Starting in 4.2.1, NSX creates a report of your security features' core usage as a CSV or JSON file every week.
To use the report, NSX API is available to export the CSV file as
GET /license/security-usage?format=csv. Users with the following role-based access control (RBAC) have permission to export the CSV file:
- Enterprise Admin
- Auditor
- Support Bundle Collector
All of the keys below will be included in the CSV report:
| Key | Description |
|---|---|
| raw_host_core_count_distributed_firewall | This displays the number of CPU Cores on the hypervisor hosts where Distributed Firewall is enabled and user-created distributed firewall rules have been published to the host. |
| raw_host_core_count_distributed_intelligence | This displays the number of CPU Cores on the hypervisor hosts where Distributed Firewall is enabled, and Security Intelligence is enabled. |
| raw_host_core_count_distributed_ipfix | This displays the number of CPU Cores on the hypervisor hosts where Firewall IPFIX Profile is applied. |
| raw_host_core_count_distributed_baremetal | This displays the number of CPU Cores on the bare metal servers where Distributed Firewall is enabled, and user created rules are published to NSX bare metal agent nodes. |
| raw_host_core_count_distributed_intelligence_baremetal | This displays the number of CPU Cores on the NSX bare metal servers where Distributed Firewall is enabled and Security Intelligence is in use. |
| raw_host_core_count_distributed_ipfix_baremetal | This displays the number of CPU Cores on the bare metal servers where Firewall IPFIX is in use. |
| raw_host_core_count_distributed_idps | This displays the number of CPU Cores on the hypervisor hosts where Distributed IDS/IPS is enabled. |
| raw_host_core_count_distributed_mps | This displays the number of CPU Cores on the hypervisor hosts where service deployments are configured with MPS functionality. |
| raw_host_core_count_ndr | This displays the number of CPU Cores on the hypervisor hosts where Network Detection and Response is enabled, in combination with IDS, Malware Prevention, or Intelligence enablement. |
| raw_edge_core_count_gateway_firewall | This displays the number of CPU Cores on the NSX Edge, both VM and Bare Metal form factors, where Stateful Gateway Firewall rules are in use. |
| raw_edge_core_count_gateway_tls | This displays the number of CPU Cores on the NSX Edge, both VM and Bare Metal form factors, where Gateway Firewall - TLS feature is enabled. |
| raw_edge_core_count_gateway_idps | This displays the number of CPU Cores on the NSX Edge, both VM and Bare Metal form factors, where Gateway IDS/IPS feature is enabled. |
| raw_edge_core_count_gateway_mps | This displays the number of CPU Cores on the NSX Edge, both VM and Bare Metal form factors, where Gateway Malware Prevention feature is enabled. |
| dpu_core_count_all_editions | This displays the number of DPU Cores associated with VMware NSX, when at least one security feature is enabled. |
| licensed_host_core_count_distributed_firewall | This displays the number of CPU Cores on the hypervisor hosts where Distributed Firewall is enabled, after taking into account the Deployment Specific Purchase Requirement of minimum 16 cores per CPU socket. |
| licensed_host_core_count_distributed_intelligence | This displays the number of CPU Cores on the hypervisor hosts where Security Intelligence is enabled, after taking into account the Deployment Specific Purchase Requirement of minimum 16 cores per CPU socket. |
| licensed_host_core_count_distributed_ipfix | This displays the number of CPU Cores on the hypervisor hosts where DFW IPFIX is applied, after taking into account the Deployment Specific Purchase Requirement of minimum 16 cores per CPU socket. |
| licensed_host_core_count_distributed_baremetal | This displays the number of CPU Cores on the bare metal servers where NSX bare metal agent is installed, after taking into account the Deployment Specific Purchase Requirement of minimum license capacity of one core for every four (4) cores of Bare Metal. |
| licensed_host_core_count_distributed_intelligence_baremetal | This displays the number of CPU Cores on the bare metal servers where Security Intelligence is in use, after taking into account the Deployment Specific Purchase Requirement of minimum license capacity of one core for every four (4) cores of Bare Metal. |
| licensed_host_core_count_distributed_ipfix_baremetal | This displays the number of CPU Cores on the bare metal servers where Firewall IPFIX is in use, after taking into account the Deployment Specific Purchase Requirement of minimum license capacity of one core for every four (4) cores of Bare Metal. |
| licensed_host_core_count_distributed_idps | This displays the number of CPU Cores on the hypervisor hosts where Distributed IDS/IPS is enabled, after taking into account the Deployment Specific Purchase Requirement of minimum 16 cores per CPU socket. |
| licensed_host_core_count_distributed_mps | This displays the number of CPU Cores on the hypervisor hosts where Distributed Malware Prevention is enabled,after taking into account the Deployment Specific Purchase Requirement of minimum 16 cores per CPU socket. |
| licensed_host_core_count_ndr | This displays the number of CPU Cores on the hypervisor hosts where Network Detection and Response is enabled,after taking into account the Deployment Specific Purchase Requirement of minimum 16 cores per CPU socket. |
| licensed_edge_core_count_gateway_firewall | This displays the number of CPU Cores on the NSX Edge, both VM and Bare Metal form factors, where Stateful Gateway Firewall rules are in use. This is after taking into account the Deployment Specific Purchase Requirement which requires four (4) cores to deploy one (1) core of Gateway Firewall. |
| licensed_edge_core_count_gateway_tls | This displays the number of CPU Cores on the NSX Edge, both VM and Bare Metal form factors, where Gateway Firewall - TLS feature is in use. This is after taking into account the Deployment Specific Purchase Requirement which requires four (4) cores to deploy one (1) core of Gateway Firewall. |
| licensed_edge_core_count_gateway_idps | This displays the number of CPU Cores on the NSX Edge, both VM and Bare Metal form factors, where Gateway IDS/IPS feature is in use. This is after taking into account the Deploymentt Specific Purchase Requirement which requires four (4) cores to deploy one (1) core of Gateway Firewall. |
| licensed_edge_core_count_gateway_mps | This displays the number of CPU Cores on the NSX Edge, both VM and Bare Metal form factors, where Gateway Malware Prevention feature is in use. This is after taking into account the Deployment Specific Purchase Requirement which requires four (4) cores to deploy one (1) core of Gateway Firewall. |
| licensed_total_core_count_firewall_edition | This displays the total quantity of licensed Cores (across hypervisor hosts, bare metal servers, edge gateways, and DPUs) where VMware vDefend Firewall features are in use. |
| licensed_total_core_count_firewall_atp_edition | This displays the total quantity of licensed Cores (across hypervisor hosts, bare metal servers, edge gateways, and DPUs) where VMware vDefend Firewall with Advanced Threat Prevention features are in use. |
| max_raw_core_count_per_host | This displays the high watermark number of CPU Cores observed across all hypervisor hosts where a VMware vDefend Firewall feature is in use. |
| max_raw_core_count_per_socket | This displays the high watermark number of CPU Cores per CPU Socket observed across all hypervisor hosts where a VMware vDefend Firewall feature is in use. |
| max_socket_count_per_host | This displays the high watermark number of CPU Sockets per Host observed across all hypervisor hosts where a VMware vDefend Firewall feature is in use. |
| num_edge_small_factor | This displays the number of NSX Edges deployed with Small appliance size (2 cores). |
| num_edge_medium_factor | This displays the number of NSX Edges deployed with Medium appliance size (4 cores) |
| num_edge_large_factor | This displays the number of NSX Edges deployed with Large appliance size (8 cores). |
| num_edge_xlarge_factor | This displays the number of NSX Edges deployed with X-Large appliance size (16 cores) |
| num_edge_baremetal_at_recommended_cores | This displays the number of NSX Bare Metal Edges deployed at or above recommended CPU Cores. As of NSX 4.x, this will count Edges with 25-80 cores. |
| num_edge_baremetal_at_minimum_cores | This displays the number of NSX Bare Metal Edges deployed at minimum CPU Cores requirement. As of NSX 4.x, this will count Edges with 8-24 cores. |
| number_of_nsgroup | This displays the number of Grouping objects in VMware NSX Manager. |
| number_of_firewall_rules | This displays the number of Distributed, Gateway and Bridge Firewall rules in VMware NSX Manager. |
| number_of_prepared_hosts | This displays the number of NSX-prepared hosts in VMware NSX Manager. |
| number_of_virtual_machines | This displays the number of Virtual Machines on NSX-prepared hosts managed by VMware NSX Manager. |
| number_of_tier_0_gateways | This displays the number of Tier 0 Gateways. |
| number_of_tier_1_gateways | This displays the number of Tier 1 Gateways. |
| number_of_dfw_rules | This displays the number of Distributed Firewall rules in VMware NSX Manager. |
| intelligence_deployed | This displays "True" if Security Intelligence is deployed and enabled. |
| recommendation_sessions_total | This displays the number of firewall recommendation sessions generated by Security Intelligence. |
| napp_appliance_version | This displays the release version number of the NSX Application Platform appliance. |
| number_of_ids_gateway_rules | This displays the number of Gateway IDS/IPS rules. |
| number_of_ids_security_policies | This displays the number of Gateway IDS/IPS policy sections. |
| mps_total_number_of_profiles | This displays the number of Malware Prevention profiles. |
| mps_number_of_dfw_ids_rules_with_custom_mps_profiles | This displays the number of Distributed IDS Rules that use a Custom Malware Prevention profile. |
| mps_number_of_gateway_ids_rules_with_custom_mps_profiles | This displays the number of Gateway IDS Rules that use a Custom Malware Prevention profile. |
| nta_enabled | This displays "true" if any of the NTA Detectors is enabled, otherwise displays "false". |
| nsx_manager_version | This displays the release version number of the NSX Manager appliance. A sample value could be "4.2.1.0.0.24125808." |
| nsx_deployment_id | This displays the identifier of the NSX Manager deployment instance. A sample value could be "25c2bc2e-d9a3-4051-9dc9-668fc6073579." |
| nsx_site_id | This displays the Site identifier of the NSX Manager instance. A sample value could be "84edaf7d-51da-40fb-8651-22bc7aa63433." |
| license_edition_type | This displays the names of the license editions that have been assigned in VMware NSX Manager. |
| license_key | This displays the license keys that have been assigned in VMware NSX Manager. |
| total_firewall_ipfix_profiles | This displays the number of Firewall IPFIX Profiles. |
| host_number_of_host_node_cpu_cores | This displays the number of cpu cores across all NSX Edges registered to VMware NSX Manager. |
| edge_number_of_edge_node_cpu_cores | This displays the number of cpu cores across all NSX Edges registered to VMware NSX Manager. |
| last_update_timestamp | This displays the timestamp of when the last data collection was performed on this site. |
