Overview

Augtera software is comprised of many micro-services working together in a distributed fashion. Software is packaged as a single unit via Augtera Installer. Augtera Installer is a small executable, less than 100 Kbytes in size, that can be downloaded from Augtera's Cloud or can be delivered via email.

The Augtera software is a distributed real-time application with six primary functional blocks.

1. Ingestion: Services interact with external entities for ingesting data and normalizing data for further processing. For e.g., SNMP Pollers or SFlow collectors

2. Object Modeling: Services create a rich relationship graph from ingested data. For e.g., BGP peering among a set of devices from SNMP Polling.

3. Data Enrichment: Services process normalized data from ingestion and add more attributes to normalized data in real-time. For e.g., enrichment of a syslog with a device role such as Top-of-Rack.

4. Machine Learning: Services apply various ML algorithms on enriched data. For e.g., NLP on syslogs for finding Zero Day Anomalies

5. Data Storage: Services persist data from Object Modeling, Data Enrichment and Machine Learning for both historical and real-time needs.

6. Presentation: Services interact with external entities for event notifications and to allow persisted data to be consumed. For e.g., ticket creation in ServiceNow for a Zero Day Syslog anomaly

Augtra stack is made up of two stacks that are referred to as the collector stack and the platform stack.

Collector Stack

The collector stack is a collection of services responsible for ingesting data. Data ingestion is either pull based (SNMP for example) or push based (syslogs for example). Collector stack is deployed at a location with access to data. For example, if data to be ingested is via SNMP, then collector stack would need network access to devices being polled. If data to be ingested is from Kafka, collector stack would need access to Kafka brokers.

The collector stack is lightweight in terms of CPU, memory and disk requirements and a small Linux instance is sufficient even for ingesting large amounts of data. For e.g., 8 CPU Linux host is sufficient to ingest over 100 million syslogs an hour.

Platform Stack

The platform stack is a collection of services that implement all above mentioned functional blocks other than ingestion. Platform stack can either be co-located with collector stack or not. For e.g., a collector stack deployed on-premise to poll SNMP and platform stack deployed as a SaaS service.

Deployment Models

Deployment of Augtera stack is done by executing the installer on a Linux cluster. Sizing of the cluster is later discussed in this section but horizontal scaling allows cluster to be expanded as needed, thereby allowing to start with just one Linux host.

There are two deployment models for deploying Augtera stack:

Unified: Both collector and platform stack are co-located. Both stacks can be deployed in a co-located manner either on-premise or in the cloud.

Hybrid: Collector and Platform stack are not co-located. Collector stack can be deployed on-premise and platform stack can be deployed at another on-premise location or in the cloud.

Installation of either stack is done by executing the installer. There is specific installer for each deployment model. Installer also comes with Augtera Service Orchestration (SVM) that allows the stack to be managed easily on the Linux cluster. Other than stack bring up and down functions, SVM has many other functions such as point upgrade of a service.