Update SNMP and SSH commands for Network Discovery

Idea ID 1680929

Update SNMP and SSH commands for Network Discovery

We have a customer who is using UCMDB to discover the network devices within their environment. They do not have NNMI or NA to provide network topology. Their goal is to identify the network devices within their environment for compliance reporting and track configuration documents to not changes in the configuration of their network devices. 

It was determined that the UCMDB is not able to determine the OS Type of the network devices, based on the current list of commands that are currently used for the Host Connection by Shell and Host Connection by SNMP. The command used by the Host Connection by SSH, " sh ver | no-more", does not return any results for the network devices with the OS IOS-XR, OIS-XE, and other variations of IOS. The Host Connection by SNMP does not provide a clear error message as to why the discovery job is failing. Below you will find the output from the discovery run:

log start="13:10:23" severity="debug">Running test connection queries</log>

                <EXEC start="13:10:32" duration="9000" CMD="1.3.6.1.2.1.1.1,1.3.6.1.2.1.1.2,string" RESULT="ROWS_0_COLS_0" />

                <EXEC start="13:10:32" duration="0" CMD="next" RESULT="false" />

                <EXEC start="13:10:41" duration="9002" CMD="1.3.6.1.2.1.1.1,1.3.6.1.2.1.1.2,string" RESULT="ROWS_0_COLS_0" />

                <EXEC start="13:10:41" duration="0" CMD="next" RESULT="false" />

                <DISCONNECT start="13:10:41" duration="0" CMD="client_disconnect" RESULT="" IS_NULL="Y" type="snmp" credentialsId="988_1_CMS" />

                <log start="13:10:41" severity="debug">Unexpected SNMP_AGENT Exception:

Traceback (most recent call last):

  File "SNMP_Connection_Utils", line 1099, in mainFunction

  File "SNMP_Connection_Utils", line 1032, in testConnection

Exception: java.lang.Exception: Could not perform snmp connection to 206.166.8.188:161

</log>

                <log start="13:10:41" severity="debug">SNMP: Connection failed</log>

                <log start="13:10:41" severity="debug">OSHVector contains 0 objects.</log>

                <log start="13:10:41" severity="debug">Failed to connect or no valid protocols defined. No Host CI will be created</log>

                <log start="13:10:41" severity="debug">Reporting warning code 200 to framework.</log>

                <log start="13:10:41" severity="debug">Warning message is: SNMP: Connection failed</log>

                <log start="13:10:41" severity="info">Execution current time:2019/01/08 13:10:41</log>

</execution>

 

UCMDB is currently using commands that are not compatible with the Cisco network devices their have in place within their environment. Specifically, UCMDB is not able to detect the OS Type of the network devices. This affects other discovery jobs, i.e. Firewall Topology by SNMP/SSH, which depends on the detection of the OS type in order to run. The customer has stated that the command "show ver" will work for their devices. Can you please update the commands used for network devices for the discovery jobs that use the SNMP and SSH protocols.

 

The Host Connection by SSH discovery job fails with the following output:

                <log start="11:08:07" severity="debug">Possible shellutils.F5Shell</log>

                <EXEC start="11:08:22" duration="15008">

                                <CMD>[CDATA: show sys version]</CMD>

                                <RESULT>[CDATA: RP/0/RSP1/CPU0:7-SPI-Phoenix#show sys version

 

% Ambiguous command:  "show sys version"

RP/0/RSP1/CPU0:7-SPI-Phoenix#]</RESULT>

                </EXEC>

                <log start="11:08:22" severity="debug">Failed detecting OS type. Exception received: com.hp.ucmdb.discovery.library.clients.protocols.command.TimeoutException: Command timed out: Exceeded timeout after 15000 milliseconds

Traceback (most recent call last):

  File "HostConnectionByShell", line 172, in DiscoveryMain

  File "shellutils", line 467, in createShell

Exception: Failed detecting OS type. Exception received: com.hp.ucmdb.discovery.library.clients.protocols.command.TimeoutException: Command timed out: Exceeded timeout after 15000 milliseconds

</log>

                <log start="11:08:22" severity="debug">SSH: Timeout trying to connect to remote agent, try increasing credential timeout value</log>

                <DISCONNECT start="11:08:22" duration="0" CMD="client_disconnect" RESULT="" IS_NULL="Y" type="ssh" credentialsId="33_1_CMS" />

                <log start="11:08:22" severity="warn">Discovery failed, though shell object will be created</log>

                <log start="11:08:22" severity="debug">creating object for obj_name=ssh</log>

                <log start="11:08:22" severity="debug">Reporting error code 400 to framework.</log>

                <log start="11:08:22" severity="debug">Error message is: SSH: Timeout trying to connect to remote agent, try increasing credential timeout value</log>

                <log start="11:08:22" severity="info">Execution current time:2019/01/07 11:08:22</log>

</execution>

Tags (1)
10 Comments
Micro Focus Expert
Micro Focus Expert

A potential command to use is: show ver

 

Micro Focus Expert
Micro Focus Expert
Status changed to: Waiting for Votes

The idea has received an initial review to ensure adherence to our idea submission and community guidelines. More information may be needed at this stage and we expect the community to help prioritize the idea with comments and voting

Super Contributor.. Super Contributor..
Super Contributor..

Regarding the Host Connection by SNMP job failure, we had the exact same error in a clean installation of uCMDB 10.33 CP 27. We were told by Micro Focus support that this was a known issue in CP27 and we were sent some jar files which we copied to the probe and then the discovery worked.

Generally speaking, the Host Connection by SNMP should be able to discover the OS details, provided that it has access to the OIDs specified in the respective Permissions.

Micro Focus Contributor
Micro Focus Contributor

To MF PM,

Is issue current in uCMDB 11 and CP 28?

The customer has stated that the command "show ver" will work for their devices. Can you please provide/update the commands used for network devices for the discovery jobs that use the SNMP and SSH protocols?

Micro Focus Expert
Micro Focus Expert

Yes it is UCMDB 11 CP 28. Sorry for the late response.

Frequent Contributor.. Frequent Contributor..
Frequent Contributor..

Does this exists with UCMDB 2018.08? it is also bundled with CP28.

Hello Yiannis

Could you please share  jar files provided to you by MF along with steps that was followed to install it to detect OS of network devices using Host connection by SNMP job?

Thanks in advance.

 

Super Contributor.. Super Contributor..
Super Contributor..

Hello Ajay,

I would suggest to contact MF Support about this. The files provided to us could be version/environment dependent and might not work in your environment, or even cause issues. Besides, all changes should first be approved by MF Support for your particular case, in order to get proper support if something goes wrong etc.

Frequent Contributor.. Frequent Contributor..
Frequent Contributor..

Hello Yiannis.

Thanks for your reply. I was just requesting for reference purpose so i can go through & understand what was done to make it work. Could you please share jar files and steps that were along with version details?

Thanks in advance.

Super Contributor.. Super Contributor..
Super Contributor..

Hi again Ajay,

For copyright/ownership reasons I shall not share the files, unless someone from MF confirms that I may. The instructions were to simply replace 3 jar files in the probe and restart the probe service. The fix was for version 10.33 CP27.

As said, I would suggest to contact MF Support for more information.

Frequent Contributor.. Frequent Contributor..
Frequent Contributor..

thanks for the information.

All, As this post for network discovery, i have quick question:

I am using UCMDB 2018.08. Could someone let me know which attribute shows SNMP community string for CI Type NetDevice (routers, switches, printers etc..) ? We have about 20 SNMP community strings configured on probe however i do not see any attribute indicates SNMP community string? I think during the run of Host connection by SNMP discovery job, all community strings configured on probe are tested before right one is picked and saved. 

I want to know which attribute shows successful community string for that Net Device? so that we can select that attribute in discovery reports.

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.