NSX Application Platform collects and stores statistics for security features. You can view these metrics by invoking the time series metrics APIs.

Before you begin

You must have 'NSX Gateway Firewall with Advanced Threat Prevention' license for time series monitoring.

You must deploy NSX Application Platform. For more details about deploying NSX Application Platform, see the Deploying and Managing NSX Application Platform guide. The Metrics feature is enabled by default when you deploy NSX Application Platform.

Security Statistics

The following security features generate statistics with API/CLI respectively:
  • TLS Inspection
  • Gateway IDPS
  • Gateway Firewall and Connections
Note:

Starting with NSX-T Data Center 3.2.1, TLS Inspection and Gateway IDPS are available for production environments and has full support. In NSX-T Data Center 3.2.0 these features were available in tech preview mode only. For more information, see the NSX-T Data Center Release Notes.

Time series metrics is available only for TLS Inspection, Gateway IDPS, and Gateway Firewall. You can retrieve these metrics through the metric APIs.
Note: For URL Filtering and Malware prevention, only point-in-time security metrics is available and displayed on NSX Manager User Interface.

Metrics API

You can use Metrics APIs to fetch the time series metrics. These APIs can take multiple intent paths or UUIDS as input for a specific resource type, such as edge or firewall, and return the corresponding metrics.

Using time series metrics, you can monitor the trend in key performance indicators, detect anomalies, perform before and after analysis, and get the historical context which can help in troubleshooting.

Based on your role, you can view metrics of only those objects for which you have the authorization.

For high-level information about the time series metrics workflow, see APIs to Fetch Time-Series Metrics. For complete information about how to invoke the time series metrics APIs, see NSX Intelligence & NSX Application Platform API Guide.

Display Statistics on NSX Manager User Interface.

Two types of metrics can be viewed on NSX Manager User Interface:

  • Point-in-time - Recent data fetched from the Node.
  • Time series - Historical data to provide daily, weekly, monthly and yearly view.

All time series metrics are accessible through the metrics API. However, some of the time series metrics are also available on NSX Manager User Interface.

For dashboard information associated to each security feature, see Security Overview.

For information on how to monitor NSX Edge Nodes and Gateways, see Monitor NSX Edge Nodes and Gateways.