The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Cisco Nexus Dashboard Insights (Nexus Dashboard Insights) service provides assurance, advisory, and troubleshooting capabilities to address the operational needs of networks in a data center.
This document describes the features, issues, and limitations for Nexus Dashboard Insights on Cisco Nexus Dashboard.
For more information, see Related Content.
Note: The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product.
Date |
Description |
November 5, 2021 |
Release 6.0.1 (6.0.1.41) patch became available. |
November 5, 2021 |
Release 6.0.1 (6.0.1.41) patch became available. |
September 14, 2021 |
Release 6.0.1 (6.0.1.23) became available. |
Feature |
Description |
Unified service |
Deploy a single tool with assurance, advisory, and troubleshooting capabilities to address your operational needs of prevention, diagnosis, and remediation. |
One View |
The One View feature in Nexus Dashboard Insights offers the functionality of a single pane of glass or a central point of operation for Nexus Dashboard Insights services. After configuring the clusters in Cisco Nexus Dashboard, you can access and perform all operations on a Site Group or a site using the One View function. |
Sites support |
Support for ACI and DCNM sites in the same Nexus Dashboard Insights instance. |
Add Sites or Upload Files to Site Groups and Run Assurance Analysis |
Allows you to add and manage sites in Site Groups and run Assurance Analysis for a site and for uploaded files. |
Explore |
Allows network operators to discover assets and their object associations in an easy-to-consume natural language query format. |
Delta Analysis |
Enables you to analyze the difference in the policy, run time state, and the health of the network between two snapshots. |
Import and Export of configurations |
Enables you import and export the configurations such as Site Groups, alert rules, compliance, flow rules, user preferences in Nexus Dashboard Insights. |
Firmware Upgrade Analysis |
Suggests an upgrade path to a recommended software version and determines the potential impact of upgrade impact. It also helps with the pre-upgrade and post-upgrade validation checks. |
Analyze Alerts |
Analyze Alerts provides a view into Anomalies and Advisories generated by Nexus Dashboard Insights. With this release you can configure the properties such as acknowledge an anomaly, assign an user, add a tag, add a comment, set verification status, on an anomaly. Using One-Click Remediation you can remediate an anomaly based on recommendations. |
Alert Rules |
Enables you to acknowledge all new detected anomalies that match the criteria and adjust the anomaly score accordingly. |
Netflow support |
Enables the network administrator to determine information such as source, destination, class of service, and causes of congestion. Netflow is configured on the interface to monitor every packet on the interface and provide telemetry data. |
sFlow support |
sFlow provides the visibility to enable performance optimization, an accounting and billing for usage, and defense against security threats. |
Flow Telemetry enhancements |
Allows users to see the path taken by different flows in detail. You can see the switches in the flow with the help of flow table exports from the nodes. All flows are monitored as a consolidated view in a unified pipeline for site types ACI and DCNM. |
Kafka support enhancements |
Export data collected by Nexus Dashboard Insights over Kafka and Email. |
Endpoints enhancements |
Endpoints displays time series information for the top nodes with number of endpoints that are varying. The Endpoints feature provides detailed analytics of endpoints learned in the site. With this release, support for searching deleted IP addresses is available. And filtering by hostname is also supported as a Beta feature. |
Interface enhancements |
This feature includes monitoring of nodes and interfaces in Cisco Nexus Dashboard Insights and site nodes. With this release, Switch Virtual Interfaces are supported in addition to physical ports, port channels, and vPCs . For vPC interface, logical neighbors information is displayed. |
Log Collector enhancements |
With this release, you can automatically upload the log files to Cisco Intersight Cloud after the log collection job is completed. |
Virtual Nexus Dashboard support |
Allows you to deploy Nexus Dashboard Insights service on Virtual Nexus Dashboard (vND). |
Beta feature – DNS Integration |
This is a Beta feature. We recommend that you use features marked as ‘Beta’ in your test environments but not in production deployments. The Cisco Nexus Dashboard Insights Domain Name System (DNS) integration feature enables the name resolution feature to telemetry data. DNS integration can be associated at the Site Group level or the Site level. |
This section lists the open issues in this release. Click the bug ID to access the Bug Search tool and see additional information about the caveat. The “Exists In” column of the table specifies the releases in which the issue exists.
Bug ID |
Description |
Exists In |
When there is no data coming from switches, topNodes API returns all nodes into the list as healthy with endpoint count as 0. |
6.0.1 |
|
Advisories are displayed for devices removed from the Site or Fabric. |
6.0.1 |
|
Fabrics with HW flow telemetry in disabled failed state cannot be upgraded. |
6.0.1 |
|
After downgrading the switch to 7.0(3)I7(8) version from 9.3.5 or above, telemetry is only partially configured on the switch. |
6.0.1 |
|
When a switch is removed from a fabric, flows records originating from that switch is displayed in Nexus Insights unless analytics feature configurations are removed. |
6.0.1 |
|
Flow Telemetry configuration is not removed from FX3S switch if the switch was running NX-OS release 9.3.7 with Flow Telemetry enabled and then upgraded or downgraded to NX-OS release 10.1. |
6.0.1 |
|
Flow Telemetry status becomes disable-failed due to filter rule modify operation if a switch in the fabric has bad credentials or connectivity issues. |
6.0.1 |
|
Aborted DAGs do not indicate that there is partial data in Nexus Dashboard Insights GUI. |
6.0.1 |
|
Duplicate endpoint Anomalies in Nexus Dashboard Insights. |
6.0.1 |
|
Assurance job is aborted if there is not enough CPU and memory resources available and if there are multiple jobs running at the same time. |
6.0.1 |
|
Inconsistency in counts from aggregate view to primary affected objects view for anomalies. |
6.0.1 |
|
A duplicate or redundant switch entry may be seen on Nodes page after upgrade of a switch whose hostname contains a period (.) in it (eg. switch1.abc). |
6.0.1 |
|
Tenant, VRF and EPG details will not be reported in Flow Browse or Details page if Q-in-Q flow is monitored using Netflow in Nexus Dashboard Insights. |
6.0.1 |
|
Site becomes "Disabled" or "Add Fail" and policies will not be pushed to the fabric when Nexus Dashboard Insights gets disabled and re-enabled or upgraded if the site goes down. |
6.0.1 |
|
Flow Telemetry status shows Disabled even after enabling it in Flow settings page. |
6.0.1 |
|
The total count of anomalies reported in the Overview > Dashboard's page for Alerts Summary, Anomalies Breakdown, and Top Nodes tiles sometimes do not match. |
6.0.1 |
|
The Netflow Collector IP addresses reported on the Configure Site Group Flows tab in Nexus Dashboard Insights are for Multi-cluster Connectivity primary Nexus Dashboard cluster IP addresses instead of the Site Group's own Nexus Dashboard cluster IP addresses. |
6.0.1 |
|
Selecting a time range of Last Week on the Interfaces Dashboard causes the browser to show a blank screen. |
6.0.1 |
|
Delta Analysis job fails intermittently. |
6.0.1 |
This section lists the resolved issues in this release. Click the bug ID to access the Bug Search tool and see additional information about the caveat. The “Exists In” column of the table specifies the releases in which the issue exists.
Bug ID |
Description |
Fixed In |
Retry to push configuration does not work if flow telemetry is in enabled state but software telemetry has failed. |
6.0.1 (6.0.1.23) |
|
In Cisco Nexus Insights only top 100 flows are displayed in the flow events anomaly analyze page. You are unable to view the remaining flow events. |
6.0.1 (6.0.1.23) |
|
MAC duplication endpoint anomaly does not get cleared. |
6.0.1 (6.0.1.23) |
|
EP records shows incorrect status. |
6.0.1 (6.0.1.23) |
|
When NX-OS version is upgraded, FTE configurations are not be pushed even if the upgraded NX-OS version supports FTE. |
6.0.1 (6.0.1.23) |
|
When you start a bug Scan, the History table is not updated and the Scan Now button is not disabled. |
6.0.1 (6.0.1.23) |
|
Metadata update task is not scheduled on app startup if the fabric is not enabled. |
6.0.1 (6.0.1.23) |
|
When you onboard a new site to Nexus Dashboard, the site does not appear in Nexus Insights UI. |
6.0.1 (6.0.1.23) |
|
Internal database system experienced out of memory. Streaming data will not be retrieved or saved after and during the time internal database component recovers completely and becomes stable. |
6.0.1 (6.0.1.23) |
|
Cisco Nexus Insights generated flow anomalies on DCNM cannot be streamed to remote Kafka broker. |
6.0.1 (6.0.1.23) |
|
Flow resource type anomalies are not exported to external Kafka server. |
6.0.1 (6.0.1.23) |
|
ACI FN-72145 is displayed for switch running standalone NX-OS in DCNM fabric. |
6.0.1 (6.0.1.23) |
|
When the Infrastructure is down, the job termination action cannot be completed and results in some Bug Scan jobs to be in the "in-progress" state. |
6.0.1 patch (6.0.1.41) |
|
Duplicate Bug-Scan or Best Practice jobs might get scheduled during Nexus Dashboard Insights upgrade. |
6.0.1 patch (6.0.1.41) |
|
fabricName is not mandatory in the add integrations API. |
6.0.1 patch (6.0.1.41) |
|
When fabric is disabled, corresponding collection from AppDynamics is not disabled. |
6.0.1 patch (6.0.1.41) |
|
Inconsistency in alert rules after importing data from an installation with more than 50 alert rules. |
6.0.1 patch (6.0.1.41) |
|
In Cisco Nexus Insights app, log collection fails on some nodes. |
6.0.1 patch (6.0.1.41) |
|
Egress node not identified for inter-site VXLAN traffic. |
6.0.1 patch (6.0.1.41) |
This section lists the known issues in this release. Click the bug ID to access the Bug Search tool and see additional information about the caveat. The "Exists" column of the table specifies whether the issue was resolved in the base release or a patch release.
Bug ID |
Description |
Exists In |
Under scale condition, when some of the flow records are either dropped in the switch or dropped in processing, partial paths will be displayed. |
6.0.1 |
|
VRF that is associated with the NSX-V flow may not be the correct VRF the NSX-V flow is taking in the fabric. |
6.0.1 |
|
Logical fabrics may show up in Cisco Nexus Insights. |
6.0.1 |
|
Stopping a recurrent bug scan in log collection phase does not stop the job immediately. |
6.0.1 |
|
Endpoint data is displayed for unsupported devices. |
6.0.1 |
|
Under scale condition, when some of the flow records are either dropped in the switch or dropped in processing, partial paths will be displayed. |
6.0.1 |
|
When Flow Telemetry is disabled while one of the switches is unreachable, the site goes into *Disable Failed* state. This is expected behavior. Following this condition, when the switch becomes available, if you enable Flow Telemetry, the ACL configurations get corrupted. |
6.0.1 |
|
For NX-OS version 9.3(7a), Nexus Dashboard Insights is supported on DCNM release 11.5(3) and later. For DCNM release 11.5(2) release, Nexus Dashboard Insights excludes those switches from analysis resulting in partial assurance analysis for the fabric. |
6.0.1 |
For Nexus Dashboard Insights compatibility information see the Services Compatibility Matrix.
Software/Hardware |
Release |
Minimum Cisco NX-OS version required for Software Telemetry |
7.0(3)I7(6), 8.4(2) |
Minimum Cisco NX-OS version required for Software and Hardware Telemetry |
7.0(3)I7(8), 9.3(2), 10.1(1), 10.2(1) |
Minimum Cisco NX-OS version required for Host Flow Overlay |
9.3(4), 10.2(1) |
Minimum Cisco NX-OS version required for Micro-Burst, Endpoint Analytics, and Multicast Protocols |
9.3(4) |
Minimum Cisco NX-OS version required for Modular Hardware Telemetry |
9.3(4) |
Minimum Cisco NX-OS version required for Connectivity Analysis |
9.3(7a) |
Minimum Intersight Device Connector version on Cisco Nexus Dashboard |
1.0.9-828 |
Cisco Device supported for Host Flow Overlay |
Cisco Nexus 9000 -FX, -FX2, -FX3, and -GX platform switches |
Cisco Devices supported for Flow Telemetry Events |
Cisco Nexus 9000 -FX, -FX2, -FX3, and -GX platform switches and 9700 -FX line cards |
Cisco Device supported for Flow Telemetry |
Cisco Nexus 9300-EX, -FX, -FX2, -FX3, and -GX platform switches and 9500-EX and FX |
Cisco Device supported for Software Telemetry |
● Cisco Cloud Scale ASIC devices ● Cisco Nexus 7000 series switches: N77-C7710 or N77XX, N7K-C7009, N7K-C7010 or 70XX ● Cisco Nexus 3000 series switches: Nexus 3100-XL series, Nexus 3100-V series, Nexus 3200 series, Nexus 3400 series, Nexus 3500-XL series ● Cisco Nexus 9504 and 9508 with -R and -RX lines cards: ● N9K-X96136YC-R, N9K-C9508-FM-R, N9K-C9504-FM-R, N9K-X9636C-R, N9K-X9636C-RX ● Cisco Nexus 3600 platform switches: N3K-C3636C-R, N3K-C36480LD-R2, N3K-C36180YC-R ● Cisco Nexus 9300-GX, 9300-FX3 and platform switches |
Cisco Device not supported for Software Telemetry |
● Cisco N3K-C3408-S, N3K-C3432D-S, N3K-C34200YC-SM, N3K-34180YC, and N3K-3464C switches ● Cisco N3K-C3464C, N3K-C34180YC, N3K-C3408S, N3K-C34200YC-SM, N3K-C3432D-I |
Micro-Burst support |
See Supported Platforms for details. |
Arista EOS |
4.21 |
Arista Device Supported |
Arista 7050SX and 7280SR platform switches |
Note: Flow Telemetry data will consume 6MB for 10K IPv4 flows per node. Flow Telemetry data will consume 12MB for 10K IPv6 flows per node.
Software/Hardware |
Scale Limits |
Maximum number of nodes supported in a site in managed mode |
150 |
Maximum number of nodes supported across all sites |
350* * For total number of nodes greater than 150 across all sites, we recommend upgrading to Nexus Dashboard Insights release 6.2.1 |
Maximum support for a 3-node Cisco Nexus Dashboard cluster |
Site with 50 nodes, 60000 Endpoints per Site Group, and 10000 Flows |
Maximum support for a 6-node Cisco Nexus Dashboard cluster |
Site with 350 nodes, 60000 Endpoints per Site Group, 20000 Flows, and 300000 logical rules |
Maximum support for a 6-node Cisco Virtual Nexus Dashboard (vND) cluster |
Site with 50 nodes, 5000 Endpoints per Site Group, 2500 Flows, and 100000 logical rules |
Rollup and Retention Numbers for Nexus Dashboard Insights Telemetry
Nexus Dashboard Insights implements a multi-level roll-up strategy for the telemetry streamed that enables better management of the data. The following table provides information about roll-up and retention policy in Nexus Dashboard Insights release 6.0.1.
Statistics Name |
Granularity (Time difference between sample points) |
Retention proposed for Nexus Dashboard Insights |
Interfaces and Protocols Statistics and Error Counters |
1 minute |
3 days |
|
5 minutes |
7 days |
|
3 hours |
30 days |
Resources and Environmental Statistics |
5 minutes |
7 days |
|
3 hours |
30 days |
Integrations Statistics (AppDynamics) |
5 minutes |
7 days |
|
3 hours |
30 days |
Anomalies and Advisories |
On-event* |
30 days |
Microburst |
On-event* |
7 days |
Endpoints History** |
On-event* |
7 days |
Events |
On-event* |
15 days |
Flows and Flow Telemetry Events |
- |
7 days |
Delta Analysis |
- |
30 days |
*On-event: The data is sent from the switch or stored in the database only if the state of the object has changed.
** Endpoint History tracks the moves and modifications of an endpoint for last 7 days.
Usage Guidelines and Limitations
This section lists the usage guidelines and limitations for Cisco Nexus Dashboard Insights:
● Telemetry for hardware TCAM utilization, such as forwarding TCAM and ACL TCAM are not supported on Cisco Nexus C9504, C9508, and C9516 platform switches.
● Software Telemetry telemetry should be enabled before enabling Hardware Telemetry.
● Nexus Dashboard Insights checks for metadata update every hour. However, there may not be an update every time.
● After metadata update you need to run manual bug scan to reflect PSIRTs.
● The Hardware Resources tab in System Resource Utilization Dashboard is not supported for Cisco Nexus 7000 series switches. The hardware resources do not have a direct mapping to the objects that show in Nexus Dashboard Insights. The command that shows hardware details does not provide the percentage of entries used and the maximum number of entries allocated for a particular feature. Nexus Dashboard Insights does not raise the anomalies and details page for any resource in Hardware Resources tab for Cisco Nexus 7000 series switches.
● The features supported on Cisco Nexus 7000 series switches includes Environmental, Statistics, and Resources.
● The features not supported on Cisco Nexus 7000 series switches includes Endpoint Analytics, Multicast, Microburst, CDP statistics protocol, and hardware resource statistics such as COPP, HRT, LPM, QoS, and ACL.
● The features supported on Cisco Nexus 3000 series switches includes Environmental, Statistics, and Resources.
● The features not supported on Cisco Nexus 3000 series includes Endpoint Analytics, Multicast, and Microburst.
● The IGMP and IGMP Snoop multicast statistics protocols are supported only on Cisco Nexus 9000 series switches.
● The IGMP and IGMP Snoop multicast statistics protocols are not supported for the following:
◦ Cisco Nexus 3000 and 7000 series switches.
◦ Cisco N9K-X9636C-R, N9K-X9636Q-R, N9K-X96136YC-R, and N3K-C3636C-R line cards.
● Nexus Dashboard Insights does not support BGP PrefixSaved statistics on the following:
◦ Cisco Nexus 3000, 7000, and 9000 platform switches.
◦ Cisco N9K-X96136YC-R, N9K-X9636C-R, N9K-X9636Q-R, and N3K-C3636C-R line cards.
● After enabling Nexus Dashboard Insights on a fabric and adding a group of switches together to the fabric, DCNM sends notification for the newly added switches. When Nexus Dashboard Insights tries to program the newly added switches, DCNM can be potentially finishing the switch discovery for these switches. In this case, the Nexus Dashboard Insights operation fails on the switches. The failed operations should be retried with retry facility in Nexus Dashboard Insights.
● For virtual Nexus Dashboard (vND), you must provision the underlying HOST with Distributed Virtual Switch and not with a Standard Virtual Switch.
● Nexus Dashboard Insights release 6.0.1 supports Kafka export for Flow anomalies. However, Kafka export is not currently supported for Flow Event anomalies.
● Flow telemetry is supported in -FX3 platform switches for the following NX-OS versions:
◦ 9.3(8) and later
◦ 10.1(2) and later
◦ Flow telemetry is not supported in -FX3 platform switches for NX-OS version 10.1(1).
● The following behaviors are observed for Nexus Dashboard Insights release 6.0.1 on Cisco Nexus Dashboard with DCNM release 11.5(2).
◦ Timeout is observed during import of large number of VRFs or networks into Nexus Dashboard Orchestrator template in the DCNM release 11.5(2)
◦ You cannot add IPv6 static route using DCNM UI in DCNM release 11.5(2).
◦ If there is an inactive switch in the fabric there is a delay in deploying configuration on the switch.
◦ In large setups, in managed mode, configuration deployment from the Nexus Dashboard Insights service could take an hour or more to finish.
◦ When some IPv6 Flow rules are set on Nexus Dashboard Insights, DCNM Configuration Compliance may display a persistent diff.
The Cisco Nexus Dashboard Insights documentation can be accessed from the following website:
https://www.cisco.com/c/en/us/support/data-center-analytics/nexus-insights/series.html
The documentation includes installation, upgrade, configuration, programming, and troubleshooting guides, technical references, and release notes, as well as other documentation.
Document |
Description |
Cisco Nexus Dashboard Insights Release Notes for Cisco DCNM |
This document. |
Cisco Nexus Dashboard Insights Deployment Guide |
Describes how to install and upgrade Nexus Dashboard Insights. |
Cisco Nexus Dashboard Insights User Guide for Cisco DCNM |
Describes how to use Nexus Dashboard Insights. |
To provide technical feedback on this document, or to report an error or omission, send your comments to ciscodcnapps-docfeedback@cisco.com.
Legal Information
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
© 2021-2022 Cisco Systems, Inc. All rights reserved.