Cisco SDWAN Netscan and Netflow
Hey all,
I was poking around the forums and documentation and couldn't find a concrete answer on this so I'm turning to the masses.Essentially, we are in the middle of converting hundreds of sites to Cisco SDWAN. We also add new facilities quite regularly. We are leveraging the prewritten Netscan to ingest data from vManage's API (https://www.logicmonitor.com/support/cisco-catalyst-sd-wan-monitoring)
What I've only just noticed is that every time this runs, it's essentially wiping all inherited properties (which just get reapplied by the groups), as well as disabling netflow (so seems to basically be defaulting the device). I was periodically running a python script to enable this via the API, but due to the constant changes in our environment I have the netscan running every night. I needed to check Netflow for a device, and realized it was disabled. Turned it back on, next day disabled again. So I came to realize the netscan was clearing settings off the devices.
I saw this lovely feature request, but it seems like it was never implemented. You can view Netflow at a group level, but not bulk enable.
Enable/disable Netflow at group level | LogicMonitor - 2778
I've also tried modifying the netscan to export the appropriate settings, but it doesn't seem to modify the system ones other than categories. I've seen some posts about modifying the agent.conf file and being able to use a datasource to then set these properties, but the comments made it seem like a dangerous workaround that could break at anytime. With this being over a thousand and growing routers, I risk eventually being hit by the API Rate Limit fixing them all every night via API.
I'm currently in the process of testing a short term workaround of skipping a device with the existing findDuplicate logic, but it'd be nice for it to just work.
Anyway, tl;dr; does anyone have a reasonable way to automatically enable Netflow, or prevent a netscan from turning it off?