Vunetrix Network Monitor vCloud

Vunetrix Manual: Auto-Discovery

Vunetrix's auto-discovery function is a great way to automatically create a sophisticated and concise set of sensors for your complete network. It is mainly suitable for LAN discovery since it involves a lot of SNMP and WMI.

For a quick start auto-discovery, please see TWO—Using the Configuration Guru section.

How Auto-Discovery Works

Vunetrix's auto-discovery process has three stages:

  • Step 1
    Scanning a network segment for devices using Ping (for groups only).
  • Step 2
    Assessing the device type for all devices discovered in Step 1 (using SNMP, WMI, and other protocols).
  • Step 3a
    Creating sensor sets that match the discovered device types of step 2. This is done based on built-in device templates with recommended sensors for many device types.
     
    Step 3b (optional)
    Creating sensor sets using user created device templates (see Create Device Template section).

The auto-discovery can be used on a group level for a range of IP addresses, or for individual devices which you might have created manually. It can be run just once, on demand via the context menu, or scheduled every hour, day or week. Running the auto-discovery every day or week will automatically create new sensors when new devices are connected to the network. As soon as new devices or sensors are discovered, new Tickets are created (which are mailed to the system administrator by default).

Please be aware of the following restrictions of the auto-discovery:

  • Vunetrix can not discover devices that can not be pinged, since Step 1 uses pings. If, for example, a firewall blocks echo requests, a device behind it cannot be discovered.
  • You should supply authentication settings for Windows Systems, Linux (SSH/WBEM) Systems, VMware/XEN Servers, and SNMP Devices in order to fully exploit the power of this feature. We recommend defining these in the Root group settings.
  • If a device has more than one IP address, it may show up more than once in the discovery results, even though Vunetrix tries to identify these situations.
  • If a device already exists on the same probe, the auto-discovery will skip this device and not create a duplicate.
  • Using frequent auto-discoveries of large network segments can lead to performance issues. We therefore recommend to only schedule regular auto-discoveries where necessary.

Run Auto-Discovery Now

You can run an auto-discovery at any time for a group or a device. To do so, right-click on the respective object and from the context menu, select Run Auto-Discovery. Vunetrix will immediately start searching for new objects which can be added to the device tree. If used for a group, Vunetrix will add devices and sensors, if found. If used for a device, it will add new sensors, if found.

Note: The auto-discovery will also re-add devices or sensors you have manually deleted. If you do not want this, please create objects manually only.

Creating an Auto-Discovery Group

There are several ways to start auto-discovery:

  • On the welcome screen, click on the Perform Network Auto-Discovery option,
  • or select Devices | Add Auto-Discovery Group from the main menu.

To start an automatic detection of devices and sensors in your network an assistant will appear, leading you through two steps. For faster setup, you can select Add Auto-Discovery Group... in the context menu of a probe or group to which you want to add the new group. This will skip step 1 and lead you directly to step 2.

Note: This documentation refers to the Vunetrix System Administrator user accessing the Ajax interface on a master node. For other user accounts, interfaces, or nodes, not all of the options might be available as described. When using a cluster installation, failover nodes are read-only by default.

Add Auto-Discovery Group Dialog

Add Auto-Discovery Group Dialog

  • Step 1
    Please choose a probe or group you want to add the new group to. Click on Continue.
  • Step 2
    Add auto-discovery settings as described below.

Add Auto-Discovery Group Settings

Group Name and Tags

Group Name

Enter a meaningful name to identify the group. The name will be shown by default in the devices tree and in all alarms.

Tags

Enter one or more tags; confirm each tag by hitting the space, comma, or enter key. You can use tags to group objects and use tag-filtered views later on. Tags are not case sensitive. Tags are automatically inherited.

Group Type

Sensor Management

Select the method for automatic network discovery. Choose between:

  • Automatic device identification (standard, recommended): Detect mainly based on Ping, SNMP, and WMI. This option should work fine for most installations.
  • Automatic device identification (detailed, may create many sensors): Detect in a more detailed way and create more sensors. This option uses all standard device templates for auto-discovery. It is suitable for small network segments and whenever you want to monitor the maximum number of sensors available.
  • Automatic sensor creation using specific device template(s): Manually define the device templates used for auto-discovery. From the list below, select one or more templates.

Device Template(s)

This option is only visible if using specific device templates (last option) is enabled above. Please choose one or more templates by adding a check mark in front of the respective template name. You can also select and deselect all items by using the check box in the table head. These will be used for auto-discovery on the current device. Choose from:

  • ADSL
  • Cisco ASA VPN
  • Cisco Device (Generic)
  • Dell MDI
  • DNS Server
  • Environment Jacarta
  • Environment Poseidon
  • Fritzbox
  • FTP Server
  • Generic Device (PING only)
  • Generic Device (SNMP-enabled)
  • Generic Device (SNMP-enabled, Detailed)
  • HTTP Web Server
  • Hyper V Host Server
  • Linux/UNIX Device (SNMP or SSH enabled)
  • Mail Server (Generic)
  • Mail Server (MS Exchange)
  • Microsoft Sharepoint 2010
  • NAS LenovoEMC
  • NAS QNAP
  • NAS Synology
  • NetApp
  • NTP Server
  • Printer (HP)
  • RDP Server
  • RMON compatible device
  • Server (Compaq/HP agents)
  • Server (Dell)
  • Sever Cisco UCS
  • Server IBM
  • SonicWALL
  • Switch (Cisco Catalyst)
  • Switch (Cisco IOS Based)
  • Switch (HP Procurve)
  • UNIX/Linux Device
  • UPS (APC)
  • Virtuozzo Server
  • VMware ESX / vCenter Server
  • Windows (Detailed via WMI)
  • Windows (via Remote Powershell)
  • Windows (via WMI)
  • Windows IIS (via SNMP)
  • XEN Hosts
  • XEN Virtual Machines
     

Once the auto-discovery is finished, Vunetrix will create a new ticket and list the device templates which were actually used to create new sensors. Templates which were not applied will not be shown in the ticket.

Discovery Schedule

Define when the auto-discovery will be run. Choose between:

  • Once: Perform auto-discovery only once. New devices and sensors will be added once. You can run auto-discovery manually any time using an object's context menu.
  • Hourly: Perform auto-discovery for new devices and sensors every 60 minutes. Note: Please use this option with caution! Frequently executed auto-discoveries might cause performance issues, especially when large network segments are scanned every hour.
  • Daily: Perform auto-discovery for new devices and sensors every 24 hours. The first auto-discovery will run immediately, all other discoveries will start on the time defined in the Auto-Discovery Settings section of the System Administration—Monitoring settings.
  • Weekly: Perform auto-discovery for new devices and sensors every 7 days. The first auto-discovery will run immediately, all other discoveries will start on the time defined in the Auto-Discovery Settings section of the System Administration—Monitoring settings.

IP Selection Method

Define how you want to define the IP range for auto-discovery. Choose between:

  • Class C base IP with start/end (IPv4): Define an IPv4 class C address range.
  • List of individual IPs and DNS names (IPv4): Enter a list of individual IPv4 addresses or DNS names.
  • IP and Subnet (IPv4): Enter an IPv4 address and subnet mask.
  • IP with octet range (IPv4): Enter an IPv4 address range for every IP octet individually. With this, you can define very customizable IP ranges.
  • List of individual IPs and DNS names (IPv6): Enter a list of individual IPv6 addresses or DNS names.
  • Use computers from the active directory (maximum 1000 computers): Search in the active directory for computers to perform auto-discovery.

Note: Only subnets with up to 65,536 IP addresses can be discovered! If you define a range with a higher number of addresses, discovery will stop before it is completed.

IPv4 Base

This field is only visible if Class C network detection is selected above. Enter a class C network as IP base for the auto-discovery. Enter the first three octets of an IPv4 IP address, for example, 192.168.0

IPv4 Range Start

This field is only visible if Class C network detection is selected above. Enter the IP octet of the class C network specified above from which Vunetrix will start the auto-discovery. This will complete the IP base above to an IPv4 address. For example, enter 1 to discover from 192.168.0.1.

IPv4 Range End

This field is only visible if Class C network detection is selected above. Enter the IP octet of the class C network specified above at which Vunetrix will stop the auto-discovery. This will complete the IP base above to an IPv4 address. For example, enter 254 to discover up to 192.168.0.254.

IPv4/DNS Name List
IPv6/DNS Name List

This field is only visible if the IP list option is selected above. Enter a list of IP addresses or DNS names which the auto-discovery will scan. Enter each address in a separate line.

IPv4 and Subnet (IPv4)

This field is only visible if the IP and subnet option is selected above. Enter an expression in the format address/subnet, e.g. 192.168.3.0/255.255.255.0. You can also use the short form like 192.168.3.0/24 in this example. Vunetrix will scan the complete host range (without network and broadcast address) defined by the IP address and the subnet mask.

IP with Octet Range

This field is only visible if the octet range option is selected above. Enter an expression in the format a1.a2.a3.a4, where a1, a2, a3, and a4 are each a number between 0-255, or a range with two numbers and a hyphen like 1-127. All permutations of all ranges are calculated, e.g. 10.0.1-10.1-100 results in 1,000 addresses that Vunetrix will scan during auto-discovery.

Organizational Unit

This field is only visible if active directory is selected above. Enter an organizational unit (OU) to restrict the active directory search to computers which are part of this OU. Just enter the name of the OU without any other term (i.e., without "OU" in front). If you leave this field empty, there will not be any restriction.

If you have sub-OUs, too, please consider the correct syntax in the format Y,OU=X: OUs that are part of another OU have to be listed together with their parent(s). Enter the sub-OU followed by ,OU= and the name of the parent OU. For example, assuming that the organizational unit 'Y' is part of the OU named 'X'. Then the syntax would be Y,OU=X. For three OUs 'X', 'Y' part of 'X', and 'Z' part of 'Y', the syntax would be Z,OU=Y,OU=X. Note that the order is important, sub-OUs have to be listed left of its according parents!

Name Resolution

Define how newly discovered devices will be monitored. This only affects new devices. The setting for existing devices will be kept. Choose between:

  • Use DNS / WMI / SNMP names (recommended): Monitor newly discovered devices via their DNS, WMI, or SNMP names (if available).
  • Use IP addresses: Monitor newly discovered devices via their IP address.

We recommend using the default value.

Device Rescan

Define if you want to rescan known devices. Choose between:

  • Skip auto-discovery for known devices/IPs (recommended): Do not re-scan known devices or IP addresses, but only scan for new devices/IPs when auto-discovering. This can avoid re-creation of manually deleted sensors. Vunetrix will also avoid adding devices that are already included elsewhere in your configuration, e.g. in other groups.
  • Perform auto-discovery for known devices/IPs: Re-scan known devices and IP addresses with every auto-discovery. This will re-create manually deleted sensors on existing devices.

We recommend using the default value.

Inherited Settings

By default, all following settings are inherited from objects higher in the hierarchy and should be changed there, if necessary. Often, best practice is to change them centrally in the Root group's settings. To change a setting for this object, disable inheritance by clicking on the check mark symbol in front of the respective setting name. You will then see the options described below.

If you have not set credentials yet, set them now before starting the auto-discovery in order to fully exploit the power of this feature!

Credentials for Windows Systems

Domain or Computer Name

Define the authority for Windows access. This is used for Windows Management Instrumentation (WMI) and other Windows sensors. If you want to use a Windows local user account on the target device, please enter the computer name here. If you want to use a Windows domain user account (recommended), please enter the (Active Directory) domain name here. If not explicitly defined, Vunetrix will automatically add a prefix in order to use the NT LAN Manager (NTLM) protocol. Please do not leave this field empty.

Username

Enter the username for Windows access. Usually, you will use credentials with administrator privileges.

Password

Enter the password for Windows access. Usually, you will use credentials with administrator privileges.

Credentials for Linux/Solaris/Mac OS (SSH/WBEM) Systems

Username

Enter a login name for the access via SSH and WBEM. Usually, you will use credentials with administrator privileges.

Login

Define which authentication method will be used for login. Choose between:

  • Login via Password: Provide a password for login. Enter below.
  • Login via Private Key: Provide a private key for authentication. Note: Vunetrix can only handle keys in OpenSSH format which are not encrypted. You cannot use password protected keys here. In the text field, please paste the entire private key, including the "BEGIN" and "END" lines. Please make sure the according public key is provided on the target machine. For details, please see Monitoring via SSH.

Password

This field is only visible if password login is selected above. Enter a password for the Linux access via SSH and WBEM. Usually, you will use credentials with administrator privileges.

Private Key

This field is only visible if private key login is selected above. Paste a private key into the field (OpenSSH format, unencrypted). Usually, you will use credentials with administrator privileges. Note: If you do not insert a private key for the first time, but change the private key, you need to restart your Vunetrix core server service in order for the private key change to take effect! For details, please see Monitoring via SSH.

For WBEM Use Protocol

Define the protocol that will be used for WBEM. This setting is only relevant when using WBEM sensors. Choose between:

  • HTTP: Use an unencrypted connection for WBEM.
  • HTTPS: Use an SSL-encrypted connection for WBEM.

For WBEM Use Port

Define the port that will be used for WBEM. This setting is only relevant when using WBEM sensors. Choose between:

  • Set automatically (port 5988 or 5989): Use one of the standard ports, depending on whether unencrypted or encrypted connection is chosen above.
  • Set manually: Use a custom port. Define below.

WBEM Port

This setting is only visible if manual port selection is enabled above. Enter the WBEM port number.

SSH Port

Define the port number which will be used for SSH connections. Note: By default, this setting is automatically used for all SSH sensors, unless you define a different port number in the sensor settings.

SSH Rights Elevation

Define with which rights the command will be executed on the target system. Choose between:

  • Run the command as the user connecting (default): Use the rights of the user who establishes the SSH connection.
  • Run the command as another user using 'sudo': Use the rights of another user, for example, the administrator.
  • Run the command as another user using 'su': Use the rights of another target user.

Target Username

This field is only visible if sudo or su is enabled above. Enter a username to run the specified command as another user than root. If you leave this field empty, the command will be run as root. Ensure that you set the Linux password even you use a public/private key for authentication.  This is not necessary if the user is allowed to execute the command without a password.

Password Target User

This field is only visible if su is enabled above. Enter the password for the specified target user.

Credentials for VMware/XenServer

User

Enter a login name for access to VMware and XEN servers. Usually, you will use credentials with administrator privileges.

Password

Enter a password for access to VMware and XEN servers. Usually, you will use credentials with administrator privileges.

VMware Protocol

Define the protocol used for the connection to VMware and XenServer. Choose between:

  • HTTPS (recommended): Use an SSL-encrypted connection to VMware and XenServers.
  • HTTP: Use an unencrypted connection to VMware and XenServers.

Credentials for SNMP Devices

SNMP Version

Select the SNMP version that will be used for device connection. Choose between:

  • v1: Use the simple standard v1 protocol for SNMP connections. This protocol only offers clear-text data transmission, but it is usually supported by all devices.
  • v2c: Use the more advanced v2c protocol for SNMP connections. Data is still transferred as clear-text, but it supports 64-bit counters.
  • v3: Use the latest v3 protocol for SNMP connections. It provides secure authentication and data encryption.

Note for SNMP v3: Due to internal limitations you can only monitor a limited number of sensors per second using SNMP v3. The limit is somewhere between 1 and 50 sensors per second (depending on the SNMP latency of your network). This means that using an interval of 60 seconds you are limited to between 60 and 3000 SNMP v3 sensors for each probe. If you experience an increased "Interval Delay" or "Open Requests" reading of the probe health sensor, you need to distribute the load over multiple probes. SNMP v1 and v2 do not have this limitation.

Community String

This setting is only visible if SNMP version v1 or v2c are enabled above. Enter the community string of your devices. This is a kind of "clear-text password" used for simple authentication. We recommend using the default value.

Authentication Type

This setting is only visible if SNMP version v3 is enabled above. Choose between:

  • MD5: Use Message-Digest Algorithm 5 (MD5) for authentication.
  • SHA: Use Secure Hash Algorithm (SHA) for authentication.

The chosen type has to match the authentication type of your device.

Note: If you do not want to use authentication, but you need SNMP v3, for example, because your device requires context, you can leave the field password empty. In this case, SNMP_SEC_LEVEL_NOAUTH will be used and authentication will be deactivated entirely.

User

This setting is only visible if SNMP version v3 is enabled above. Enter a username for secure authentication. This value has to match the username of your device.

Password

This setting is only visible if SNMP version v3 is enabled above. Enter a password for secure authentication. This value has to match the password of your device.

Encryption Type

This setting is only visible if SNMP version v3 is enabled above. Select an encryption type. Choose between:

  • DES: Use Data Encryption Standard (DES) as encryption algorithm.
  • AES: Use Advanced Encryption Standard (AES) as encryption algorithm.

The chosen type has to match the encryption type of your device.

Data Encryption Key

This setting is only visible if SNMP version v3 is enabled above. Enter an encryption key here. If you provide a key in this field, SNMP data packets will be encrypted using the encryption algorithm selected above, providing increased security. The provided key here has to match the encryption key of your device. Note: If the key entered in this field does not match the key configured in the target SNMP device, you will not get an error message! Please enter a string or leave the field empty.

Context Name

This setting is only visible if SNMP version v3 is enabled above. Enter a context name only if it is required by the configuration of the device. Context is a collection of management information accessible by an SNMP device. Please enter a string.

SNMP Port

Enter the port used for SNMP communication. We recommend using the default value.

SNMP Timeout (sec.)

Enter a timeout in seconds for the request. If the reply takes longer than this value the request is aborted and an error message is triggered.

Proxy Settings for HTTP Sensors

HTTP Proxy Settings

The proxy settings determine how a sensor connects to a given URL. You can enter data for a proxy server that will be used when connecting via HTTP or HTTPS. Note: This setting is valid for the monitoring only and determines the behavior of sensors. In order to change proxy settings for the core server, please see System Administration—Core & Probes.

Name

Enter the IP address or DNS name of the proxy server to use. If you leave this field empty, no proxy will be used.

Port

Enter the port number of the proxy. Often, port 8080 is used. Please enter an integer value.

User

If the proxy requires authentication, enter the username for the proxy login. Note: Only basic authentication is available! Please enter a string or leave the field empty.

Password

If the proxy requires authentication, enter the password for the proxy login. Note: Only basic authentication is available! Please enter a string or leave the field empty.

Access Rights

User Group Access

Define which user group(s) will have access to the object you're editing. A table with user groups and right is shown; it contains all user groups from your setup. For each user group you can choose from the following access rights:

  • Inherited: Use the settings of the parent object.
  • None: Users in this group cannot see or edit the object. The object does not show up in lists.
  • Read: Users in this group can see the object and review its settings.
  • Write: Users in this group can see the object, as well as review and edit its settings. However, they cannot edit access rights settings.
  • Full: Users in this group can see the object, as well as review and edit its settings and edit access rights settings.

You can create new user groups in the System Administration—User Groups settings.

Click on the Continue button to store your settings. If you change tabs or use the main menu, all changes to the settings will be lost!

Auto-Discovery in Progress

While auto-discovery is running you may experience a lower system performance as usual, because Vunetrix works in the background in order to discover your network. Depending on the IP ranges defined (up to 65,536 addresses) , the discovery may run up to several days before complete. You can review the status of the discovery process as follows:

  • In the device tree, behind the group or device name, you will see a percentage value showing the progress of auto-discovery.
  • During auto-discovery, the web interface will display a box in the lower right corner, showing the number of active auto-discovery tasks.
  • In order to stop a running auto-discovery, right-click the group or device, and select Pause | For 5 minutes... from the context menu. Monitoring will be paused for 5 minutes, and auto-discovery tasks will be shut down.

Related Topics

 

 

Next Topic

Keywords: Auto-Discovery,Auto-Discovery Settings