationItems(cmdb_ci)

CiscoTetrationEndPoints ConfigurationItems(cmdb_ci)

CiscoTetrationServiceNowDiscoveredEndpoints ConfigurationItems(cmdb_ci)

CiscoTetrationIPSets -

Table2

4 SoftwaredesigndescriptionAttheheartofCiscoTetrationAnalyticsplatformisabigdataplatform,designedtodealwithlargevolumes of streaming rich telemetry, map thousands of applications spanning across tens ofthousandsofworkloads,enforcementmillionsofpolicyrulesforapplications.UsingUnsupervisedMachineLearning,algorithmicapproachesandautomatedenforcement,customersgeta turnkeysolutionwiththisplatform.DataiscollectedandfedintoTetrationafewdifferentways-

1) IsbyusingaSoftwareagentonahost.2) Isbyusinghardwaresensorslocatedinour9KswitchingplatformASIC.Itisrecommended

that you use both sensors together to get the best coverage, but you can implementTetrationwithonlytheSoftwareorHardwaresensor.

3) Inaddition to thecollectionsensors,wecanadd3rdpartydata. LikeSLBconfigs,ACE,F5information, HA-Proxy, Route-Tags, etc. to Tetration to increase its full understanding ofyourenvironment.

TetrationPlatformisdesignedtobeopen. ItsOpenAccessmethodprovideRESTAPI foruserstoquery the information from a northbound system, Publish notifications to northbound systemsusing Kafkamessage bus, for example trigger a notificationwhen an application communicationdeviates from thepolicy. CustomAppsenablesdevelopers towrite their ownapplicationon the

IntegrationDesignDocumentTemplate

Page:5of10

platform using python or Scala. It provides access to the deep store within the platform anddevelopers[Figure1].CiscoTetrationAnalyticsarchitecture:

Figure 1

CiscoTetrationAnalyticsAnnotations:Usersdefinetags/annotationsforinventories:

• Easytofindinventoriesorsearchflows • Easyforenforcement • Easytoapplypoliciesonsensors

Figure 2 CiscoTetrationApplication: CiscoTetrationApplicationinitiatesadiscoveryofCiscoTetrationAnalyticsClusterusingscheduledjobsandscriptsdetailedinlatersections.TheapplicationusesCiscoTetrationRESTAPIstoimporttheinformationandmaptodifferentCMDBtablesdetailedinlatersections[Figure3].Currentlytheapplicationinitiatestheimportofdataon-demandbyuser.

IntegrationDesignDocumentTemplate

Page:6of10

Figure 3 Cisco Tetration Application uses MID server interfaces to communicate with Cisco TetrationAnalytics Cluster. The user using scheduled jobs initiates discovery. This schedule job importsinformationfromTetrationAnalyticsClusterandmapsthemtoServiceNowCMDBtables[Figure4].

Figure4

IntegrationDesignDocumentTemplate

Page:7of10

5 Performanceconsiderationsandconcerns• Dataimporttimedependsonthevolumeofdataineachcustomerenvironment.

• TheinboundwebservicesareusedtoextractdatafromTetrationCluster.Averagenumberofrecordsextractedpertransactionis150.

6 Securityconsiderationsandconcerns• TetrationAPIKeys

1. Userupdates the table “CiscoTetration IP Sets”with theAPIKeyandSecretKeygenerated fromTetrationsweb interfacewithother information.ThesekeyswillbeusedtomakeRESTrequeststothecluster.

§ NOTE – Please ensure the keys are generated with proper roles. PleasereferUserGuidesonTetrationWebInterfaceformoreinformation.

7 ApplicationcomponentsBelowarethenewlycreatedartifactsandmodificationstobaseServiceNowartifacts:

7.1 Componentscreatedbytheapplication:• Listofscriptincludes:

§ CiscoTetrationVRFs

§ CiscoTetrationSensors

§ CiscoTetrationInventory

§ CiscoTetrationAnnotations

§ CiscoAnnotationEndPoints

• ListofAllUIActions:

§ CiscoTetrationDiscovery

§ CiscoTetrationAnnotations

• Listallnewlydefinedtables:

§ CiscoTetrationVRFs

§ CiscoTetrationSensors

§ CiscoTetrationEndPoints

§ CiscoTetrationServiceNowDiscoveredEndpoints

UserInputformstables

§ CiscoTetrationIPsets

• Listallgauges

§ CiscoTetrationApplication

IntegrationDesignDocumentTemplate

Page:8of10

• Listallpages

§ CiscoTetrationDashboard

§ CiscoTetrationSupportContacts

• Thescope(s)used:x_caci_cisco_tetr

• Theapplicationmenu(s)used:CiscoTetrationApplication

7.2 Integrationcomponentscreatedbytheapplication:• Listallimportsettables:

§ CiscoTetrationVRFStages

§ CiscoTetrationSensorStages

§ CiscoTetrationEndPointsStages

§ CiscoTetrationAnnotationsStages

• Listalltransformationmaps:

§ CiscoTetrationVRFTM

§ CiscoTetrationSensorsTM

§ CiscoTetrationEndPointsTM

§ CiscoTetrationAnnotationsTM

• ListofAllRESTMessages:

§ CiscoTetrationVRFs

§ CiscoTetrationSensors

§ CiscoTetrationInventory

§ CiscoTetrationAnnotations

• ListofAllScriptedRESTAPIs:

§ CiscoTetrationAPI

§ Inventories

§ Sensors

§ VRFs

• Listanyscheduledjobsfordataexports:

§ CiscoTetrationDiscovery

§ CiscoTetrationApplicationCleanup

§ CiscoTetrationAnnotations

IntegrationDesignDocumentTemplate

Page:9of10

8 FutureplansCiscoTetrationApplicationcurrentlysupportsdiscoveryoftheEndPoints,SensorsandVRFsintheinfrastructuretovisualizethe inventorycomponentsandpostannotations intothecluster. Inthelatterphase,thisapplicationwilldevelopfeaturestosupport:

§ IncidentManagement

§ ADMMappingusingServiceNow‘sServiceWatch

9 ServiceLevelAgreementDefinitionInthissection,youdefinetheServiceLevelAgreement(SLA)foryourcustomers.

Customerswill be instructed to contact the integrationprovider (yourorganization) for technicalsupport. If a customer first contacts ServiceNow Customer Support, then ServiceNow CustomerSupport will isolate the problem and instruct the customer to resolve the issue with yourorganization.

• SupportHoursofOperation:8am–5pmEST

• SupportDaysofOperation:Monday–FridayExcludingholidays

• PromisedCallResponseTime:4Hours

• PromisedCallResolutionTime:5BusinessDays

• ContactMethod:Email

• ContactDetails:insbu-servicenow@cisco.com

10 Debuggingandtroubleshooting

10.1 Debugging:• ServiceNowLogs:

Thescriptsusesgs.error()andgs.info()methodstoprinterrorsandinformationmessagesrespectively.

The “application logs” under “system logs” will contain all the logs for the application.CriticalerrormessagesarelistedasErroranddebugstatementsarelistedasInformation.

• MidServerLogs

TheerrorlogsarepopulatedinthefileAgent0.logontheMidServer.

Path=“/servicenow/<mid server name>/agent_folder/logs/agent0.log”

These logs are also available from the instance.Go to, ‘Mid Server -> Server -> [SpecificRecord]MidServer’.Clickon‘GrabMidLogs’undertheRelatedLinks[Figure5].

IntegrationDesignDocumentTemplate

Page:10of10

Figure5

• APIServerLogs

API Sever logs are available in the same directory the API Server is installed on and hascomplete information about API calls being made to the Tetration Cluster and theirresponses.

Path=“/<API Server Path>/Tetration_API/TET_API_Server.log”

10.2 Failuremodes:Forproperfunctioningoftheapplication,ensure:

• MIDservermustbeaccessiblefromServiceNowinstance

• TheMidServerneedsbeabletocommunicatewiththeServiceNowinstancedirectly

• Ensuretheproxiesaresetproperly

• Tetration_APIServerfromCiscoTetrationApplicationshouldbeinstalledonMidServer

• CiscoTetrationAnalyticsmustbeaccessiblefromMIDserver

• CiscoTetrationAnalyticsAPIsmustbeallowedfromMIDserver

Applicationwilltimeoutwaitingforresponsesifanyoftheabovearenotconfiguredcorrectly.

END OF DOCUMENT