Get the Netflow configuration using REST API

zo3 · ‎07-25-2024

In the documentation: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/kb/b_KB_Cisco_APIC_and_NetFlow.html

under the titles:

Configuring NetFlow Using the REST API

Configuring NetFlow Infra Selectors Using REST API

There's an example XML to configure Netflow infra selectors using the REST API.

<infraInfra>
    <!--Create Monitor Policy /-->
    <netflowMonitorPol name='monitor_policy1' descr='This is a monitor policy.'>
        <netflowRsMonitorToRecord tnNetflowRecordPolName='record_policy1' />
        <!-- A Max of 2 exporters allowed per Monitor Policy /-->
        <netflowRsMonitorToExporter tnNetflowExporterPolName='exporter_policy1' />
        <netflowRsMonitorToExporter tnNetflowExporterPolName='exporter_policy2' />
    </netflowMonitorPol>   
            
    <!--Create Record Policy /-->
    <netflowRecordPol name='record_policy1' descr='This is a record policy.' match='src-ipv4,src-port'/>

    <!--Create Exporter Policy /-->
    <netflowExporterPol name='exporter_policy1' dstAddr='10.10.1.1' srcAddr='10.10.1.10' ver='v9' descr='This is an exporter policy.'>
        <!--Exporter can be behind app EPG or external L3 EPG (InstP) /-->
        <netflowRsExporterToEPg tDn='uni/tn-t1/ap-app1/epg-epg1'/>
        <!--This Ctx needs to be the same Ctx that EPG1’s BD is part of /-->
        <netflowRsExporterToCtx tDn='uni/tn-t1/ctx-ctx1'/>
    </netflowExporterPol>

    <!--Node-level Policy for collection Interval /-->
    <netflowNodePol name='node_policy1' collectIntvl='500' />
    
    <!-- Node Selectors - usual config /-->
    <infraNodeP name="infraNodeP-17" >
        <infraLeafS name="infraLeafS-17" type="range">
            <!-- NOTE: The nodes can also be fex nodes /-->
            <infraNodeBlk name="infraNodeBlk-17" from_="101" to_="101"/>
            <infraRsAccNodePGrp tDn='uni/infra/funcprof/accnodepgrp-nodePGrp1' />
        </infraLeafS>
        <infraRsAccPortP tDn="uni/infra/accportprof-infraAccPortP"/>
    </infraNodeP>

    <!-- Port Selectors - usual config /-->
    <infraAccPortP name="infraAccPortP" >
        <infraHPortS name="infraHPortS" type="range">
            <!-- NOTE: The interfaces can also be Port-channels, fex interfaces or fex PCs /-->
            <infraPortBlk name="infraPortBlk" fromCard="1" toCard="1" fromPort="8" toPort="8"/>
            <infraRsAccBaseGrp tDn="uni/infra/funcprof/accportgrp-infraAccPortGrp"/>
        </infraHPortS>
    </infraAccPortP>

    <!-- Policy Groups - usual config /-->
    <infraFuncP>
        <!-- Node Policy Group - to setup Netflow Node Policy /-->
        <infraAccNodePGrp name='nodePGrp1' >
            <infraRsNetflowNodePol tnNetflowNodePolName='node_policy1' />
        </infraAccNodePGrp>

        <!-- Access Port Policy Group - to setup Netflow Monitor Policy /-->
        <infraAccPortGrp name="infraAccPortGrp" >
            <!--One Monitor Policy per address family (ipv4, ipv6, ce) /-->
            <infraRsNetflowMonitorPol tnNetflowMonitorPolName='monitor_policy1' fltType='ipv4'/>
            <infraRsNetflowMonitorPol tnNetflowMonitorPolName='monitor_policy2' fltType='ipv6'/>
            <infraRsNetflowMonitorPol tnNetflowMonitorPolName=‘monitor_policy2' fltType=‘ce'/>
        </infraAccPortGrp>
    </infraFuncP>
</infraInfra>

It seems like the example shows an exporter policy where the srcAddress is 10.10.1.10 (presumably this could also be a mask)

and some node selectors (seems ot be a node block from 101 to 101, so just one node)

I wanted to know if there was an API call that could grab these particular configurations for Netflow such that it would be easy to grab that node 101 has netflow enabled and has an exporter IP of 10.10.1.10 or whatever the version would be if there was a submask for the src IP address?

I know there is something like:

` https://10.10.20.14/api/node/mo/uni/infra.json?query-target=children`

that would get the netflowExporterPol but not sure if that is grabbing nodes that would be exporting Netflow. Thanks

AshSe · ‎11-05-2024

Hello @zo3

To retrieve the NetFlow configuration, including the node and exporter details, you can use the Cisco ACI REST API to query the relevant managed objects. Here’s a step-by-step guide on how to achieve this:

Retrieve NetFlow Exporter Policies: To get the details of the NetFlow exporter policies, including the source and destination IP addresses, you can use the following API call:
GET https://<APIC_IP>/api/node/class/netflowExporterPol.json

This will return a list of all NetFlow exporter policies configured in the ACI fabric.
Retrieve NetFlow Monitor Policies: To get the details of the NetFlow monitor policies, you can use the following API call:
GET https://<APIC_IP>/api/node/class/netflowMonitorPol.json

This will return a list of all NetFlow monitor policies configured in the ACI fabric.
Retrieve Node Policies: To get the details of the node policies, including which nodes have NetFlow enabled, you can use the following API call:
GET https://<APIC_IP>/api/node/class/infraNodeP.json

This will return a list of all node policies, including the nodes and their associated policies.
Retrieve Specific Node Policy Group: To get the details of a specific node policy group, including the NetFlow node policy associated with it, you can use the following API call:
GET https://<APIC_IP>/api/node/class/infraAccNodePGrp.json

This will return a list of all node policy groups, including the NetFlow node policies associated with each group.
Retrieve Specific Node Configuration: To get the details of a specific node configuration, including the NetFlow settings, you can use the following API call:
GET https://<APIC_IP>/api/node/mo/uni/infra/nprof-<node_profile_name>.json

Replace <node_profile_name> with the actual name of the node profile you are interested in.
Retrieve Port Policies: To get the details of the port policies, including the NetFlow monitor policies associated with each port, you can use the following API call:
GET https://<APIC_IP>/api/node/class/infraAccPortP.json

This will return a list of all port policies, including the NetFlow monitor policies associated with each port.

Example API Call to Retrieve NetFlow Exporter Policies

Here’s an example of how to retrieve the NetFlow exporter policies using the REST API:

curl -k -u admin:password "https://<APIC_IP>/api/node/class/netflowExporterPol.json"

This will return a JSON response with the details of all NetFlow exporter policies, including the source and destination IP addresses.

Example API Call to Retrieve Node Policies

Here’s an example of how to retrieve the node policies using the REST API:

curl -k -u admin:password "https://<APIC_IP>/api/node/class/infraNodeP.json"

This will return a JSON response with the details of all node policies, including the nodes and their associated policies.

Example API Call to Retrieve Specific Node Configuration

Here’s an example of how to retrieve the configuration of a specific node using the REST API:

curl -k -u admin:password "https://<APIC_IP>/api/node/mo/uni/infra/nprof-<node_profile_name>.json"

Replace <node_profile_name> with the actual name of the node profile you are interested in. This will return a JSON response with the details of the specific node configuration, including the NetFlow settings.

By using these API calls, you can retrieve the necessary information to determine which nodes have NetFlow enabled and the details of the NetFlow exporter policies, including the source and destination IP addresses.

Happy Troubleshooting!!!

AshSe

Please rate this post if it was helpful; your feedback is appreciated!