Solved: Re: Questions about Nexus Dashboard and Nexus Dashboard Orchestrator

SIMMN · ‎03-03-2022

I have the 3-node physical ND appliances running v2.1(2d) with NDO v3.6(1e) for ACI multi-site.

1. Does ND and/or NDO have the capability to send email alerts/alarms? I assume no as I did not find any options regards.

2. How can I generate a CSR on ND and then install my internal CA issued the cert? The Administrative->Security->Security Configuration page seems allow me to edit the certificate information but I guess I just do not understand how to use it to generate CSR and then install a Certificate...

Robert Burns · ‎03-04-2022

To answer your questions.

1. Does NDO/ND have the ability to send email alerts - Not today. Nexus Insights can, but its also doing real-time monitoring of the fabrics. NDO is more of an asynchronous push manager, so any issues/changes that cause issues are immediately identified to the user. Email alerts are supported to be configured on the fabrics directly, just not NDO yet. I do see a valid use case for this in terms of Config Drift. In the latest version of NDO we added the ability to detect when local fabric configuration changes from what NDO last pushed (drift). When this happens the ability to send external notification would be valuable. I'll raise this as an enhancement. May take some time to prioritize this, but its a valid request. If you have other use cases for email alerts, please detail them so we can evaluate.

2. Installing Custom SSL Certs on ND. This is done via the CLI today. In future we'll hopefully add CSR generation in the UI. I've attached a procedure for this below. Credit to @jamestam for this excellent write up.

Regards,

Robert

View solution in original post

Robert Burns · ‎03-04-2022

To answer your questions.

1. Does NDO/ND have the ability to send email alerts - Not today. Nexus Insights can, but its also doing real-time monitoring of the fabrics. NDO is more of an asynchronous push manager, so any issues/changes that cause issues are immediately identified to the user. Email alerts are supported to be configured on the fabrics directly, just not NDO yet. I do see a valid use case for this in terms of Config Drift. In the latest version of NDO we added the ability to detect when local fabric configuration changes from what NDO last pushed (drift). When this happens the ability to send external notification would be valuable. I'll raise this as an enhancement. May take some time to prioritize this, but its a valid request. If you have other use cases for email alerts, please detail them so we can evaluate.

2. Installing Custom SSL Certs on ND. This is done via the CLI today. In future we'll hopefully add CSR generation in the UI. I've attached a procedure for this below. Credit to @jamestam for this excellent write up.

Regards,

Robert

SIMMN · ‎03-04-2022

Thanks for the document!

Thomas Buergi · ‎07-13-2023

I do not expect emails to send alerts on an enterprise grade orchestration platform. But what I expect is that I can send syslogs of audit and system logs to a centralized log collector like Splunk or any SIEM. On the latest ND 2.3(2d) (VM) it still seems not to work. On NDO (latest 4.1.2e) there are issues to restrict the logging level and not to flood the syslog collector with unwanted messaged. There are many nice dashboards including Grafana on the WEBUI, the problem is that if you use the API for DC automation nobody hardly ever logs in to it to check. So it's crucial to send issues to the centralized management platform. Also ever tightening security requires audit logs centralized. As a workaround to check system health I do an automated checks via CLI and acs health command. Cheers Thomas