Frequently Asked Questions (FAQ)

This page answers common questions about Riverbed Console. It is intended for evaluators and new users who need short answers and pointers to full documentation. Each section gives a brief answer, optional detail, and links to related topics.

Quick links

General

What is Riverbed Console?
What is the release schedule? How frequently will Riverbed Console deliver new capabilities?
Which NPM (Network Performance Monitoring) products are supported with Riverbed Console?
Does Riverbed Console support third-party integration?
Does Riverbed Console learn from the customer environment?
What is the Edge? Do I need it?
Where do I configure analytics and thresholds?
How do I add or manage users and access?

Data and customization

What are the implications of moving data from on-premises data sources to Riverbed Console SaaS (software as a service)?
What data is streamed from NPM products into the Analytics Pipeline?
What data is available for automated investigation?
Is it possible to customize the data processed by Riverbed Console?
Why do I have to choose Riverbed AppResponse or Riverbed NetProfiler for application metrics? Can I use both?
My data source will not connect or I get an authentication error. What do I do?

Automation and runbooks

How many runbooks are included, and can customers create their own?
What skills are needed to build a runbook?
How do I mute or suppress incidents for certain applications or locations?

Security

Does Riverbed Console allow a user to self-service a password reset?
What security standards does your SaaS meet?
What protocol is used for communication to the Edge and from the Edge to the SaaS?

General

What is Riverbed Console?

Riverbed Console is Riverbed Technology's AIOps SaaS (software as a service): unified observability with a data analytics pipeline and automation Automated procedures that are executed as the result of a trigger. Automations consist of a single entry point and a sequence of connected nodes that define the processing logic. that surfaces critical issues and automates investigations. It brings together Riverbed AppResponse, Riverbed NetProfiler, Riverbed NetIM, Aternity, NPM+, and related products under one platform.

See also: Console Overview

What is the release schedule? How frequently will Riverbed Console deliver new capabilities?

Riverbed Console is a SaaS (software as a service) solution. The platform receives updates on a regular basis so capabilities can evolve quickly without customer upgrades.

Which NPM products are supported with Riverbed Console?

Supported NPM (Network Performance Monitoring) data sources A product in your network that forwards data to the system. This data can be streaming data used to detect anomalies and generate incidents, or data that can be fetched on demand when runbooks are executed. include Riverbed NetIM (min 2.6.1), Riverbed NetProfiler (min 10.24.2), Riverbed AppResponse (min 11.12), and Aternity. Riverbed IQ Ops supports the three most recent data source release versions. There are no hardware requirements, only software version. You must install Riverbed Edge to connect on-premises data sources to the SaaS.

See also: Adding a Data Source (supported data source versions table), Console Overview

Does Riverbed Console support third-party integration?

Yes. The platform supports two mechanisms: webhooks (third-party tools call the platform API Application Programming Interface. A set of protocols and tools that allows different applications to communicate with each other, enabling runbook execution and data retrieval from external systems. to run a runbook) and HTTP Request nodes Individual components that make up a runbook automation, each performing a specific function such as data queries, transformations, logic, integrations, or visualizations. in runbooks (the platform calls third-party APIs during an investigation). This gives flexibility without locking you into specific integrations. Professional Services can use the APIs to build additional integrations.

Does Riverbed Console learn from the customer environment?

Yes. The platform learns in three ways: from key metrics A measurement or data point that is monitored and analyzed to detect anomalies and generate incidents. streamed from data sources A product in your network that forwards data to the system. This data can be streaming data used to detect anomalies and generate incidents, or data that can be fetched on demand when runbooks are executed. (entities and data shape), from the analytics pipeline (what is normal and when to raise incidents A collection of one or more related triggers. Relationships that cause triggers to be combined into incidents include application, location, operating system, or a trigger by itself.), and from runbooks An automated workflow that executes a series of steps or tasks in response to a triggered event, such as the detection of anomalous behavior generating an incident, a lifecycle event, or a manually executed runbook. that gather context and can be customized. Baseline-based metrics need about two days to build a daily-seasonal model and 14 days for a weekly-seasonal model. Until then, detection for those metrics will vary.

What is the Edge? Do I need it?

Riverbed Edge is the component you deploy in your network (or cloud) to act as the data broker between Riverbed IQ Ops SaaS and your on-premises NPM products (such as Riverbed NetIM, Riverbed NetProfiler, and Riverbed AppResponse). You need it to connect those data sources A product in your network that forwards data to the system. This data can be streaming data used to detect anomalies and generate incidents, or data that can be fetched on demand when runbooks are executed. to the platform. The SaaS does not connect directly to your on-premises systems. You deploy it on a customer-owned VM (AWS, Azure, or VMware ESXi) using a shared responsibility model.

Where do I configure analytics and thresholds?

Open the Analytics & Threshold Configuration page from the main menu: IQ Ops > Management > Analytics & Threshold configuration. There you enable or disable policies per metric and tune algorithm settings (threshold values, baseline parameters, dynamic threshold, and so on) for network devices, network interfaces, applications, and application activities.

How do I add or manage users and access?

Use the User Management page to specify authorized domains and invite users. Open the main menu, go to IQ Ops > Management, then open User Management from the management menu. Access depends on the authentication option your organization uses (Azure B2B, Microsoft Account, or one-time passcode).

See also: User Management

Data and customization

What are the implications of moving data from on-premises data sources to Riverbed Console SaaS?

Most data stays in your data sources A product in your network that forwards data to the system. This data can be streaming data used to detect anomalies and generate incidents, or data that can be fetched on demand when runbooks are executed.. The data is not moved to SaaS. The platform streams only a small subset: key measurements (compressed and encrypted) and targeted data that runbooks request during investigations. That amounts to negligible traffic volume.

What data is streamed from NPM products into the Analytics Pipeline?

NPM data sources A product in your network that forwards data to the system. This data can be streaming data used to detect anomalies and generate incidents, or data that can be fetched on demand when runbooks are executed. stream a preconfigured set of high-value metrics A measurement or data point that is monitored and analyzed to detect anomalies and generate incidents. (key measurements) that drive incidents A collection of one or more related triggers. Relationships that cause triggers to be combined into incidents include application, location, operating system, or a trigger by itself. and runbooks. The table below is a quick reference by data source and entity Things deployed in the customer environment that are needed to run the business, such as applications, devices, interfaces, and locations.. For full notes (e.g. User Response Time, Throughput, Client Location), see the Data Sources page.

Data Source Type	Entity	Key Measurement (streamed metric)
Riverbed NetProfiler	Application / Client Locations	User Response Time¹
	Application / Client Locations	MoS
	Interface	In Utilization
	Interface	Out Utilization
Riverbed AppResponse	Application / Client Location	User Response Time¹
		Throughput²
		% Retrans Packets
		% Failed Connections
Riverbed NetIM	Device	Device Status
	Device	Device Uptime
	Interface	Interface Status
		In Packet Error Rate
		Out Packet Error Rate
		In Packet Drops Rate
		Out Packet Drops Rate
		In Utilization
		Out Utilization
Aternity	Application / Client Location³	Activity Network Time
		Activity Response Time
		Page Load Network Time
		% Hang Time

Notes:

1 – User Response Time: Riverbed NetProfiler uses an approximation that does not include connection setup time; Riverbed AppResponse includes it. User Response Time is only processed for named applications (e.g. excludes ICMP, SNMP, TCP_Unknown, UDP_Unknown). For definitions, see metric definitions.

2 – Throughput: Monitored only for VoIP-related applications (VOIP, SIP, RTP).

3 – Client Location: Aternity City/Country/State.

What data is available for automated investigation?

Runbooks can query all connected data sources A product in your network that forwards data to the system. This data can be streaming data used to detect anomalies and generate incidents, or data that can be fetched on demand when runbooks are executed. (NPM products and integrated third-party tools) for metrics A measurement or data point that is monitored and analyzed to detect anomalies and generate incidents., properties, and attributes. Data Query A runbook node category that gets data about the trigger and forwards it to other nodes in the runbook for further processing. nodes Individual components that make up a runbook automation, each performing a specific function such as data queries, transformations, logic, integrations, or visualizations. and HTTP Request nodes (or integration subflows) retrieve the specific data needed for each investigation.

See also: Runbooks (Data available to runbooks), Data Sources page

Is it possible to customize the data processed by Riverbed Console?

The platform preconfigures key measurements (streamed into analytics). You cannot change them. What runbooks query is customizable: Data Query nodes let you choose metrics, entities Things deployed in the customer environment that are needed to run the business, such as applications, devices, interfaces, and locations., and time ranges from NPM sources. HTTP Request nodes and integration subflows let you pull in third-party data.

See also: Data Sources page (What you can customize), Data query properties - Filters, Integrations Library Page

Why do I have to choose Riverbed AppResponse or Riverbed NetProfiler for application metrics? Can I use both?

When both Riverbed AppResponse and Riverbed NetProfiler feed the same Edge, they can send the same application-location metrics A measurement or data point that is monitored and analyzed to detect anomalies and generate incidents. (e.g. User Response Time) for the same entities Things deployed in the customer environment that are needed to run the business, such as applications, devices, interfaces, and locations., but the two products compute those metrics differently. Using both at once would produce conflicting values and inconsistent incidents A collection of one or more related triggers. Relationships that cause triggers to be combined into incidents include application, location, operating system, or a trigger by itself.. The Preferred Data Source setting tells the platform which system to use for application-location metrics. The platform uses only that source for streaming and anomaly An unexpected event or measurement that does not match the expected model. detection One or more indicators that are correlated and may act as a trigger for incident creation or runbook execution.. You cannot use both for application metrics at the same time. Runbooks can still query both sources for all metrics and properties.

My data source will not connect or I get an authentication error. What do I do?

Check that the data source meets the supported version requirements, that you have configured it correctly in its own UI (user, role, host groups as needed), and that the credentials and hostname you entered when adding it to the Edge are correct. For authentication failures, connectivity issues, and other connection problems, see Troubleshooting data source connections.

Automation and runbooks

How many runbooks are included, and can customers create their own?

Riverbed IQ Ops includes built-in incident runbooks for Device Down, Multi-Device Down, Interface Performance, and Application Location Performance. The platform also provides built-in subflows. There are no built-in runbooks for lifecycle, webhook, or on-demand. You create those as needed. Customers can create, duplicate, edit, and import/export runbooks. Only one runbook can be active per trigger at a time (e.g. one incident runbook per trigger type). The platform does not limit the number of runbooks. Licensing applies to runbook execution.

What skills are needed to build a runbook?

You build runbooks in a graphical Runbook Editor: you drag nodes Individual components that make up a runbook automation, each performing a specific function such as data queries, transformations, logic, integrations, or visualizations. from a palette, configure each one, and connect them into workflows. Nodes range from no-code/low-code (data queries, logic, visualizations) to more advanced (e.g. HTTP Request for third-party APIs). Experienced troubleshooters who gather debug data from network sensors or via APIs can typically build runbooks without coding.

How do I mute or suppress incidents for certain applications or locations?

Use the custom properties Mute App and Mute Apps at Location. From the Explorer page for applications An entity type representing software applications deployed in the customer environment that are monitored for performance and anomalies. or locations An entity type representing physical or logical locations in the customer environment where entities are deployed and monitored., select the row or open the Details blade and click Set Custom Property. Set the mute property so that the platform does not generate incidents A collection of one or more related triggers. Relationships that cause triggers to be combined into incidents include application, location, operating system, or a trigger by itself. for that application or location. You can apply it to selected entities or to all entities in the current search results.

Security

Does Riverbed Console allow a user to self-service a password reset?

Riverbed Console does not store user passwords. Your organization handles authentication via Azure B2B (your Azure AD when enrolled in Office 365), Microsoft Account (password reset via Microsoft User Portal when B2B is not used), or one-time passcode (email sent to the configured address when neither of the above applies).

What security standards does your SaaS meet?

Riverbed Console holds ISO/IEC 27001 certification (information security management) and SOC 2 Type II (security, availability, processing integrity, confidentiality, and privacy). For details and copies, see Trust Center. Direct security questions to the Riverbed Console SME team and product management.

What protocol is used for communication to the Edge and from the Edge to the SaaS?

Communication uses a variety of channels and protocols depending on what the Edge connects to. For the specific protocols (e.g. HTTPS, ports, DNS targets), see Firewall Rules.