Juniper Mist Monitoring

Last updated on 05 June, 2024

LogicMonitor offers monitoring for Juniper Mist organizations, sites, and devices. You can monitor organization health, sites and traffic generated by the sites, as well as Juniper Mist-managed devices such as Juniper Mist Access Points, EX-Series Switches, Session and Smart Routers. The Juniper Mist API is used to retrieve site device stats and data.

Requirements

Adding Juniper Mist Resources

You can add Juniper Mist resources by using the following methods:

  • (Recommended) Advanced NetScan that creates devices under device groups for each Mist organization site. For more information, see What is NetScan.
  • Manually

Using Advanced NetScan to add Juniper Mist Resources (Recommended )

The recommended method for adding Juniper Mist-managed devices is to use an Enhanced Script Netscan with the LogicMonitor-provided Groovy script in this article. For a given Juniper Mist Organization, the Enhanced Script Netscan creates a group for the Mist Org and each Mist Site, and a resource for each Mist-managed device in the related group.

  1. Install the Juniper Mist LogicModules. For more information, see Juniper Mist LogicModules.
  2. In LogicMonitor, navigate to Resources > Add > Several Devices > Advanced NetScan.
    The Add Advanced NetScan page is displayed.
  3. Enter a Name that you want to associate with this NetScan. For example, Juniper Mist.
  4. Select the Collector that will execute the NetScan.
    By default, the NetScan assigns new resources to the collector executing the NetScan. You can override this behavior in Properties later and use multiple collector groups (for scale or logical connectivity). Select either an ungrouped collector or a collector group with failover.
  5. Select Enhanced Script NetScan from the Method drop-down list.
  6. From the Enhanced Script section, select Device Credentials > Use custom credentials for this scan.
  7. Add the following properties. Properties provide the NetScan with the required Juniper Mist API credentials and change how and where the NetScan creates and organizes resources.
PropertyValueRequired?
mist.api.keyMist API tokenYes
mist.api.orgMist Organization IDYes
mist.api.org.nameYour Mist Org Name. This becomes the name of the root Resource Group for Juniper Mist, or becomes the name of top-level child Resource Group if you use the mist.api.org.folder property to specify an alternate root folder.No
mist.api.org.folderThe name of the LogicMonitor Resource Group that this NetScan creates or uses if already existing. The value can be a nested child folder; for example, folder/folder/folder.No
mist.api.org.sitesComma-separated site names to include (others are excluded).No
mist.api.org.collector.sites.csv
By default, new resources created by the NetScan are assigned to the collector that runs the NetScan. This property uses a CSV file to override the default behavior and assign Mist devices to your desired collector(s) based on Mist Site and LM Collector names. The CSV file must be stored on the collector that executes the NetScan:

Linux: /usr/local/logicmonitor/agent/bin
Windows: C:\Program Files\LogicMonitor\Agent\bin

For more information, see Mapping Mist Sites to LM Envision Collectors.
No
mist.api.urlAlternate region URLs include:

https://api.eu.mist.com/api/v1/
https://api.ac2.mist.com/api/v1/
https://api.gc1.mist.com/api/v1/
No
lmaccess.id
OR
logicmonitor.access.id
A LogicMonitor API access id to search for duplicate resources in the NetScan prior to adding them to the portal. For more information on portal monitoring, see LogicMonitor Portal Monitoring.Yes
lmaccess.key
OR
logicmonitor.access.key
A LogicMonitor API key to search for duplicate resources in the NetScan prior to adding them to the portal. For more information on portal monitoring, see LogicMonitor Portal Monitoring.Yes
hostname.sourceAllows for selection of the source of the hostname that is used by the NetScan. This is useful in preventing duplicate device creation when conflicts are found for existing resources. For more information, see NetScan Troubleshooting.No
skip.device.dedupeAllows you to skip device deduplication checks, making LogicMonitor API credentials not required.No
  1. In the Filters section, enter the following. Filtering gives you control over which sites and device types that the NetScan creates.
PropertyDescription
mist.api.org.site.nameComma-separated names of sites you want to include or exclude. By default (without this filter), the NetScan imports all sites as Resource Groups. Site names with spaces must include a backslash before the space.  For example: Site\ For\ APs, SiteD, Site\ 23
mist.device.typeComma-separated names of device types that the NetScan will include or exclude, depending on the operation setting.  By default (without this filter), the NetScan imports all device types. Valid device types are: apswitch, and gateway.
  1. When configuring the Enhanced Script Netscan, use Embed Groovy Script and use the following script:

Warning: Do not edit the script. Edited Enhanced Script NetScans are not supported. If the LogicMonitor-provided script is edited, LogicMonitor Support may (at their discretion) require you to overwrite your edits with the supported script if problems arise.

/*******************************************************************************
 * © 2007-2024 - LogicMonitor, Inc. All rights reserved.
 ******************************************************************************/
 
import com.logicmonitor.common.sse.utils.GroovyScriptHelper as GSH
import com.logicmonitor.mod.Snippets
import com.santaba.agent.util.Settings
import com.santaba.agent.AgentVersion
import groovy.json.JsonSlurper
import java.text.DecimalFormat

// To run in debug mode, set to true
Boolean debug = false
// To enable logging, set to true
Boolean log = false

// Set props object based on whether or not we are running inside a netscan or debug console
def props
try {
    hostProps.get("system.hostname")
    props = hostProps
    debug = true  // set debug to true so that we can ensure we do not print sensitive properties
}
catch (MissingPropertyException) {
    props = netscanProps
}

String organization = props.get("mist.api.org")
String token = props.get("mist.api.key")
if (!organization) {
    throw new Exception("Must provide mist.api.org to run this script.  Verify necessary credentials have been provided in Netscan properties.")
}
if (!token) {
    throw new Exception("Must provide mist.api.key credentials to run this script.  Verify necessary credentials have been provided in Netscan properties.")
}

def logCacheContext = "${organization}::juniper-mist"
Boolean skipDeviceDedupe = props.get("skip.device.dedupe", "false").toBoolean()
String hostnameSource    = props.get("hostname.source", "")?.toLowerCase()?.trim()

Integer collectorVersion = AgentVersion.AGENT_VERSION.toInteger()

// Bail out early if we don't have the correct minimum collector version to ensure netscan runs properly
if (collectorVersion < 32400) {
    def formattedVer = new DecimalFormat("00.000").format(collectorVersion / 1000)
    throw new Exception("Upgrade collector running netscan to 32.400 or higher to run full featured enhanced netscan. Currently running version ${formattedVer}.")
}

def modLoader = GSH.getInstance()._getScript("Snippets", Snippets.getLoader()).withBinding(getBinding())
def emit = modLoader.load("lm.emit", "1.1")
def lmDebugSnip = modLoader.load("lm.debug", "1")
def lmDebug     = lmDebugSnip.debugSnippetFactory(out, debug, log, logCacheContext)
def httpSnip    = modLoader.load("proto.http", "0")
def http        = httpSnip.httpSnippetFactory(props)
def cacheSnip   = modLoader.load("lm.cache", "0")
def cache       = cacheSnip.cacheSnippetFactory(lmDebug, logCacheContext)
// Only initialize lmApi snippet class if customer has not opted out
def lmApi
if (!skipDeviceDedupe) {
    def lmApiSnippet = modLoader.load("lm.api", "0")
    lmApi = lmApiSnippet.lmApiSnippetFactory(props, http, lmDebug)
}
def juniperMistSnip = modLoader.load("juniper.mist", "0")
def juniperMist     = juniperMistSnip.juniperMistSnippetFactory(props, lmDebug, cache, http)

String url = props.get("mist.api.url")?.trim() ?: "https://api.mist.com/api/v1/"
if (!url.endsWith("/")) url += "/"

String organizationDisplayname = props.get("mist.api.org.name")?.trim() ?: "MistOrganization"
String organizationFolder = props.get("mist.api.org.folder")?.trim() ? props.get("mist.api.org.folder") + "/" : ""
def sitesWhitelist = props.get("mist.api.org.sites")?.tokenize(",")?.collect{ it.trim() }
def collectorSitesCSV = props.get("mist.api.org.collector.sites.csv")
def collectorSiteInfo
if (collectorSitesCSV) {
    collectorSiteInfo = processCollectorSiteInfoCSV(collectorSitesCSV)
}

// Get information about devices that already exist in LM portal
List fields = ["name", "currentCollectorId", "displayName"]
Map args = ["size": 1000, "fields": fields.join(",")]
def lmDevices
// But first determine if the portal size is within a range that allows us to get all devices at once
def pathFlag, portalInfo, timeLimitSec, timeLimitMs
if (!skipDeviceDedupe) {
    portalInfo = lmApi.apiCallInfo("Devices", args)
    timeLimitSec = props.get("lmapi.timelimit.sec", "60").toInteger()
    timeLimitMs = (timeLimitSec) ? Math.min(Math.max(timeLimitSec, 30), 120) * 1000 : 60000 // Allow range 30-120 sec if configured; default to 60 sec

    if (portalInfo.timeEstimateMs > timeLimitMs) {
        lmDebug.LMDebugPrint("Estimate indicates LM API calls would take longer than time limit configured.  Proceeding with individual queries by display name for each device to add.")
        lmDebug.LMDebugPrint("\t${portalInfo}\n\tNOTE:  Time limit is set to ${timeLimitSec} seconds.  Adjust this limit by setting the property lmapi.timelimit.sec.  Max 120 seconds, min 30 seconds.")
        pathFlag = "ind"
    }
    else {
        lmDebug.LMDebugPrint("Response time indicates LM API calls will complete in a reasonable time range.  Proceeding to collect info on all devices to cross reference and prevent duplicate device creation.\n\t${portalInfo}")
        pathFlag = "all"
        lmDevices = lmApi.getPortalDevices(args)
    }
}

def now = new Date()
def dateFormat = "yyyy-MM-dd'T'HH:mm:ss.s z"
TimeZone tz = TimeZone.getDefault()
Map duplicateResources = [
    "date" : now.format(dateFormat, tz),
    "message" : "Duplicate device names and display names, keyed by display name that would be assigned by the netscan, found within LogicMonitor portal.  Refer to documentation for how to resolve name collisions using 'hostname.source' netscan property.",
    "total" : 0,
    "resources" : []
]

Map headers = ["Authorization":"token ${token}", "Accept":"application/json"]

List<Map> resources = []

def organizationSites = juniperMist.http.rawGet("${url}orgs/${organization}/sites", headers)
if (organizationSites) {
    organizationSites = juniperMist.slurper.parseText(organizationSites.content.text)
    organizationSites.each { organizationSite ->
        def siteName = organizationSite.get("name")
        if (sitesWhitelist != null && !sitesWhitelist.contains(siteName)) return    
        def site = organizationSite.get("id") 
        def siteDeviceStats = juniperMist.http.rawGet("${url}sites/${site}/stats/devices?type=all", headers)
        if (siteDeviceStats) {
            siteDeviceStats = juniperMist.slurper.parseText(siteDeviceStats.content.text)
            siteDeviceStats.each { siteDeviceStat ->
                def ip = siteDeviceStat.get("ip")
                def name = siteDeviceStat.get("name")
                def type = siteDeviceStat.get("type")
                def deviceProps = ["mist.api.org": organization, "mist.api.site": site, "mist.device.type": type, "mist.api.org.site.name": siteName, "mist.api.key": token, "mist.api.url": url]
                if (sitesWhitelist != null) deviceProps.put("mist.api.org.sites", props.get("mist.api.org.sites"))
                if (type == "ap") {
                    deviceProps.put("system.categories", "JuniperMistAP,NoPing")
                } else if (type == "switch") {
                    deviceProps.put("system.categories", "JuniperMistSwitch")
                } else if (type == "gateway") {
                    deviceProps.put("system.categories", "JuniperMistGateway")
                    if (siteDeviceStat.module_stat && siteDeviceStat.module2_stat) {
                        def primaryNodeIndex = siteDeviceStat.module_stat.node_name.get(0)
                        def secondaryNodeIndex = siteDeviceStat.module2_stat.node_name.get(0)
                        if (collectorSiteInfo) {
                            def collectorIdEntry = collectorSiteInfo.find{ it.contains(siteName) }
                            def collectorId = collectorIdEntry[0]
                            def folder = collectorIdEntry[2]                      
                            Map resource = [
                                "hostname"    : "${ip}-${secondaryNodeIndex}",
                                "displayname" : "${name}-${secondaryNodeIndex}",
                                "hostProps"   : deviceProps,
                                "groupName"   : ["${organizationFolder}${folder}/${siteName}"],
                                "collectorId" : collectorId
                            ]
                            resources.add(resource)
                        } else {
                            Map resource = [
                                "hostname"    : "${ip}-${secondaryNodeIndex}",
                                "displayname" : "${name}-${secondaryNodeIndex}",
                                "hostProps"   : deviceProps,
                                "groupName"   : ["${organizationFolder}${organizationDisplayname}/${siteName}"]
                            ]
                            resources.add(resource)
                        }
                        name = "${name}-${primaryNodeIndex}"
                    }
                }  

                String displayName = name

                // Check for existing device in LM portal with this displayName; set to false initially and update to true when dupe found
                def deviceMatch = false
                // If customer has opted out of device deduplication checks, we skip the lookups where we determine if a match exists and proceed as false
                if (!skipDeviceDedupe) {
                    if (pathFlag == "ind") {
                        deviceMatch = lmApi.findPortalDevice(displayName, args)
                        if (!deviceMatch) deviceMatch = lmApi.findPortalDeviceByName(ip, args)
                    }
                    else if (pathFlag == "all") {
                        deviceMatch = lmApi.checkExistingDevices(displayName, lmDevices)
                        if (!deviceMatch) deviceMatch = lmApi.checkExistingDevicesByName(ip, lmDevices)
                    }
                }
                if (deviceMatch) {
                    // Log duplicates that would cause additional devices to be created; unless these entries are resolved, they will not be added to resources for netscan output
                    def collisionInfo = [
                        (displayName) : [
                            "Netscan" : [
                                "hostname"    : ip,
                                "displayName" : displayName
                            ],
                            "LM" : [
                                "hostname"    : deviceMatch.name,
                                "collectorId" : deviceMatch.currentCollectorId,
                                "displayName" : deviceMatch.displayName
                            ],
                            "Resolved" : false
                        ]
                    ]

                    // If user specified to use LM hostname on display name match, update hostname variable accordingly
                    // and flag it as no longer a match since we have resolved the collision with user's input
                    if (hostnameSource == "lm" || hostnameSource == "logicmonitor") {
                        ip = deviceMatch.name
                        deviceMatch = false
                        collisionInfo[displayName]["Resolved"] = true
                    }
                    // If user specified to use netscan data for hostname, update the display name to make it unique
                    // and flag it as no longer a match since we have resolved the collision with user's input
                    else if (hostnameSource == "netscan") {
                        // Update the resolved status before we change the displayName
                        collisionInfo[displayName]["Resolved"] = true
                        displayName = "${displayName} - ${ip}"
                        deviceMatch = false
                    }

                    duplicateResources["resources"].add(collisionInfo)
                }

                def collectorId
                Map resource
                if (ip && name && type && siteName) {
                    if (ip.contains("127.0.0.1")) ip = name
                    if (collectorSiteInfo) {
                        def collectorIdEntry = collectorSiteInfo.find{ it.contains(siteName) }
                        collectorId = collectorIdEntry[0]
                        def folder = collectorIdEntry[2]                      
                        resource = [
                            "hostname"    : ip,
                            "displayname" : name,
                            "hostProps"   : deviceProps,
                            "groupName"   : ["${organizationFolder}${folder}/${siteName}"],
                            "collectorId" : collectorId
                        ]
                    } else {
                        resource = [
                            "hostname"    : ip,
                            "displayname" : name,
                            "hostProps"   : deviceProps,
                            "groupName"   : ["${organizationFolder}${organizationDisplayname}/${siteName}"]
                        ]
                    }

                    // Only add the collectorId field to resource map if we found a collector ID above
                    if (collectorId) {
                        resource["collectorId"] = collectorId
                        duplicateResources["resources"][displayName]["Netscan"][0]["collectorId"] = collectorId
                    }

                    if (!deviceMatch) {
                        resources.add(resource)
                    }
                }
            }
        } else {
            throw new Exception("Error occurred during sites/${site}/stats/devices?type=all HTTP GET: ${siteDeviceStats}.")
        }
    }

    lmDebug.LMDebugPrint("Duplicate Resources:")
    duplicateResources.resources.each {
        lmDebug.LMDebugPrint("\t${it}")
    }

    emit.resource(resources, debug)
} else {
    throw new Exception("Error occurred during orgs/${organization}/sites HTTP GET: ${organizationSites}.")
}

return 0


// Helper function to process a collector id, site organization device name, folder, and site CSV
def processCollectorSiteInfoCSV(String filename) {
    // Ensure relative filepath is complete with extension type
    def filepath
    if (!filename.contains("./")) {
        filepath = "./${filename}"
    }
    if (!filename.contains(".csv")) {
        filepath = "${filename}.csv"
    }

    // Read file into memory and split into list of lists
    def csv = new File(filepath)
    def rows = csv.readLines()*.split(",")
    def data

    // Verify whether headers are present and expected values
    // Sanitize for casing and extra whitespaces while gathering headers
    def maybeHeaders = rows[0]*.toLowerCase()*.trim()
    if (maybeHeaders.contains("collector id") && maybeHeaders.contains("site organization device name") && maybeHeaders.contains("folder") && maybeHeaders.contains("site")) {
        // Remove headers from dataset
        data = rows[1..-1]
    }
    // Bail out early if we don't have the expected headers in the provided CSV
    else {
        throw new Exception(" Required headers not provided in CSV.  Please provide \"Collector ID\", \"Site Organization Device Name\", \"Folder\", and \"Site\" (case insensitive).  Headers provided: \"${rows[0]}\"")
    }

    return data
}

Manually Adding Juniper Mist Resources

  1. Create a Juniper Mist Organization device group. For more information, see Adding Device Groups.
PropertyValue
mist.api.orgMist Organization ID
  1. Add the devices to the Mist Organization device group under a Site device group with the following property added. For more information, see How do I find my Org and Site ID?
PropertyValue
mist.api.siteMist Site ID
mist.api.keyAPI key

Juniper Mist Properties

Additional attributes and values for Juniper Mist.

Proxy Settings

The modules in this suite support HTTP connections using a proxy server. You can configure this in the Collector settings, see Configuring your Collector for use with HTTP Proxies, or with the following device host properties. Device host properties take precedence over Collector settings for proxy configurations.

PropertyValue
proxy.enable(Optional) This suite is written to use collector proxy settings for HTTP calls configured by the user. To enable, add this device property with the value set to true. Set to false to override the use of configured collector proxy settings and connect without a proxy.
proxy.host(Optional) Configure a proxy host to connect through that is different from collector configuration.
proxy.port(Optional) Configure a proxy port to connect through that is different from collector configuration.

Mapping Mist Sites to LM Envision Collectors

Collector IDSite Organization Device NameFolderSites
11Region_East_SitesRegion_EastNYC
11Region_East_SitesRegion_EastMIA
11Region_East_SitesRegion_EastCLT
11Region_East_SitesRegion_EastATL
11Region_East_SitesRegion_EastBOS
11Region_East_SitesRegion_EastCHS
1Region_West_SitesRegion_WestLAX
1Region_West_SitesRegion_WestLAS
1Region_West_SitesRegion_WestSEA

Comma-separated values for Collector ID, Site Organization Device Name, Folder, and Sites.

Collector ID,Site Organization Device Name,Folder,Sites
11,Region_East_Sites,Region_East,NYC
11,Region_East_Sites,Region_East,MIA
11,Region_East_Sites,Region_East,CLT
11,Region_East_Sites,Region_East,ATL
11,Region_East_Sites,Region_East,BOS
11,Region_East_Sites,Region_East,CHS
1,Region_West_Sites,Region_West,LAX
1,Region_West_Sites,Region_West,LAS
1,Region_West_Sites,Region_West,SEA

Juniper Mist Troubleshooting

  • This suite relies on collector script cache to continuously retrieve and store data from the Juniper Mist API to minimize rate limiting constraints. For more information, see Collector Script Caching. Continuous data collection is maintained through the Juniper_Mist_API DataSource, which writes API responses to the collector script cache. Juniper_Mist_API DataSource must be running successfully for all other modules in this package to be successful.
  • During onboarding, you can run Active Discovery manually on additional PropertySources in this package after Juniper_Mist_API begins collecting data to expedite monitoring and topology mapping.
  • If data gaps exist, verify Juniper_Mist_API is functioning successfully and check script cache health in the LogicMonitor_Collector_ScriptCache DataSource.

Note: The API used to pull data has rate limits. Check Juniper_Mist_API on your Mist Organization device in order to check if the API is unreachable or monitoring has hit the API rate limit.

LogicModules in Package

LogicMonitor’s package for Juniper Mist consists of the following LogicModules. For full coverage,  ensure that all of these LogicModules are imported into your LogicMonitor platform:

Display NameTypeDescription
Juniper_Mist_TopologyTopologySourceTopology of a Mist Org. Sites, and managed-devices.
Mist AP BeaconsDataSourceHealth and performance of Mist-managed AP Beacons.
Mist AP HealthDataSourceHealth and availability of Juniper Mist-managed wireless access points.
Mist AP InterfacesDataSourceStatus and network transmission and receive statistics for Juniper Mist-managed AP interfaces.
Mist AP PerformanceDataSourcePerformance of Juniper Mist-managed wireless access points.
Mist AP RadiosDataSourceMist-managed AP radio power and usage.
Mist APIDataSourceHealth of the monitored Mist Organization and the Mist API connection.
Mist Switch PerformanceDataSourcePerformance of Mist-managed switches.
Mist Switch HealthDataSourceHealth of Mist-managed switches.
Mist WAN Edge PerformanceDataSourcePerformance of Mist-managed session smart routers.
Mist WAN Edge HealthDataSourceHealth of Mist-managed session smart routers. Requires SMNP in order to collect data.
addCategory_Juniper_Mist_DevicePropertySourceAdds the JuniperMist<device type> system.category to devices managed by Juniper Mist Requires Juniper_Mist_Org DataSource (watchdog) in order to collect data.
addCategory_Juniper_Mist_OrganizationPropertySourceAdds the JuniperMistOrg system.category to devices responsible for collecting data for the Juniper Mist organization.
addERI_Juniper_Mist_DevicePropertySourceSets Juniper Mist device MAC address ERI and device type ERT. Requires Juniper_Mist_Org DataSource (watchdog) in order to collect data.
addERI_Juniper_Mist_OrganizationPropertySourceSets Juniper Mist organization UUID ERI and Cluster ERT.

When setting static datapoint thresholds on the various metrics tracked by this package’s DataSources, LogicMonitor follows the technology owner’s best practice KPI recommendations.

Recommendation:As necessary, adjust these predefined thresholds to meet the unique needs of your environment. For more information on tuning datapoint thresholds, see Tuning Static Thresholds for Datapoints.

In This Article