Network Query Engine (NQE) by Forward Networks provides information about the network as JSON data in a fully-parsed form. The information is normalized and presented uniformly across devices from different vendors. The exported data structures are standards-aligned with OpenConfig (details below), and all data is available through a GraphQL API as well as custom verification checks directly in the Forward Enterprise browser-based interface (In-App NQE Checks).
This repository helps you get started with the In-App NQE Checks.
Please check out this blog post for more information on NQE and this GitHub repo for some examples based on the GraphQL API.
As stated above, In-App NQE Checks augments NQE by enabling IT teams to create custom verification checks using the NQE data model, directly in the Forward Enterprise browser-based interface.
Following you can find a screenshot from the Forward Enterprise GUI with a simple query to find every interface whose admin status is UP but operational status is not UP.
Moreover, In-App NQE Checks, allows to build custom verification checks even for device configuration and state data that is not fully parsed and normalized by providing an easy way to match patterns in the configuration files. This new capability is very important for use cases like vendor specific information or for data that is not published on NQE [yet]. Check the In-App Device Config Checks Examples section for some examples.
In-App NQE Checks can be saved in the Forward Enterprise platforms and verified every time a new network collection is taken, as with any other Verification Check.
In this section you can find some examples based on fully parsed and normalized NQE data.
- Find every interface whose admin status is UP but operational status is not UP
- Find IPv4 summary routes that are not in a specific allowed list
- Find loopback interfaces assigned subnets bigger than /32
- Find connected interfaces that have mismatched MTU settings
- Find duplicate IP addresses within a VRF
- Find all devices no running latest certified software
- Find interface with no description, except loopbacks
In this section you can find some examples based on no fully parsed and normalized data from device configuration files.
- Cisco Field Notice: FN - 70489 - PKI Self-Signed Certificate Expiration in Cisco IOS and Cisco IOS XE Software
- Find disallowed enabled features on Cisco NX-OS devices
- Find all static null routes on Cisco NX-OS devices
- Find all interface speeds slower than 1Gbps on Cisco NX-OS devices
We would love to see new examples from you!!
Your contribution will help other customers and hopefully encourage them to contribute back.
Moreover, you'll get the chance to have your check[s] published to the official Forward Networks documentation with your name as the author :)
Please contribute by:
- Fork this repository
- Duplicate the template.md file in the examples directory and give it a meaningful name
- Add a query result screenshot in the images directory and name it in-app-nqe-checks-example-< example title >.png
- Update all the info in square brackets in the newly created .md files
- Add the example to the appropriate table in the README.md file
- Send a pull request
- Wait [for a short time] to hear from us or see it published in this repository
Thanks!!
@AndreasVoellmy or use the project GitHub issues.