AnalyticsProfile

uuid

Type

string

Category

required

Description

UUID of the analytics profile.

name

Type

string

Category

required

Description

The name of the analytics profile.

tenant_ref

Type

Reference to Tenant

Category

required

Description

description

Type

string

Category

optional

Description

apdex_response_threshold

Type

uint32

Category

optional

Description

If a client receives an HTTP response in less than the Satisfactory Latency Threshold, the request is considered Satisfied. It is considered Tolerated if it is not Satisfied and less than Tolerated Latency Factor multiplied by the Satisfactory Latency Threshold. Greater than this number and the client's request is considered Frustrated.

Default

500

apdex_response_tolerated_factor

Type

Unknown

Category

optional

Description

Client tolerated response latency factor. Client must receive a response within this factor times the satisfactory threshold (apdex_response_threshold) to be considered tolerated

Default

4.0

apdex_server_response_threshold

Type

uint32

Category

optional

Description

A server HTTP response is considered Satisfied if latency is less than the Satisfactory Latency Threshold. The response is considered tolerated when it is greater than Satisfied but less than the Tolerated Latency Factor * S_Latency. Greater than this number and the server response is considered Frustrated.

Default

400

apdex_server_response_tolerated_factor

Type

Unknown

Category

optional

Description

Server tolerated response latency factor. Servermust response within this factor times the satisfactory threshold (apdex_server_response_threshold) to be considered tolerated

Default

4.0

apdex_rtt_threshold

Type

uint32

Category

optional

Description

Satisfactory client to Avi Round Trip Time(RTT).

Default

250

apdex_rtt_tolerated_factor

Type

Unknown

Category

optional

Description

Tolerated client to Avi Round Trip Time(RTT) factor. It is a multiple of apdex_rtt_tolerated_factor.

Default

4.0

apdex_server_rtt_threshold

Type

uint32

Category

optional

Description

Satisfactory client to Avi Round Trip Time(RTT).

Default

125

apdex_server_rtt_tolerated_factor

Type

Unknown

Category

optional

Description

Tolerated client to Avi Round Trip Time(RTT) factor. It is a multiple of apdex_rtt_tolerated_factor.

Default

4.0

apdex_rum_threshold

Type

uint32

Category

optional

Description

If a client is able to load a page in less than the Satisfactory Latency Threshold, the PageLoad is considered Satisfied. It is considered tolerated if it is greater than Satisfied but less than the Tolerated Latency multiplied by Satisifed Latency. Greater than this number and the client's request is considered Frustrated. A PageLoad includes the time for DNS lookup, download of all HTTP objects, and page render time.

Default

5000

apdex_rum_tolerated_factor

Type

Unknown

Category

optional

Description

Virtual service threshold factor for tolerated Page Load Time (PLT) as multiple of apdex_rum_threshold.

Default

4.0

conn_lossy_total_rexmt_threshold

Type

uint32

Category

optional

Description

A connection between client and Avi is considered lossy when more than this percentage of packets are retransmitted.

Default

50

conn_lossy_timeo_rexmt_threshold

Type

uint32

Category

optional

Description

A connection between client and Avi is considered lossy when more than this percentage of packets are retransmitted due to timeout.

Default

20

conn_lossy_ooo_threshold

Type

uint32

Category

optional

Description

A connection between client and Avi is considered lossy when more than this percentage of out of order packets are received.

Default

50

conn_lossy_zero_win_size_event_threshold

Type

uint32

Category

optional

Description

A client connection is considered lossy when percentage of times a packet could not be trasmitted due to TCP zero window is above this threshold.

Default

2

conn_server_lossy_total_rexmt_threshold

Type

uint32

Category

optional

Description

A connection between Avi and server is considered lossy when more than this percentage of packets are retransmitted.

Default

50

conn_server_lossy_timeo_rexmt_threshold

Type

uint32

Category

optional

Description

A connection between Avi and server is considered lossy when more than this percentage of packets are retransmitted due to timeout.

Default

20

conn_server_lossy_ooo_threshold

Type

uint32

Category

optional

Description

A connection between Avi and server is considered lossy when more than this percentage of out of order packets are received.

Default

50

conn_server_lossy_zero_win_size_event_threshold

Type

uint32

Category

optional

Description

A server connection is considered lossy when percentage of times a packet could not be trasmitted due to TCP zero window is above this threshold.

Default

2

exclude_client_close_before_request_as_error

Type

bool

Category

optional

Description

Exclude client closed connection before an HTTP request could be completed from being classified as an error.

Default

False

exclude_tcp_reset_as_error

Type

bool

Category

optional

Description

Exclude TCP resets by client from the list of potential errors.

Default

False

exclude_server_tcp_reset_as_error

Type

bool

Category

optional

Description

Exclude server TCP reset from errors. It is common for applications like MS Exchange.

Default

False

exclude_persistence_change_as_error

Type

bool

Category

optional

Description

Exclude persistence server changed while load balancing' from the list of errors.

Default

False

exclude_syn_retransmit_as_error

Type

bool

Category

optional

Description

Exclude 'server unanswered syns' from the list of errors.

Default

False

exclude_invalid_dns_query_as_error

Type

bool

Category

optional

Description

Exclude invalid dns queries from the list of errors.

Default

False

exclude_invalid_dns_domain_as_error

Type

bool

Category

optional

Description

Exclude dns queries to domains outside the domains configured in the DNS application profile from the list of errors.

Default

False

exclude_no_dns_record_as_error

Type

bool

Category

optional

Description

Exclude queries to domains that did not have configured services/records from the list of errors.

Default

False

exclude_unsupported_dns_query_as_error

Type

bool

Category

optional

Description

Exclude unsupported dns queries from the list of errors.

Default

False

hs_performance_boost

Type

uint32

Category

optional

Description

Adds free performance score credits to health score. It can be used for compensating health score for known slow applications.

Default

0

hs_max_anomaly_penalty

Type

uint32

Category

optional

Description

Maximum penalty that may be deducted from health score for anomalies.

Default

10

hs_max_resources_penalty

Type

uint32

Category

optional

Description

Maximum penalty that may be deducted from health score for high resource utilization.

Default

25

hs_max_security_penalty

Type

uint32

Category

optional

Description

Maximum penalty that may be deducted from health score based on security assessment.

Default

100

hs_security_nonpfs_penalty

Type

Unknown

Category

optional

Description

Penalty for allowing non-PFS handshakes.

Default

1.0

hs_security_weak_signature_algo_penalty

Type

Unknown

Category

optional

Description

Penalty for allowing weak signature algorithm(s).

Default

1.0

hs_security_ssl30_score

Type

Unknown

Category

optional

Description

Score assigned when supporting SSL3.0 encryption protocol

Default

3.5

hs_security_tls10_score

Type

Unknown

Category

optional

Description

Score assigned when supporting TLS1.0 encryption protocol

Default

5.0

hs_security_tls11_score

Type

Unknown

Category

optional

Description

Score assigned when supporting TLS1.1 encryption protocol

Default

5.0

hs_security_tls12_score

Type

Unknown

Category

optional

Description

Score assigned when supporting TLS1.2 encryption protocol

Default

5.0

hs_event_throttle_window

Type

uint32

Category

optional

Description

Time window (in secs) within which only unique health change events should occur

Default

1209600

hs_min_dos_rate

Type

uint32

Category

optional

Description

DoS connection rate below which the DoS security assessment will not kick in.

Default

1000

hs_security_certscore_expired

Type

Unknown

Category

optional

Description

Score assigned when the certificate has expired

Default

0.0

hs_security_certscore_le07d

Type

Unknown

Category

optional

Description

Score assigned when the certificate expires in less than or equal to 7 days

Default

2.0

hs_security_certscore_le30d

Type

Unknown

Category

optional

Description

Score assigned when the certificate expires in less than or equal to 30 days

Default

4.0

hs_security_certscore_gt30d

Type

Unknown

Category

optional

Description

Score assigned when the certificate expires in more than 30 days

Default

5.0

hs_security_cipherscore_eq000b

Type

Unknown

Category

optional

Description

Score assigned when the minimum cipher strength is 0 bits

Default

0.0

hs_security_cipherscore_lt128b

Type

Unknown

Category

optional

Description

Score assigned when the minimum cipher strength is less than 128 bits

Default

3.5

hs_security_cipherscore_ge128b

Type

Unknown

Category

optional

Description

Score assigned when the minimum cipher strength is greater than equal to 128 bits

Default

5.0

hs_security_selfsignedcert_penalty

Type

Unknown

Category

optional

Description

Deprecated

Default

1.0

hs_security_encalgo_score_rc4

Type

Unknown

Category

optional

Description

Score assigned when RC4 algorithm is used for encryption.

Default

2.5

hs_security_encalgo_score_none

Type

Unknown

Category

optional

Description

Score assigned when no algorithm is used for encryption.

Default

0.0

hs_security_chain_invalidity_penalty

Type

Unknown

Category

optional

Description

Penalty for allowing certificates with invalid chain.

Default

1.0

hs_security_hsts_penalty

Type

Unknown

Category

optional

Description

Penalty for not enabling HSTS.

Default

1.0

disable_server_analytics

Type

bool

Category

optional

Description

Disable analytics on backend servers. This may be desired in container environment when there are large number of ephemeral servers

Default

False

disable_se_analytics

Type

bool

Category

optional

Description

Disable node (service engine) level analytics forvs metrics

Default

False

hs_pscore_traffic_threshold_l4_client

Type

Unknown

Category

optional

Description

Threshold number of connections in 5min, below which apdexr, apdexc, rum_apdex, and other network quality metrics are not computed.

Default

10.0

hs_pscore_traffic_threshold_l4_server

Type

Unknown

Category

optional

Description

Threshold number of connections in 5min, below which apdexr, apdexc, rum_apdex, and other network quality metrics are not computed.

Default

10.0

exclude_gs_down_as_error

Type

bool

Category

optional

Description

Exclude queries to GSLB services that are operationally down from the list of errors.

Default

False

exclude_no_valid_gs_member_as_error

Type

bool

Category

optional

Description

Exclude queries to GSLB services that have no available members from the list of errors.

Default

False

client_log_config

Type

ClientLogConfiguration

Category

optional

Description

Configure which logs are sent to the Avi Controller from SEs and how they are processed.

client_log_streaming_config

Type

ClientLogStreamingConfig

Category

optional

Description

Configure to stream logs to an external server.

exclude_http_error_codes

Type

int32

Category

repeated

Description

List of HTTP status codes to be excluded from being classified as an error. Error connections or responses impacts health score, are included as significant logs, and may be classified as part of a DoS attack.

ranges

Type

HTTPStatusRange

Category

repeated

Description

List of HTTP status code ranges to be excluded from being classified as an error.

resp_code_block

Type

enum

Category

repeated

Description

Block of HTTP response codes to be excluded from being classified as an error.

Choices

AP_HTTP_RSP_4XX, AP_HTTP_RSP_5XX

exclude_server_dns_error_as_error

Type

bool

Category

optional

Description

Exclude server dns error response from the list of errors.

Default

False

ClientLogConfiguration

enable_significant_log_collection

Type

bool

Category

optional

Description

Enable significant log collection. By default, this flag is enabled, which means that Avi SEs collect significant logs and forward them to Controller for further processing. For example, these logs correspond to error conditions such as when the response code for a request is 500. Users can disable this flag to turn off default significant log collection.

Default

True

significant_log_processing

Type

enum

Category

optional

Description

Significant logs are processed by the Logs Analytics system according to this setting.

Default

LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND

Choices

LOGS_PROCESSING_NONE, LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND, LOGS_PROCESSING_AUTO_SYNC_AND_INDEX, LOGS_PROCESSING_AUTO_SYNC_BUT_INDEX_ON_DEMAND

filtered_log_processing

Type

enum

Category

optional

Description

(Note: Only sync_and_index_on_demand is implemented at this time) Filtered logs are logs that match any client log filters or rules with logging enabled. Such logs are processed by the Logs Analytics system according to this setting.

Default

LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND

Choices

LOGS_PROCESSING_NONE, LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND, LOGS_PROCESSING_AUTO_SYNC_AND_INDEX, LOGS_PROCESSING_AUTO_SYNC_BUT_INDEX_ON_DEMAND

non_significant_log_processing

Type

enum

Category

optional

Description

(Note: Only sync_and_index_on_demand is implemented at this time) Logs that are neither significant nor filtered, are processed by the Logs Analytics system according to this setting.

Default

LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND

Choices

LOGS_PROCESSING_NONE, LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND, LOGS_PROCESSING_AUTO_SYNC_AND_INDEX, LOGS_PROCESSING_AUTO_SYNC_BUT_INDEX_ON_DEMAND

ClientLogStreamingConfig

external_server

Type

string

Category

optional

Description

The destination server IP address or hostname. If a name is provided, this should be resolvable on Avi Service Engines.

external_server_port

Type

uint32

Category

optional

Description

The destination server's service port.

Default

514

log_types_to_send

Type

enum

Category

optional

Description

Type of logs to stream to the external server. Default is LOGS_ALL, i.e., send all logs.

Default

LOGS_ALL

Choices

LOGS_SIGNIFICANT_ONLY, LOGS_UDF_ONLY, LOGS_UDF_SIGNIFICANT, LOGS_ALL

max_logs_per_second

Type

uint32

Category

optional

Description

Maximum number of logs per second streamed to the remote server. By default, 100 logs per second are streamed. Set this to zero(0) to not enforce any limit.

Default

100

HTTPStatusRange

begin

Type

int32

Category

required

Description

Starting HTTP response status code

end

Type

int32

Category

required

Description

Ending HTTP response status code

AnalyticsProfileInternal

se_uuid

Type

string

Category

optional

Description

proc_id

Type

string

Category

optional

Description

analytics_profile_config

Type

AnalyticsProfile

Category

optional

Description

anp_rtm_ref_l4

Type

int32

Category

required

Description