SNMP discovery import

SNMP discovery allows for both the import of new Assets from a specific network and the enrichment of inventory data for Assets (already stored in the WOCU-Monitoring monitoring database) through discovery conductedusing the SNMP protocol.

Note

SNMP (Simple Network Management Protocol) is a protocol that allows the management and collection of data and information from different Hosts connected to a network.

There are two possible tasks that operate through SNMP data discovery for the incorporation of Assets: SNMP_Import task and SNMP_Inventory Task.

../../_images/4_015_import-tool_tasks_snmp-tasks-selector_0-36.jpg

SNMP_Import task

The different fields that the user must fill in for the configuration of this new Task are detailed below, one by one:

../../_images/4_016_import-tool_tasks_snmp-import_0-58.png

Realm Name

This field is not editable and indicates the name of the Realm that is the subject of the Import Task.

Task Type

This field indicates the Task Type that will be generated. It is the first selectable field in the dropdown menu and influences the remaining fields.

If a different Task type is selected before saving the changes, the data entered in the other fields will be lost.

Name

The field contains the name chosen by the user to identify the New Task created.

Enabled

Checking this box enables and activates this New Import Task for its next execution.

By default this option is enabled.

Interval

By means of this drop-down menu it is possible to choose how often the Asset Import of this New Task will be executed. The possible options available are:

  • Task executed daily (Every 1 days).

  • Task executed every second (Every 1 second).

Contrab

An alternative option to set the frequency at which the Task will be executed. Its configuration is done using the Crontab format, providing greater flexibility for more specific use cases.

Expand on information about defining execution periods aquí.

Help Information about SNMP Scanning

Next, the creation form provides instructions on how the discovery of devices and their properties works through SNMP scanning.

Discover hosts and its properties via SNMP scan.

You can perform a scan for list of networks
(CIDR format and comma separated). For example:
networks = 192.168.1.0/24, 192.168.5.0/24

Or a list of single ip addresses (comma separated):
networks = 10.0.0.6, 10.0.0.8, 10.0.0.9

Or a combination of both methods:
networks = 192.168.1.0/24, 10.0.1.5

Networks list

In this field the user shall enter the network(s), IP address(es) where WOCU will perform the scan for Import Assets.

WOCU-Monitoring will first locate the active Hosts within the network or user-supplied addresses and then retrieve the information from them via the SNMP protocol.

As explained in the Instructions section above, network addresses, if using the CIDR (Classless Inter-Domain Routing) format, must be accompanied by the network address with subnet mask. Examples: 192.168.0.0/16 (subnet mask 255.255.0.0), 192.168.11.0/24 (subnet mask 255.255.255.0), etc.

To enter multiple networks, the networks must be entered separated by commas. Continuing with the example: 192.168.0.0/16, 192.168.11.0/24.

It is also possible to enter one or more unique IP addresses, separated by commas. Example: 192.168.3.11, 192.168.3.14.

SNMP Community

This must contain the SNMP Community, which is a text string that is used as a password to access the found Hosts and obtain the information to be imported into WOCU-Monitoring.

SNMP Security_name

Security name or user name. Only for SNMP protocol version 3.

SNMP Auth_protocol

Type of authentication. Can be MD5 or SHAv3. Only for SNMP version 3 protocol.

SNMP Auth_key

Key for authentication. Only for SNMP protocol version 3.

SNMP Priv_protocol

Authorisation type. Can be AES or DESv3. Only for SNMP version 3

SNMP Priv_key

Authorisation key. Only for SNMP protocol version 3.

SNMP Security_level

Security level. It is possible to use neither authentication nor authorisation (noAuthNoPriv); only authentication (authNoPriv) or authentication and authorisation (authPriv). Only for protocol SNMP version 3

SNMP Context

SNMP context name. Only for SNMP protocol version 3.

Attention

Depending on the protocol version, the Community varibale or the previous SNMP v3 own authentication variables will be used.

Scan active and pending assets

This option allows you to select whether SNMP discovery will also be applied to the Assets already inventoried in WOCU and contained in its databases (either in Monitored Assets or in Pending Assets). The option is useful in order to keep WOCU’s information about the Hosts and their Services up to date. For example, in this way WOCU will add new hardware to the Services of a Host (for example, a hard disk of a server or an extra module in the chassis of a switch).

Scan Timeout

This field sets the time in seconds that WOCU will stop SNMP interrogation of a Host if no response is found.

Discover_geocoordinates

This option enables the discovery of the geographical coordinates of the Host. If the Host has the coordinates in its configuration (location) WOCU will search for them to represent the Host in its Geomap.

Attention

As the option information warns, it should be noted that the Task execution time will increase significantly if you enable this option. Also, WOCU requires Internet access to complete this operation.

Store _IFACES_BYNAME macro

This option shall store discovered Host interfaces with the interface name set by the user on the Host itself and not with the Interface Index.

Poller tag

In distributed environments there are machines (Pollers) that take care of discovery tasks and execution of checks for the evaluation of operational states, applied on a set of receiving Hosts. By defining a tag in this field, it is configured which Poller will be responsible for the newly imported Hosts, i.e. it will be in charge of sending checks and discoveries to each Host in question.

A Host to monitor with a poller_tag defined, will only use the Pollers tagged with the same tag, and never other Pollers with a different tag or none at all. In conclusion, it is necessary that both parties (Host-Poller) share the same tag.

Note

The label construction will be carried out from the internal configuration of the machine/Poller itself.

Excluded networks list

In this field the user must enter the network, networks, IP address or IP addresses, which he/she wants to exclude from SNMP scanning for the import of Assets.

As explained in the network address instructions, if using the CIDR (Classless Inter-Domain Routing) format, the network address must be accompanied by a subnet mask. Examples: 192.168.0.0/16 (subnet mask 255.255.0.0), 192.168.11.0/24 (subnet mask 255.255.255.0), etc.

It is possible to enter one or more unique IPs or networks, separating each element by commas. Example: 192.168.3.11, 192.168.3.14 or 192.168.0.0/16, 192.168.11.0/24.

Attention

This entry takes precedence over the Scan active and pending assets field, i.e. any excluded network or IP address will not be enriched with updated values resulting from the SNMP scan of Assets already inventoried in WOCU, even if this action is enabled.

Filter interfaces regexp

Field intended for filtering by type of interface discovered. Remember that this task is able to discover the network interfaces associated to each Host and add them as ready to monitor without human intervention.

To do this, a regular expression (regexp) is used to aggregate the discovered interfaces that match the expression. A simple string or complex regular expressions can be used (see the python documentation for reference).

Note

Note that these expressions will be case-insensitive to facilitate filtering.

The field against which the check is performed is the alias (ifAlias) of the interface. If the alias is not defined, the description (ifDescr) is used instead.

This functionality is really useful for e.g. discovering only the WAN interfaces (if the equipment administrator has set an appropriate alias for each interface).

Examples of search expressions, from simpler to more complex:

Intel
(Fast|Giga)Ethernet
.*WAN.*/\d+/\d+

The regular expression must be valid, otherwise the form itself will do the corresponding validation.

../../_images/4_016a_import-tool_tasks_snmp-import-interfaces-invalid_0-36.jpg

Filter interfaces status

Field for filtering discovered interfaces according to their operational and management status.

../../_images/4_016b_import-tool_tasks_snmp-import-filter-interfaces-status_0-36.jpg

Network interfaces can achieve the following management states:

  • Up: ready to transmit packets.

  • Down: no operational.

  • Testing: In test mode, packets cannot be transmitted.

And in the following operating statements, in addition to the management statements above:

  • Unknown: the status cannot be determined for some unknown reason.

  • Dormant: the interface is waiting for external actions.

  • Not Present: some component is not present, typically due to a hardware problem.

  • Lower Layer Down: not operational due to the state of another interface on which it depends.

Important

When applying the filter, the operation status takes precedence over the administration status as it is a more specific status.

Overwrite simple macros

This option allows you to enable or disable the updating of the simple macros of the Assets. By default this option is enabled.

Overwrite complex macros

This option allows you to enable or disable the updating of the complex macros of the Assets. By default this option is disabled.

Attention

Macros are elements that WOCU uses internally to store properties and information of the monitored Assets.

A simple macro stores a single value. An example of a simple macro is “_DEVICEVENDOR”, a macro that stores as a value the name of the manufacturer of the Host. For example for a Cisco switch this example macro would have the value:

DEVICEVENDOR: Cisco.

A complex macro, on the other hand, can store a multitude of values within a table. An example of a complex macro is “_IFACES”, a macro that stores all the data of the ports and network interfaces of a Host. For example for a Cisco switch this example macro would have the value:

_IFACES:Fa0/0$(1)$$(1)$$(0)$$(0)$$(m)$,Fa1/1$$(4)$$(0)$$(0)$$(m)$, WAN_CPD_01$$(8)$$(0)$$(0)$$(0)$$(m)$…

Given the difficulty of configuring some complex macros, which may require additional manual configuration, it may be preferable to avoid overwriting them when running an Import Task. This is why this option to overwrite complex macros is disabled by default. It is advised to use this option only with caution, when the user is sure that the execution of this option will not cause major misalignments in the configuration of the Assets.

Register as active

Enabling this option will send assets imported via CSV files directly to the Active Assets list. In other words, the creation in the Pending Assets list will be skipped, and they will proceed directly to monitoring.

Exclude fields

The various import tasks in WOCU have a set of Host attributes that are ignored by default, during the import or update of the asset configuration profile.

In this field the user can manually edit the fields excluded during the asset check through a discovery through the SNMP protocol. It is possible to modify the list by adding new fields or deleting some of the preset ones.

Note

By placing the cursor on the information button (ℹ️), a new window will appear with help information on the different fields of the form. This action does not make any changes to the configuration.

../../_images/4_010_import-tool_tasks_info-button_0-36.jpg

After entering the data in the respective fields, you need to click theblue Add Tasks button to save the new Task in the list.

SNMP_Inventory Task

The different fields that the user must fill in for the configuration of this new Task are detailed below, one by one:

Important

This task only performs enrichment activities on Asset inventory data that are already hosted in the WOCU monitoring database. In no case it will make a discovery of new Assets.

../../_images/4_017_import-tool_tasks_snmp-inventory_0-44.jpg

Realm Name

This field is not editable and indicates the name of the Realm that is the subject of the Import Task.

Task Type

This field indicates the Task Type that will be generated. It is the first selectable field in the dropdown menu and influences the remaining fields.

If a different Task type is selected before saving the changes, the data entered in the other fields will be lost.

Name

The field contains the name chosen by the user to identify the New Task created.

Enabled

Checking this box enables and activates this New Import Task for its next execution.

By default this option is enabled.

Interval

By means of this drop-down menu it is possible to choose how often the Asset Import of this New Task will be executed. The possible options available are:

  • Task executed daily (Every 1 days).

  • Task executed every second (Every 1 second).

Contrab

An alternative option to set the frequency at which the Task will be executed. Its configuration is done using the Crontab format, providing greater flexibility for more specific use cases.

Expand on information about defining execution periods aquí.

Community SNMP

This must contain the SNMP Community, which is a text string that is used as a password to access the found Hosts and obtain the information to be imported into WOCU.

SNMP Security_name

Security name or user name. Only for SNMP protocol version 3.

SNMP Auth_protocol

Type of authentication. Can be MD5 or SHAv3. Only for SNMP version 3 protocol.

SNMP Auth_key

Key for authentication. Only for SNMP protocol version 3.

SNMP Priv_protocol

Authorisation type. Can be AES or DESv3. Only for SNMP version 3

SNMP Priv_key

Authorisation key. Only for SNMP protocol version 3.

SNMP Security_level

Security level. It is possible to use neither authentication nor authorisation (noAuthNoPriv); only authentication (authNoPriv) or authentication and authorisation (authPriv). Only for protocol SNMP version 3

SNMP Context

SNMP context name. Only for SNMP protocol version 3.

Attention

Depending on the protocol version, the Community varibale or the previous SNMP v3 own authentication variables will be used.

Scan Timeout

This field sets the time in seconds that WOCU will stop SNMP interrogation of a Host if no response is found.

Section

This field groups the inventory data in the section specified by the user. By default, the SNMP section is preset, but it can be freely modified or deleted.

After entering the data in the respective fields, you need to click theblue Add Tasks button to save the new Task in the list.

Note

Clicking on the button identified by the i (Information) icon will open a new window with help information for the different fields. This action does not make any changes to the configuration.

../../_images/4_010_import-tool_tasks_info-button_0-36.jpg