This is part 2 of the Intro Guide. See part 1 here.
Netreo typically displays information at a very high level, with easy to identify icons and colors indicating problem states. These icons can then be clicked to drill down into the problem, exposing more detail and connections the further down you go, This allows for a highly simplified and efficient overview of your entire network that makes problems easy to spot, but also provides fast and clear pathways directly to trouble spots. The dashboards and UI elements outlined below will be of particular interest to the new Netreo user.
The Home Icon, Main Menu and Quick-Access Icons
The “Home” icon is located in the top left of the display (to the right of the Netreo logo), and is represented as a small house. Click this icon to return to the homepage from anywhere in Netreo. Initially, the homepage will be set to the Consolidated Dashboard (see below), but the homepage can be set to any dashboard in the user preferences. In some of Netreo’s special views (such as the NOC view), the home icon is not available. In these cases, clicking the Netreo logo (normally located in the top left of the display) will return you to the homepage.
To the right of the home icon are the main navigation menus. These menus provide a way for you to quickly jump to the major centers of Netreo operation.
To the right of the main menu is the search box. This can be used to search Netreo for any instances of the search term, including devices, interface tags, incidents, etc.
To the right of the search box is a collection of useful quick-access icons, described in the following table.
The Consolidated Dashboard
When Netreo is run for the first time, the homepage will be set to the Consolidated Dashboard (see image at right). This dashboard is populated with widgets that show a high-level view of several of Netreo’s monitoring modules.
Although you will eventually want to create your own custom dashboards, the Consolidated Dashboard is a good place to start for seeing what Netreo has to offer. If you change the home icon assignment, the Consolidated Dashboard can be reached by selecting Quick Views > Dashboards > Consolidated from the main menu. (Note: While autodiscover is still populating devices, there won’t be too much to see here.)
(The home dashboard can easily be changed in User Preferences.)
The Consolidated Dashboard is composed of the following widgets.
Business Workflows Overview
The Business Workflows Overview widget displays all active business workflow device groups as status bars indicating total availability (or, what percentage of the group is currently problem free). Business workflows are discussed later, in the Configuration Basics part of the guide. Click a specific business workflow to open the dashboard for that group. Business workflows are highly configurable, so that the condition reflected by each individual group can be custom tailored to your business needs.
The Tactical Overview widget displays a list of categories, sites or business workflows (configurable in the widget settings) along with the current number of devices from that group that are in each of the possible states (OK, ACKNOWLEDGED, WARNING, UNKNOWN and CRITICAL). There are columns for host checks, service checks, threshold checks and threshold anomalies. Next to the state column for each check type is a rate of change (RoC) column indicating how that group as a whole has been trending (better or worse) for the past month-to-date. Please note that this column is not intended to be predictive—it is a reflection of conditions that have already passed.
A pair of buttons above the list allows you to display all of the device groups of the selected type, or only those groups currently experiencing problems. This is incredibly useful if you have a large number of “healthy” device groups.
The “search” box at the top right functions as a realtime filter for the list. Entering even a partial term will instantly pare the list to only those device groups containing the search term in their name. Clicking on a group name in the list will open the dashboard for that group. If the group has any devices in a non-OK state (non-green icons) in any of the columns, click that state indicator to open a dashboard displaying more information.
The Web Application widget displays state information about WebART checks (Netreo’s web application monitoring tool). Columns for availability (STATUS) and performance (THRESH) display simple state icons for each monitored application. Performance statistics—in the form of average and peak load times—are also displayed, as well as mini line graphs charting load performance for the previous twenty four hours. (Mouse over a line graph for specific information about each hour.)
Clicking on a non-OK icon (non-green) opens a dashboard that displays more information about any current problems. Clicking the name of a WebART check in the list will open the Application Performance dashboard for that application, where you can see a much more detailed breakdown of the application’s performance statistics.
For more information about where this widget gets its data, see Application Response Time in the Configuration Basics part of this guide.
The Email widget also displays application performance, but for your email server. The top left displays a status icon next to the total synthetic transaction time. Below that, the total time is broken out as averages for each synthetic transaction for periods of the previous 15 minutes, 1 hour and 24 hours. On the right is a histogram displaying performance at 5-minute intervals for the current day since 00:00 hours. Below the histogram is a mini-tactical overview displaying device health for any devices in the default Mail strategic group. This helps to correlate device issues with performance problems.
The Traffic widget displays breakdowns of traffic across your network. For this widget to populate, you must have NetFlow properly configured on each device in your network from which you would like to receive data.
The first display shows the top 10 conversations (by volume) for the past two hours. Each conversation shows the two addresses involved (mouse over an FQDN to see its IP address), the volume each contributed, what application generated the traffic, and the total traffic volume. Click on a conversation to see a line graph representation of the conversation.
The next display shows a bar graph of the top 10 flow exporters creating traffic on your network for the past two hours. Each bar shows the device involved, what site it belongs to, and what its total flow export volume was. Click on a device name to go to its Device Dashboard, or click on a site name to go to its Site Dashboard.
The last display shows traffic flow volume by application. The top 10 applications creating traffic on your network are displayed by-volume in a bar graph on the left and as a list on the right. Click on any application in the display to generate a complete conversation report.
The Virtualization widget provides an overview of cluster health. It displays a list of currently known clusters, along with the number of hosts and guests contained in each cluster. It also displays how many of the hosts and guests from each cluster are in each of the possible states (CRITICAL, WARNING, ACKNOWLEDGED and OK). A “search” box at the top right functions as a realtime filter for the list. Entering even a partial term will instantly pare the list to only those clusters containing the search term in their name. The list can be sorted by any of its columns. Click a cluster name in the list to open the Virtualization Dashboard for that cluster. If a cluster has any hosts or guests in a non-OK state (non-green icons) in any of the status columns, click that status indicator to open a dashboard displaying more information about the problem.
The Config Manager widget displays device configuration changes to devices on your network as events on a calendar-style view.
Each event displayed shows the time the change was detected and to which device the change was made. Click the “Config Manager” label in the widget header to open the CalView tab of the Config Manager dashboard. Clicking on an event displays a modal dialog indicating the precise nature of the change and the exact time the change was detected. Clicking on a day—but not a specific event—drills down into a 24-hour display for that day within the widget. However, once there, there is no way to return to the calendar view without reloading the dashboard.
While in the calendar view, if there are too many events in a day to be displayed, a link below the listed events will display “+xxx” more. Clicking this link opens a modal dialog displaying all events for that day. Click the Details button for a specific entry in the dialog to see the details of the event as described above.
The Incident Dashboard
The “Active View” tab of the Incident dashboard displays a list of all the currently active incidents affecting your network (sorted by the timestamp of when they were opened, by default). “Active” incidents are any incidents that are not specifically in a CLOSED state. This list can also be sorted by incident title (which is typically the description of the incident), current state and incident ID. At the top right of the page is a small message indicating when the list was last refreshed.
To open the Incident dashboard: From the main menu, select Quick Views > Active Incidents.
Near the top are easy to read circular status indicators displaying the number of total, OPEN, ACKNOWLEDGED and ALARMS CLEARED incidents currently affecting your network. If an indicator is dimmed, it means that no incidents of that type currently exist.
The Active View tab provides tools to acknowledge and de-acknowledge incidents, individually and en masse. Simply tick the checkbox next to the incidents that you want to acknowledge/de-acknowledge and click the appropriate button below the status indicators. (Please note that the All button at the top right of the list does not select all incidents, but rather, switches from a paginated list showing 25-incidents per page to a non-paginated list that displays all incidents in a single page.) Click the magnifying glass icon in the ACTIONS column of a specific incident to open its Incident View dashboard for more detailed information. A row of buttons across the top of the page allow you to view the active incidents in different ways, as well as search for specific incidents.
The Device Dashboard
The Device Dashboard is where all of the reported information specific to a particular device can be viewed. Every device discovered by Netreo gets its own Device Dashboard. The dashboard layouts have unique “personalities” for each device type. These personalities are designed to display the most critical information about each device type right on the front page of the dashboard, so you don’t have to go looking for it. Clicking on the name of a device almost anywhere in Netreo typically takes you directly to its specific dashboard. Do not confuse the Device Dashboard with the Devices dashboard found in the Quick Views entry of the main menu. These two dashboards provide very different functionality. The Devices dashboard provides information on the overall health of device groups, while the Device Dashboard provides detailed information specific to an individual device.
On the left, below the dashboard header, is displayed the device name. Below that are displayed the device type, the currently polled IP address for this device, the category and site the device belongs to (both of these last items are clickable links which open the dashboard for their respective device group). To the right are a row of tabs that navigate to different areas of the device dashboard. If the device is currently experiencing any problems, the relevant tab where the problem can be viewed in detail will be highlighted in the color of the most severe problem state.
Device Dashboard Menus
The device menus are a set of menus in the top right of the Device Dashboard header. These menus are contextual and display or change their contents depending on the device type and the access level of the user, but they all provide functionality specific to the device from which they are accessed. There are two menus typically available, detailed below.
The “Reports” menu provides quick access to a number of useful device-level reports and tools that can help administrators troubleshoot a variety of problems.
The “Grouping” menu provides links to the Strategic Groups Dashboard of each strategic group that the respective device is a member of, as well as links to the Device Dashboard of both the parents and children of the currently viewed device.
Administrative View Access
Below the menus is a gear icon. Click this icon to switch to the administrative view of the device dashboard, where settings for the device can be manually changed (as opposed to being controlled by device templates, which is the recommended procedure). This icon will only display if the user is of Admin access level or higher.
Continued in part 3.