NSX Flow Monitoring API issue

windfall · ‎05-12-2017

I have tried to follow the API guide 6.2 example 10-51 in page 338 for flow monitoring but it never work. Can anyone assist to verify my POST URL script?

The document state as follow:

GET https://NSX-Manager-IP-Address/api/2.1/flow/flowstats?contextId=datacenter-2538\&flowType=TCP_UDP\&s...

ex=0\&pageSize=2

I obtain my datacenter ID from API below.

	<scope>
	<id>datacenter-2</id>
	<objectTypeName>Datacenter</objectTypeName>
	<name>LAB1</name>
	</scope>

When I execute the API, it did not work.

GET https://192.168.0.250/api/2.1/flow/flowstats?contextId=datacenter-2\&flowType=TCP_UDP\&startTime=0\&...

ex=0\&pageSize=2

or

https://192.168.0.250/api/2.1/flow/flowstats?contextId=datacenter-2\&flowType=TCP_UDP

the response status is "500 Internal Server Error"

<html>

<title>NSX Manager</title>

<body>Invalid Operation</body>

</html>

I have no issue with some other APIs like traceflow, VXLAN, controller, etc but this one does not work for me.

Am i missing something here?

regards,

Robin

AA120 · ‎05-12-2017

Hi,

In p.217 in NSX-v 6.3 API manual, flow monitoring API is written as the below.

https://pubs.vmware.com/nsx-63/topic/com.vmware.ICbase/PDF/nsx_63_api.pdf

Working With Flow Monitoring Statistics
GET /2.1/app/flow/flowstats

This monitoring feature can be used if "collectFlows" is true by using "PUT /2.1/app/flow/config" API.

My tests (in using 6.2.7) are the followings.

==========

1. Check the current configuration

# curl -sk -u <USER NAME>:<PASSWORD> -X GET https://<NSXMGR ADDR>/api/2.1/app/flow/config

<?xml version="1.0" encoding="UTF-8"?>
<FlowConfiguration>
<collectFlows>false</collectFlows>
<ignoreBlockedFlows>false</ignoreBlockedFlows>
<ignoreLayer2Flows>false</ignoreLayer2Flows>
<sourceIPs/>
<destinationIPs>224.0.0.0/24,255.255.255.255</destinationIPs>
<destinationContainer>
    <name>system-generated-broadcast-macset</name>
    <id>macset-1</id>
    <type>MACSet</type>
</destinationContainer>
<destinationPorts>138,137</destinationPorts>
</FlowConfiguration>

---

2. Change "collectFlows" to "true" (POST API or Web UI: [Networking & Security] -> [Flow Monitoring] -> [Configuration] -> Change "Global Flow Collection Status" to "Enabled")

# curl -ik -u <USER NAME>:<PASSWORD> -H "Content-Type: application/xml" -X PUT https://<NSXMGR ADDR>/api/2.1/app/flow/config -d "<FlowConfiguration>

<ignoreBlockedFlows>false</ignoreBlockedFlows>

<ignoreLayer2Flows>false</ignoreLayer2Flows>

<name>system-generated-broadcast-macset</name>

<id>macset-1</id>

<type>MACSet</type>

</destinationContainer>

</FlowConfiguration>"

---

3. Get meta-data

# curl -sk -u <USER NAME>:<PASSWORD> -X GET https://<NSXMGR ADDR>/api/2.1/app/flow/flowstats/info

<?xml version="1.0" encoding="UTF-8"?>
<FlowStatsInfo>
<flowStatsInfoTcpUdp>
    <minimumStartTime>1493273464</minimumStartTime>
    <maximumEndTime>1494646469</maximumEndTime>
    <totalCount>13</totalCount>
</flowStatsInfoTcpUdp>
<flowStatsInfoLayer3>
    <minimumStartTime>0</minimumStartTime>
    <maximumEndTime>0</maximumEndTime>
    <totalCount>0</totalCount>
</flowStatsInfoLayer3>
<flowStatsInfoLayer2>
    <minimumStartTime>0</minimumStartTime>
    <maximumEndTime>0</maximumEndTime>
    <totalCount>0</totalCount>
</flowStatsInfoLayer2>
</FlowStatsInfo>

---

4. Get flow information

# curl -sk -u <USER NAME>:<PASSWORD> -X GET https://<NSXMGR ADDR>/api/2.1/app/flow/flowstats?contextId=datacenter-2\&flowType=TCP_UDP\&startTime=1493273464\&endTime=1494646469

<?xml version="1.0" encoding="UTF-8"?>
<FlowStatsPage>
<pagingInfo>
    <contextId>datacenter-2</contextId>
    <flowType>TcpUdp</flowType>
    <startTime>1493273464</startTime>
    <endTime>1494646469</endTime>
    <totalCount>10</totalCount>
    <startIndex>0</startIndex>
    <pageSize>256</pageSize>
</pagingInfo>
<flowStatsTcpUdp>
    <startTime>1494556024000</startTime>
    <endTime>1494647361000</endTime>
    <ruleId>1007</ruleId>
    <blocked>0</blocked>
...
    <destinationPort>22</destinationPort>
</flowStatsTcpUdp>
</FlowStatsPage>

===========

Regards,

mizo

windfall · ‎05-13-2017

Hi MIzo,

I have enabled Flow monitoring via GUI but the get flow API does not work (step 4). My NSX is version 6.2.6 Build 4977495 and I notice it is use Flow API 6.3 syntax. Thanks for this.

The output from GET API:

<html>

<title>NSX Manager</title>

<body>Invalid Operation</body>

</html>

I tried:

https://192.168.0.250/api/2.1/2.1/app/flow/flowstats?contextId=datacenter-2\&flowType=TCP_UDP\&start...

https://192.168.0.250/api/2.1/2.1/app/flow/flowstats?contextId=datacenter-2\&flowType=TCP_UDP\

I can see some flow outputs from GUI but not from API.

I attached my datacenter ID from MOB page which shows "datacenter-2" value. Do you have any idea why I got the invalid operation error? Thank you.

windfall · ‎05-17-2017

Hi all,

Plz let me know if someone has successfully apply the Flow collection Monitoring API. Thanks

thebrownteddybe · ‎07-12-2017

I have the same problem.

thebrownteddybe · ‎07-12-2017

ok, i think i see your problem, you've delimited the & and you are using seconds, try using miliseconds.

All

NSX Flow Monitoring API issue