How does eG Enterprise Monitor Cisco Intersight?

The eG Enterprise is capable of monitoring the Cisco Intersight in an agentless manner. Remote eG agent connects to Cisco Intersight through Intersight API.

Prerequisites to connect to Cisco Intersight:

eG Enterprise connects to Cisco Intersight using the API to collect the monitoring metrics. Intersight supports following API authorization schemes -

  • API Keys with HTTP signature.

  • OAuth2 client credentials grant.

  • OAuth2 authorization grant.

  • Session cookies, typically for browser-based sessions.

eG agent makes use of API keys for connectivity with Cisco Intersight API. API keys are based on public key cryptography. An API key is composed of a keyId and keySecret. The API client uses the API key to cryptographically sign each HTTP request sent to Intersight.

Benefits of using API Keys

  1. No shared secret is sent to Intersight, thereby reducing the risk of compromising user credentials.

  2. A user can generate separate API keys for each client application.

  3. The API key allows you to monitor the application's API usage.

  4. The API usage and audit logs can be traced to individual client applications.

  5. When an API key is compromised, it can be revoked without affecting other client applications, and without compromising the user credentials (including cisco.com credentials)

  6. Each API key (hence each client application) can be assigned specific roles and privileges.

Generate API Key from User Interface

  1. Login to Cisco Intersight using your cisco.com admin credentials. You will land on Intersight Dashboard.

  2. From Intersight dashboard, click your name in the upper right corner, the click "Generate API Keys".

  3. You are presented with key ID and private key, and the message like below -

  4. Copy the key ID and private in a secure location. The client owns the private key and is responsible for maintaining the confidentiality of the private key. Secure storage of the private keys at the client side is beyond the scope of this document. The generated private key and public key are encoded in PEM format.

  5. To connect to Cisco Intersight, you need Cisco Intersight SDK.

Prerequisites to monitor Cisco Intersight using API

  1. eG Enterprise uses agentless approach to monitor Cisco Intersight, the remote agent needs to be Windows agent.

  2. Windows agent requires Cisco Intersight Powershell SDK to be installed. Below are the steps to set up windows agent with Intersight SDK :

    1. Cisco Intersight PowerShell SDK requires the minimum version of Windows PowerShell is 7.1.

    2. Use the below link to download the Powershell SDK, store the downloaded installable.

      https://github.com/PowerShell/PowerShell/releases/download/v7.1.4/PowerShell-7.1.4-win-x64.msi

    3. Use below location to download Powershell module and store in specific location.

      https://www.powershellgallery.com/packages/Intersight.PowerShell/1.0.9.4437

    4. Install Windows Powershell SDK v7.x.x from downloaded SDK installable.

    5. Open Powershell v 7.x.x asdeicted in image below.

    6. Open the Powershell window and navigate to the location where Intersight SDK module installable is stored, as shown in image below.

    7. Install the module with Powershell Install-Module command.

    8. Above step will install the module and your eG agent is ready to monitor Cisco Intersight.

    9. eG agent will read the location of API Key Id and Secret file from configuration parameters of the test provided through eG UI.