Application Metadata Exporter
Refer to the following topics for more detailed information on the various ways to configure AMX:
- Export AMI output by AMX
- Export of 3G/4G/5G Control Plane Metadata by AMX
- Export of GigaVUE Enriched Metadata for Mobile Networks by AMX
- Export of GigaVUE Enriched Metadata for Cloud Workloads by AMX
Export AMI output by AMX
Application Metadata Exporter(AMX) application converts the output from the Application Metadata Intelligence (AMI) in CEF format into JSON format and sends it to the cloud tools and Kafka Consumers.
The AMX application can be deployed only on a GigaVUE V Series Node and can be connected to Application Metadata Intelligence running on a physical node or a virtual machine. The AMX application and the AMI are managed by GigaVUE-FM.
Export of 3G/4G/5G Control Plane Metadata by AMX
The AMX application can also export the 3G/4G control plane metadata received from the GTP Correlation engine and 5G control plane metadata received from the 5G CPN engine to the cloud tools and Kafka in Flat JSON format.
The AMX application can be deployed only on a GigaVUE V Series node and can be connected to a GTP Correlation / 5G CPN engine running on a physical node.
Export of GigaVUE Enriched Metadata for Mobile Networks by AMX
The metadata enrichment enhances service provider analytics, by generating metadata on 5G/4G/3G network traffic. The AMX correlates the user plane metadata produced by AMI with the control plane metadata produced by the GTP/5G correlation mobility application to produce an enriched metadata feed for the mobile networks. This data feed helps with use cases like service personalization, planning and many others by containing information about the
- Subscriber Session
- Over the Top Application
- Handset Type
- Location
- Flow throughput calculation attributes - DL, UL bytes and time stamp.
- Application Protocol
- Core Network Information
- User Tunnel Information
Export of GigaVUE Enriched Metadata for Mobile Networks is supported only for GigaVUE V Series Node deployed using Third Party Orchestration on VMware ESXi. Refer to Configure GigaVUE Fabric Components using VMware ESXi for more detailed information on how to deploy GigaVUE V Series Node using Third Party Orchestration in VMware ESXi.
For information on Control Plane Metadata, refer Control Plane Metadata
Export of GigaVUE Enriched Metadata for Cloud Workloads by AMX
Required License: SecureVUE Plus License
GigaVUE Enriched Metadata for Cloud Workloads provides comprehensive situational awareness to address security and performance pain points in a timely manner. It enriches application metadata from N/S and lateral traffic with key host environment details that allows you to find critical information as follows:
- The location of the workloads hosted and their virtual network.
- The operational environment to which the workloads belong to.
- The instance types used, images, tags that the workload contains.
- The host name, the security associations like security group name, IAM instance profile name.
Export of GigaVUE Enriched Metadata for Cloud Workloads is supported on the following cloud platforms:
- AWS
- Azure
- VMware (ESXi and NSX-T)
This feature works by using the inventory API which is queried in the following intervals.
- VMware: 300 sec
- AWS: 30 sec
- Azure: 60 sec
The default inventory query interval should suffice in most cases, however the interval can be customized in extreme situations. Please contact Gigamon Support for assistance.
In addition to the fixed intervals of polling the inventory, if you wish to get automatic updates from the workloads, you can do so by subscribing to the following optional services.
- AWS- Requires setup of SQS in AWS and event subscription settings to access it.
- Azure - Requires setup of Storage Queue and Events Subscription and settings to access it.
- VMware - No additional configuration is required as the dynamic updates are supported by default.
Refer to Prerequisites for Export of GigaVUE Enriched Metadata for Cloud Workloads for more detailed information.
AMX application performs the enrichment every 10 seconds. It picks the flow records, which are 15 seconds or older, to allow any delays in fetching the inventory details, and uses the IP address of the endpoints to enrich the records based on the selected attributes. Please refer to the following figure for the high-level illustration of the solution. The solution can be deployed using GigaVUE-FM or Third Party Orchestration.
The enrichment supported depends on the type of platform. Refer to Attributes for GigaVUE Enriched Metadata for Cloud Workloads for more details.
Refer to the following topics for more detailed information and configuration:
- AMX Application Deployment Options
- Prerequisites for Application Metadata Exporter
- Rules and Notes
- Configure Application Metadata Exporter Application
- View Application Statistics for Application Metadata Exporter
- Attributes for GigaVUE Enriched Metadata for Mobile Networks.
- Attributes for GigaVUE Enriched Metadata for Cloud Workloads
