Juniper Mist Monitoring
Last updated on 11 November, 2024LogicMonitor offers monitoring for Juniper Mist organizations, sites, and devices. You can monitor organization health, sites and traffic generated by the sites, as well as Juniper Mist-managed devices such as Juniper Mist Access Points, EX-Series Switches, Session and Smart Routers. The Juniper Mist API is used to retrieve site device stats and data.
Requirements
- Install or update the Juniper Mist LogicModules.
For more information, see LogicModules in Package. - Verify that you have Collector version 32.400 or higher installed.
- An API Token and Mist Organization ID using the Juniper Mist portal or Juniper Mist API. For more information, see Create API Token and How do I find my Org and Site ID?
Adding Juniper Mist Resources
You can add Juniper Mist resources by using the following methods:
- (Recommended) Advanced NetScan that creates devices under device groups for each Mist organization site. For more information, see What is NetScan.
- Manually
Using Advanced NetScan to add Juniper Mist Resources (Recommended)
The recommended method for adding Juniper Mist-managed devices is to use an Enhanced Script Netscan with the LogicMonitor-provided Groovy script in this article. For a given Juniper Mist Organization, the Enhanced Script Netscan creates a group for the Mist Org and each Mist Site, and a resource for each Mist-managed device in the related group.
- Install the Juniper Mist LogicModules. For more information, see Juniper Mist LogicModules.
- In LogicMonitor, navigate to Resources > Add > Several Devices > Advanced NetScan.
The Add Advanced NetScan page is displayed. - Enter a Name that you want to associate with this NetScan. For example, Juniper Mist.
- Select the Collector that will execute the NetScan.
By default, the NetScan assigns new resources to the collector executing the NetScan. You can override this behavior in Properties later and use multiple collector groups (for scale or logical connectivity). Select either an ungrouped collector or a collector group with failover. - Select Enhanced Script NetScan from the Method drop-down list.
- From the Enhanced Script section, select Device Credentials > Use custom credentials for this scan.
- Add the following properties. Properties provide the NetScan with the required Juniper Mist API credentials and change how and where the NetScan creates and organizes resources.
| Property | Value | Required? |
| mist.api.key | Mist API token | Yes |
| mist.api.org | Mist Organization ID | Yes |
| mist.api.org.name | Your Mist Org Name. This becomes the name of the root Resource Group for Juniper Mist, or becomes the name of top-level child Resource Group if you use the mist.api.org.folder property to specify an alternate root folder. | No |
| mist.api.org.folder | The name of the LogicMonitor Resource Group that this NetScan creates or uses if already existing. The value can be a nested child folder; for example, folder/folder/folder. | No |
| mist.api.org.sites | Comma-separated site names to include (others are excluded). | No |
| mist.api.org.collector.sites.csv | By default, new resources created by the NetScan are assigned to the collector that runs the NetScan. This property uses a CSV file to override the default behavior and assign Mist devices to your desired collector(s) based on Mist Site and LM Collector names. The CSV file must be stored on the collector that executes the NetScan: Linux: /usr/local/logicmonitor/agent/bin Windows: C:\Program Files\LogicMonitor\Agent\bin For more information, see Mapping Mist Sites to LM Envision Collectors. | No |
| mist.api.url | Alternate region URLs include: https://api.eu.mist.com/api/v1/ https://api.ac2.mist.com/api/v1/ https://api.gc1.mist.com/api/v1/ | No |
| lmaccess.id OR logicmonitor.access.id | A LogicMonitor API access id to search for duplicate resources in the NetScan prior to adding them to the portal. For more information on portal monitoring, see LogicMonitor Portal Monitoring. | Yes |
| lmaccess.key OR logicmonitor.access.key | A LogicMonitor API key to search for duplicate resources in the NetScan prior to adding them to the portal. For more information on portal monitoring, see LogicMonitor Portal Monitoring. | Yes |
| hostname.source | Allows for selection of the source of the hostname that is used by the NetScan. This is useful in preventing duplicate device creation when conflicts are found for existing resources. For more information, see NetScan Troubleshooting. | No |
| skip.device.dedupe | Allows you to skip device deduplication checks, making LogicMonitor API credentials not required. | No |
- In the Filters section, enter the following. Filtering gives you control over which sites and device types that the NetScan creates.
| Property | Description |
| mist.api.org.site.name | Comma-separated names of sites you want to include or exclude. By default (without this filter), the NetScan imports all sites as Resource Groups. Site names with spaces must include a backslash before the space. For example: Site\ For\ APs, SiteD, Site\ 23 |
| mist.device.type | Comma-separated names of device types that the NetScan will include or exclude, depending on the operation setting. By default (without this filter), the NetScan imports all device types. Valid device types are: ap, switch, and gateway. |
- When configuring the Enhanced Script Netscan, use Embed Groovy Script and use the following script:
Warning: Do not edit the script. Edited Enhanced Script NetScans are not supported. If the LogicMonitor-provided script is edited, LogicMonitor Support may (at their discretion) require you to overwrite your edits with the supported script if problems arise.
/*******************************************************************************
* © 2007-2024 - LogicMonitor, Inc. All rights reserved.
******************************************************************************/
import com.santaba.agent.groovy.utils.GroovyScriptHelper as GSH
import com.logicmonitor.mod.Snippets
import com.santaba.agent.util.Settings
import com.santaba.agent.AgentVersion
import groovy.json.JsonSlurper
import java.text.DecimalFormat
// To run in debug mode, set to true
Boolean debug = false
// To enable logging, set to true
Boolean log = false
// Set props object based on whether or not we are running inside a netscan or debug console
def props
try {
hostProps.get("system.hostname")
props = hostProps
debug = true // set debug to true so that we can ensure we do not print sensitive properties
}
catch (MissingPropertyException) {
props = netscanProps
}
String organization = props.get("mist.api.org")
String token = props.get("mist.api.key")
if (!organization) {
throw new Exception("Must provide mist.api.org to run this script. Verify necessary credentials have been provided in Netscan properties.")
}
if (!token) {
throw new Exception("Must provide mist.api.key credentials to run this script. Verify necessary credentials have been provided in Netscan properties.")
}
def logCacheContext = "${organization}::juniper-mist"
Boolean skipDeviceDedupe = props.get("skip.device.dedupe", "false").toBoolean()
String hostnameSource = props.get("hostname.source", "")?.toLowerCase()?.trim()
Integer collectorVersion = AgentVersion.AGENT_VERSION.toInteger()
// Bail out early if we don't have the correct minimum collector version to ensure netscan runs properly
if (collectorVersion < 32400) {
def formattedVer = new DecimalFormat("00.000").format(collectorVersion / 1000)
throw new Exception("Upgrade collector running netscan to 32.400 or higher to run full featured enhanced netscan. Currently running version ${formattedVer}.")
}
def modLoader = GSH.getInstance(GroovySystem.version).getScript("Snippets", Snippets.getLoader()).withBinding(getBinding())
def emit = modLoader.load("lm.emit", "1.1")
def lmDebugSnip = modLoader.load("lm.debug", "1")
def lmDebug = lmDebugSnip.debugSnippetFactory(out, debug, log, logCacheContext)
def httpSnip = modLoader.load("proto.http", "0")
def http = httpSnip.httpSnippetFactory(props)
def cacheSnip = modLoader.load("lm.cache", "0")
def cache = cacheSnip.cacheSnippetFactory(lmDebug, logCacheContext)
// Only initialize lmApi snippet class if customer has not opted out
def lmApi
if (!skipDeviceDedupe) {
def lmApiSnippet = modLoader.load("lm.api", "0")
lmApi = lmApiSnippet.lmApiSnippetFactory(props, http, lmDebug)
}
def juniperMistSnip = modLoader.load("juniper.mist", "0")
def juniperMist = juniperMistSnip.juniperMistSnippetFactory(props, lmDebug, cache, http)
String url = props.get("mist.api.url")?.trim() ?: "https://api.mist.com/api/v1/"
if (!url.endsWith("/")) url += "/"
String organizationDisplayname = props.get("mist.api.org.name")?.trim() ?: "MistOrganization"
String organizationFolder = props.get("mist.api.org.folder")?.trim() ? props.get("mist.api.org.folder") + "/" : ""
def sitesWhitelist = props.get("mist.api.org.sites")?.tokenize(",")?.collect{ it.trim() }
def collectorSitesCSV = props.get("mist.api.org.collector.sites.csv")
def collectorSiteInfo
if (collectorSitesCSV) {
collectorSiteInfo = processCollectorSiteInfoCSV(collectorSitesCSV)
lmDebug.LMDebugPrint("CSV Sites:")
collectorSiteInfo.each { lmDebug.LMDebugPrint("${it[2]}") }
}
// Get information about devices that already exist in LM portal
List fields = ["name", "currentCollectorId", "displayName"]
Map args = ["size": 1000, "fields": fields.join(",")]
def lmDevices
// But first determine if the portal size is within a range that allows us to get all devices at once
def pathFlag, portalInfo, timeLimitSec, timeLimitMs
if (!skipDeviceDedupe) {
portalInfo = lmApi.apiCallInfo("Devices", args)
timeLimitSec = props.get("lmapi.timelimit.sec", "60").toInteger()
timeLimitMs = (timeLimitSec) ? Math.min(Math.max(timeLimitSec, 30), 120) * 1000 : 60000 // Allow range 30-120 sec if configured; default to 60 sec
if (portalInfo.timeEstimateMs > timeLimitMs) {
lmDebug.LMDebugPrint("Estimate indicates LM API calls would take longer than time limit configured. Proceeding with individual queries by display name for each device to add.")
lmDebug.LMDebugPrint("\t${portalInfo}\n\tNOTE: Time limit is set to ${timeLimitSec} seconds. Adjust this limit by setting the property lmapi.timelimit.sec. Max 120 seconds, min 30 seconds.")
pathFlag = "ind"
}
else {
lmDebug.LMDebugPrint("Response time indicates LM API calls will complete in a reasonable time range. Proceeding to collect info on all devices to cross reference and prevent duplicate device creation.\n\t${portalInfo}")
pathFlag = "all"
lmDevices = lmApi.getPortalDevices(args)
}
}
def now = new Date()
def dateFormat = "yyyy-MM-dd'T'HH:mm:ss.s z"
TimeZone tz = TimeZone.getDefault()
Map duplicateResources = [
"date" : now.format(dateFormat, tz),
"message" : "Duplicate device names and display names, keyed by display name that would be assigned by the netscan, found within LogicMonitor portal. Refer to documentation for how to resolve name collisions using 'hostname.source' netscan property.",
"total" : 0,
"resources" : []
]
Map headers = ["Authorization":"token ${token}", "Accept":"application/json"]
List<Map> resources = []
def organizationSites = juniperMist.http.rawGet("${url}orgs/${organization}/sites", headers)
if (organizationSites) {
organizationSites = juniperMist.slurper.parseText(organizationSites.content.text)
organizationSites.each { organizationSite ->
def siteName = organizationSite.get("name")
if (sitesWhitelist != null && !sitesWhitelist.contains(siteName)) return
def site = organizationSite.get("id")
def siteDeviceStats = juniperMist.http.rawGet("${url}sites/${site}/stats/devices?type=all", headers)
if (siteDeviceStats) {
siteDeviceStats = juniperMist.slurper.parseText(siteDeviceStats.content.text)
siteDeviceStats.each { siteDeviceStat ->
def ip = siteDeviceStat.get("ip")
def name = siteDeviceStat.get("name")
def type = siteDeviceStat.get("type")
def deviceProps = ["mist.api.org": organization, "mist.api.site": site, "mist.device.type": type, "mist.api.org.site.name": siteName, "mist.api.key": token, "mist.api.url": url]
if (sitesWhitelist != null) deviceProps.put("mist.api.org.sites", props.get("mist.api.org.sites"))
if (type == "ap") {
deviceProps.put("system.categories", "JuniperMistAP,NoPing")
} else if (type == "switch") {
deviceProps.put("system.categories", "JuniperMistSwitch")
} else if (type == "gateway") {
deviceProps.put("system.categories", "JuniperMistGateway")
if (siteDeviceStat.module_stat && siteDeviceStat.module2_stat) {
def primaryNodeIndex = siteDeviceStat.module_stat.node_name.get(0)
def secondaryNodeIndex = siteDeviceStat.module2_stat.node_name.get(0)
if (collectorSiteInfo) {
def collectorIdEntry = collectorSiteInfo.find{ it[3]?.contains(siteName) }
if (collectorIdEntry == null) {
lmDebug.LMDebugPrint("Site not found in provided collector site info CSV file: ${siteName}")
return
}
def collectorId = collectorIdEntry[0]
def folder = collectorIdEntry[2]
Map resource = [
"hostname" : "${ip}-${secondaryNodeIndex}",
"displayname" : "${name}-${secondaryNodeIndex}",
"hostProps" : deviceProps,
"groupName" : ["${organizationFolder}${folder}/${siteName}"],
"collectorId" : collectorId
]
resources.add(resource)
} else {
Map resource = [
"hostname" : "${ip}-${secondaryNodeIndex}",
"displayname" : "${name}-${secondaryNodeIndex}",
"hostProps" : deviceProps,
"groupName" : ["${organizationFolder}${organizationDisplayname}/${siteName}"]
]
resources.add(resource)
}
name = "${name}-${primaryNodeIndex}"
}
}
String displayName = name
// Check for existing device in LM portal with this displayName; set to false initially and update to true when dupe found
def deviceMatch = false
// If customer has opted out of device deduplication checks, we skip the lookups where we determine if a match exists and proceed as false
if (!skipDeviceDedupe) {
if (pathFlag == "ind") {
deviceMatch = lmApi.findPortalDevice(displayName, args)
if (!deviceMatch) deviceMatch = lmApi.findPortalDeviceByName(ip, args)
}
else if (pathFlag == "all") {
deviceMatch = lmApi.checkExistingDevices(displayName, lmDevices)
if (!deviceMatch) deviceMatch = lmApi.checkExistingDevicesByName(ip, lmDevices)
}
}
if (deviceMatch) {
// Log duplicates that would cause additional devices to be created; unless these entries are resolved, they will not be added to resources for netscan output
def collisionInfo = [
(displayName) : [
"Netscan" : [
"hostname" : ip,
"displayName" : displayName
],
"LM" : [
"hostname" : deviceMatch.name,
"collectorId" : deviceMatch.currentCollectorId,
"displayName" : deviceMatch.displayName
],
"Resolved" : false
]
]
// If user specified to use LM hostname on display name match, update hostname variable accordingly
// and flag it as no longer a match since we have resolved the collision with user's input
if (hostnameSource == "lm" || hostnameSource == "logicmonitor") {
ip = deviceMatch.name
deviceMatch = false
collisionInfo[displayName]["Resolved"] = true
}
// If user specified to use netscan data for hostname, update the display name to make it unique
// and flag it as no longer a match since we have resolved the collision with user's input
else if (hostnameSource == "netscan") {
// Update the resolved status before we change the displayName
collisionInfo[displayName]["Resolved"] = true
displayName = "${displayName} - ${ip}"
deviceMatch = false
}
duplicateResources["resources"].add(collisionInfo)
}
def collectorId
Map resource
if (ip && name && type && siteName) {
if (ip.contains("127.0.0.1")) ip = name
if (collectorSiteInfo) {
def collectorIdEntry = collectorSiteInfo.find{ it[3]?.contains(siteName) }
if (collectorIdEntry == null) {
lmDebug.LMDebugPrint("Site not found in provided collector site info CSV file: ${siteName}")
return
}
collectorId = collectorIdEntry[0]
def folder = collectorIdEntry[2]
resource = [
"hostname" : ip,
"displayname" : name,
"hostProps" : deviceProps,
"groupName" : ["${organizationFolder}${folder}/${siteName}"],
"collectorId" : collectorId
]
} else {
resource = [
"hostname" : ip,
"displayname" : name,
"hostProps" : deviceProps,
"groupName" : ["${organizationFolder}${organizationDisplayname}/${siteName}"]
]
}
// Only add the collectorId field to resource map if we found a collector ID above
if (collectorId) {
resource["collectorId"] = collectorId
if (duplicateResources["resources"][displayName]["Netscan"][0]) {
duplicateResources["resources"][displayName]["Netscan"][0]["collectorId"] = collectorId
}
}
if (!deviceMatch) {
resources.add(resource)
}
}
}
} else {
throw new Exception("Error occurred during sites/${site}/stats/devices?type=all HTTP GET: ${siteDeviceStats}.")
}
}
lmDebug.LMDebugPrint("Duplicate Resources:")
duplicateResources.resources.each {
lmDebug.LMDebugPrint("\t${it}")
}
emit.resource(resources, debug)
} else {
throw new Exception("Error occurred during orgs/${organization}/sites HTTP GET: ${organizationSites}.")
}
return 0
// Helper function to process a collector id, site organization device name, folder, and site CSV
def processCollectorSiteInfoCSV(String filename) {
// Ensure relative filepath is complete with extension type
def filepath
if (!filename.contains("./")) {
filepath = "./${filename}"
}
if (!filename.contains(".csv")) {
filepath = "${filename}.csv"
}
// Read file into memory and split into list of lists
def csv = new File(filepath)
def rows = csv.readLines()*.split(",")
def data
// Verify whether headers are present and expected values
// Sanitize for casing and extra whitespaces while gathering headers
def maybeHeaders = rows[0]*.toLowerCase()*.trim()
if (maybeHeaders.contains("collector id") && maybeHeaders.contains("site organization device name") && maybeHeaders.contains("folder") && maybeHeaders.contains("site")) {
// Remove headers from dataset
data = rows[1..-1]
}
// Bail out early if we don't have the expected headers in the provided CSV
else {
throw new Exception(" Required headers not provided in CSV. Please provide \"Collector ID\", \"Site Organization Device Name\", \"Folder\", and \"Site\" (case insensitive). Headers provided: \"${rows[0]}\"")
}
return data
}Manually Adding Juniper Mist Resources
- Create a Juniper Mist Organization device group. For more information, see Adding Device Groups.
| Property | Value |
| mist.api.org | Mist Organization ID |
- Add the devices to the Mist Organization device group under a Site device group with the following property added. For more information, see How do I find my Org and Site ID?
| Property | Value |
| mist.api.site | Mist Site ID |
| mist.api.key | API key |
Juniper Mist Properties
Additional attributes and values for Juniper Mist.
Proxy Settings
The modules in this suite support HTTP connections using a proxy server. You can configure this in the Collector settings, see Configuring your Collector for use with HTTP Proxies, or with the following device host properties. Device host properties take precedence over Collector settings for proxy configurations.
| Property | Value |
| proxy.enable | (Optional) This suite is written to use collector proxy settings for HTTP calls configured by the user. To enable, add this device property with the value set to true. Set to false to override the use of configured collector proxy settings and connect without a proxy. |
| proxy.host | (Optional) Configure a proxy host to connect through that is different from collector configuration. |
| proxy.port | (Optional) Configure a proxy port to connect through that is different from collector configuration. |
Mapping Mist Sites to LM Envision Collectors
| Collector ID | Site Organization Device Name | Folder | Sites |
| 11 | Region_East_Sites | Region_East | NYC |
| 11 | Region_East_Sites | Region_East | MIA |
| 11 | Region_East_Sites | Region_East | CLT |
| 11 | Region_East_Sites | Region_East | ATL |
| 11 | Region_East_Sites | Region_East | BOS |
| 11 | Region_East_Sites | Region_East | CHS |
| 1 | Region_West_Sites | Region_West | LAX |
| 1 | Region_West_Sites | Region_West | LAS |
| 1 | Region_West_Sites | Region_West | SEA |
Comma-separated values for Collector ID, Site Organization Device Name, Folder, and Sites.
Collector ID,Site Organization Device Name,Folder,Sites
11,Region_East_Sites,Region_East,NYC
11,Region_East_Sites,Region_East,MIA
11,Region_East_Sites,Region_East,CLT
11,Region_East_Sites,Region_East,ATL
11,Region_East_Sites,Region_East,BOS
11,Region_East_Sites,Region_East,CHS
1,Region_West_Sites,Region_West,LAX
1,Region_West_Sites,Region_West,LAS
1,Region_West_Sites,Region_West,SEAJuniper Mist Troubleshooting
- This suite relies on collector script cache to continuously retrieve and store data from the Juniper Mist API to minimize rate limiting constraints. For more information, see Collector Script Caching. Continuous data collection is maintained through the
Juniper_Mist_APIDataSource, which writes API responses to the collector script cache.Juniper_Mist_APIDataSource must be running successfully for all other modules in this package to be successful. - During onboarding, you can run Active Discovery manually on additional PropertySources in this package after
Juniper_Mist_APIbegins collecting data to expedite monitoring and topology mapping. - If data gaps exist, verify
Juniper_Mist_APIis functioning successfully and check script cache health in theLogicMonitor_Collector_ScriptCacheDataSource.
Note: The API used to pull data has rate limits. Check Juniper_Mist_API on your Mist Organization device in order to check if the API is unreachable or monitoring has hit the API rate limit.
LogicModules in Package
LogicMonitor’s package for Juniper Mist consists of the following LogicModules. For full coverage, ensure that all of these LogicModules are imported into your LogicMonitor platform:
| Display Name | Type | Description |
| Juniper_Mist_Topology | TopologySource | Topology of a Mist Org. Sites, and managed-devices. |
| Mist AP Beacons | DataSource | Health and performance of Mist-managed AP Beacons. |
| Mist AP Health | DataSource | Health and availability of Juniper Mist-managed wireless access points. |
| Mist AP Interfaces | DataSource | Status and network transmission and receive statistics for Juniper Mist-managed AP interfaces. |
| Mist AP Performance | DataSource | Performance of Juniper Mist-managed wireless access points. |
| Mist AP Radios | DataSource | Mist-managed AP radio power and usage. |
| Mist API | DataSource | Health of the monitored Mist Organization and the Mist API connection. |
| Mist Switch Performance | DataSource | Performance of Mist-managed switches. |
| Mist Switch Health | DataSource | Health of Mist-managed switches. |
| Mist WAN Edge Performance | DataSource | Performance of Mist-managed session smart routers. |
| Mist WAN Edge Health | DataSource | Health of Mist-managed session smart routers. Requires SMNP in order to collect data. |
| addCategory_Juniper_Mist_Device | PropertySource | Adds the JuniperMist<device type> system.category to devices managed by Juniper Mist Requires Juniper_Mist_Org DataSource (watchdog) in order to collect data. |
| addERI_Juniper_Mist_Device | PropertySource | Sets Juniper Mist device MAC address ERI and device type ERT. Requires Juniper_Mist_Org DataSource (watchdog) in order to collect data. |
When setting static datapoint thresholds on the various metrics tracked by this package’s DataSources, LogicMonitor follows the technology owner’s best practice KPI recommendations.
Recommendation:As necessary, adjust these predefined thresholds to meet the unique needs of your environment. For more information on tuning datapoint thresholds, see Tuning Static Thresholds for Datapoints.