SNMP Discovery not working as expected

pabloalcantara commented 5 months ago

Is there an existing issue for this?

[X] I have searched the existing open and closed issues and I checked the docs https://github.com/jokob-sk/NetAlertX/tree/main/docs

Current Behavior

I´m trying to use the snmp discovery, but it´s no working. The snmpwalk works perfectly (see the logs) but nothing is added or marked as online

Expected Behavior

Add new and mark as online devices found by snmp plugin

Steps To Reproduce

1 - Settings:

app.conf

# SNMPDSC
#---------------------------
SNMPDSC_RUN='schedule'
SNMPDSC_RUN__metadata="{\"function\": \"RUN\", \"events\": [\"run\"], \"type\": \"text.select\", \"default_value\": \"disabled\", \"options\": [\"disabled\", \"once\", \"schedule\", \"always_after_scan\", \"on_new_device\"], \"localized\
": [\"name\", \"description\"], \"name\": [{\"language_code\": \"en_us\", \"string\": \"When to run\"}, {\"language_code\": \"es_es\", \"string\": \"Cu\\u00e1ndo ejecutar\"}], \"description\": [{\"language_code\": \"en_us\", \"string\":
\"Enable import of devices from a SNMP enabled device. If you select <code>schedule</code> the scheduling settings from below are applied. If you select <code>once</code> the scan is run only once on start of the application (container)
or after you update your settings. \\u26a0 Use the same schedule if you have multiple <i class=\\\"fa-solid fa-magnifying-glass-plus\\\"></i> Device scanners enabled.\"}, {\"language_code\": \"es_es\", \"string\": \"Habilite la importaci
\\u00f3n de dispositivos desde un dispositivo habilitado para SNMP. Si selecciona <code>schedule</code>, se aplican las configuraciones de programaci\\u00f3n de abajo. Si selecciona <code>once</code>, el an\\u00e1lisis se ejecuta solo un
a vez al inicio de la aplicaci\\u00f3n (contenedor) o despu\\u00e9s de actualizar su configuraci\\u00f3n.\"}]}"
SNMPDSC_CMD='python3 /app/front/plugins/snmp_discovery/script.py routers={s-quote}{routers}{s-quote}'
SNMPDSC_CMD__metadata="{\"function\": \"CMD\", \"type\": \"text\", \"default_value\": \"python3 /app/front/plugins/snmp_discovery/script.py routers={s-quote}{routers}{s-quote}\", \"options\": [], \"localized\": [\"name\", \"description\"
], \"name\": [{\"language_code\": \"en_us\", \"string\": \"Command\"}, {\"language_code\": \"es_es\", \"string\": \"Comando\"}], \"description\": [{\"language_code\": \"en_us\", \"string\": \"Command to run. Not recommended to change.\"}
, {\"language_code\": \"es_es\", \"string\": \"Comando para ejecutar. No se recomienda cambiar.\"}]}"
SNMPDSC_routers=['snmpwalk -v 2c -c XXXXXXXXXXX -OXsq 192.168.27.1 .1.3.6.1.2.1.3.1.1.2']
SNMPDSC_routers__metadata="{\"function\": \"routers\", \"type\": \"list\", \"default_value\": [\"snmpwalk -v 2c -c public -OXsq 192.168.1.1 .1.3.6.1.2.1.3.1.1.2\"], \"options\": [], \"localized\": [\"name\", \"description\"], \"name\": [
{\"language_code\": \"en_us\", \"string\": \"Routers\"}, {\"language_code\": \"es_es\", \"string\": \"Routers\"}], \"description\": [{\"language_code\": \"en_us\", \"string\": \"A list of <code>snmpwalk</code> commands to execute against
 IP addresses of roputers/switches with SNMP turned on. <br/> <br/> Example with the router on the IP <code>192.168.1.1</code>: <br/> <code>snmpwalk -v 2c -c public -OXsq 192.168.1.1 .1.3.6.1.2.1.3.1.1.2</code> <br/><br/> Only IPv4 suppo
rted. Authentication is not supported. More info on the plugin <a href='https://github.com/jokob-sk/NetAlertX/tree/main/front/plugins/snmp_discovery' target='_blank'>here</a>.\"}, {\"language_code\": \"es_es\", \"string\": \"Una lista de
 comandos <code>snmpwalk</code> para ejecutar en direcciones IP de computadoras/conmutadores con SNMP activado. <br/> <br/> Ejemplo con el enrutador en la IP <code>192.168.1.1</code>: <br/> <code>snmpwalk -v 2c -c public -OXsq 192.168.1.
1 .1.3.6.1. 2.1.3.1.1.2</code> <br/><br/> Solo se admite IPv4. No se admite la autenticaci\\u00f3n. M\\u00e1s informaci\\u00f3n sobre el complemento <a href='https://github.com/jokob-sk/NetAlertX/tree/main/front/plugins/snmp_discovery' t
arget='_blank'>aqu\\u00ed</a>.\"}]}"
SNMPDSC_RUN_SCHD='*/5 * * * *'
SNMPDSC_RUN_SCHD__metadata="{\"function\": \"RUN_SCHD\", \"type\": \"text\", \"default_value\": \"0 2 * * *\", \"options\": [], \"localized\": [\"name\", \"description\"], \"name\": [{\"language_code\": \"en_us\", \"string\": \"Schedule\
"}, {\"language_code\": \"es_es\", \"string\": \"Schedule\"}], \"description\": [{\"language_code\": \"en_us\", \"string\": \"Only enabled if you select <code>schedule</code> in the <a href=\\\"#SNMPDSC_RUN\\\"><code>SNMPDSC_RUN</code> s
etting</a>. Make sure you enter the schedule in the correct cron-like format (e.g. validate at <a href=\\\"https://crontab.guru/\\\" target=\\\"_blank\\\">crontab.guru</a>). For example entering <code>0 4 * * *</code> will run the scan a
fter 4 am in the <a onclick=\\\"toggleAllSettings()\\\" href=\\\"#TIMEZONE\\\"><code>TIMEZONE</code> you set above</a>. Will be run NEXT time the time passes. <br/> It's recommended to use the same schedule interval for all plugins respo
nsible for discovering new devices. \"}, {\"language_code\": \"es_es\", \"string\": \"Solo est\\u00e1 habilitado si selecciona <code>schedule</code> en la configuraci\\u00f3n <a href=\\\"#SNMPDSC_RUN\\\"><code>SNMPDSC_RUN</code></a>. Ase
g\\u00farese de ingresar la programaci\\u00f3n en el formato similar a cron correcto (por ejemplo, valide en <a href=\\\"https://crontab.guru/\\\" target=\\\"_blank\\\">crontab.guru</a>). Por ejemplo, ingresar <code>0 4 * * *</code> ejec
utar\\u00e1 el escaneo despu\\u00e9s de las 4 a.m. en el <a onclick=\\\"toggleAllSettings()\\\" href=\\\"#TIMEZONE\\\"><code>TIMEZONE</ c\\u00f3digo> que configur\\u00f3 arriba</a>. Se ejecutar\\u00e1 la PR\\u00d3XIMA vez que pase el tie
mpo.\"}]}"
SNMPDSC_RUN_TIMEOUT=30
SNMPDSC_RUN_TIMEOUT__metadata="{\"function\": \"RUN_TIMEOUT\", \"type\": \"integer\", \"default_value\": 5, \"options\": [], \"localized\": [\"name\", \"description\"], \"name\": [{\"language_code\": \"en_us\", \"string\": \"Run timeout\
"}, {\"language_code\": \"es_es\", \"string\": \"Tiempo de espera de ejecuci\\u00f3n\"}, {\"language_code\": \"de_de\", \"string\": \"Wartezeit\"}], \"description\": [{\"language_code\": \"en_us\", \"string\": \"Maximum time in seconds t
o wait for the script to finish. If this time is exceeded the script is aborted.\"}, {\"language_code\": \"es_es\", \"string\": \"Tiempo m\\u00e1ximo en segundos para esperar a que finalice el script. Si se excede este tiempo, el script
se cancela..\"}]}"
SNMPDSC_WATCH=['Watched_Value1']
SNMPDSC_WATCH__metadata="{\"function\": \"WATCH\", \"type\": \"text.multiselect\", \"default_value\": [\"Watched_Value1\"], \"options\": [\"Watched_Value1\", \"Watched_Value2\", \"Watched_Value3\", \"Watched_Value4\"], \"localized\": [\"
name\", \"description\"], \"name\": [{\"language_code\": \"en_us\", \"string\": \"Watched\"}, {\"language_code\": \"es_es\", \"string\": \"Visto\"}], \"description\": [{\"language_code\": \"en_us\", \"string\": \"Send a notification if s
elected values change. Use <code>CTRL + Click</code> to select/deselect. <ul> <li><code>Watched_Value1</code> is Hostname (not discoverable) </li><li><code>Watched_Value2</code> is Router IP </li><li><code>Watched_Value3</code> is not us
ed </li><li><code>Watched_Value4</code> is not used </li></ul>\"}, {\"language_code\": \"es_es\", \"string\": \"Env\\u00ede una notificaci\\u00f3n si los valores seleccionados cambian. Utilice <code>CTRL + clic</code> para seleccionar/de
seleccionar. <ul> <li><code>Watched_Value1</code> es el nombre de host (no detectable) </li><li><code>Watched_Value2</code> es la IP del enrutador </li><li><code>Watched_Value3< /code> no se utiliza </li><li><code>Watched_Value4</code> n
o se utiliza </li></ul>\"}]}"
SNMPDSC_REPORT_ON=['new','watched-changed']
SNMPDSC_REPORT_ON__metadata="{\"function\": \"REPORT_ON\", \"type\": \"text.multiselect\", \"default_value\": [\"new\", \"watched-changed\"], \"options\": [\"new\", \"watched-changed\", \"watched-not-changed\", \"missing-in-last-scan\"],
 \"localized\": [\"name\", \"description\"], \"name\": [{\"language_code\": \"en_us\", \"string\": \"Report on\"}, {\"language_code\": \"es_es\", \"string\": \"Informar sobre\"}], \"description\": [{\"language_code\": \"en_us\", \"string
\": \"Send a notification only on these statuses. <code>new</code> means a new unique (unique combination of PrimaryId and SecondaryId) object was discovered. <code>watched-changed</code> means that selected <code>Watched_ValueN</code> c
olumns changed.\"}, {\"language_code\": \"es_es\", \"string\": \"Env\\u00ede una notificaci\\u00f3n solo en estos estados. <code>new</code> significa que se descubri\\u00f3 un nuevo objeto \\u00fanico (una combinaci\\u00f3n \\u00fanica d
e PrimaryId y SecondaryId). <code>watched-changed</code> significa que las columnas <code>Watched_ValueN</code> seleccionadas cambiaron.\"}]}"

docker-compose.yml

version: "3"
services:
  netalertx:
    container_name: netalertx
    image: "jokobsk/netalertx:latest"      
    network_mode: "host"        
    restart: unless-stopped
    volumes:
      - /mnt/docker/netalertx/config:/app/config
      - /mnt/docker/netalertx/db:/app/db
      - /mnt/docker/netalertx/logs:/app/front/log
    environment:
      - TZ=America/Bahia     
      - PORT=20211

What branch are you running?

Production

app.log

00:06:21 [2024-05-29 00:06:21-03:00] START Run: SNMPDSC 00:06:21 [Plugins] setTyp: list 00:06:21 [Plugin utils] Flattening the below array 00:06:21 ['snmpwalk -v 2c -c XXXXXXXXX -OXsq 192.168.27.1 .1.3.6.1.2.1.3.1.1.2'] 00:06:21 [Plugin utils] isinstance(arr, list) : False | isinstance(arr, str) : True 00:06:21 [Plugins] Resolved value: snmpwalk -v 2c -c XXXXXXXXX -OXsq 192.168.27.1 .1.3.6.1.2.1.3.1.1.2 00:06:21 [Plugins] Convert to Base64: False 00:06:21 [Plugins] Timeout: 30 00:06:21 [Plugin utils] Pre-Resolved CMD: python3/app/front/plugins/snmp_discovery/script.pyrouters={s-quote}{routers}{s-quote} 00:06:21 [Plugins] Executing: python3 /app/front/plugins/snmp_discovery/script.py routers={s-quote}{routers}{s-quote} 00:06:21 [Plugins] Resolved : ['python3', '/app/front/plugins/snmp_discovery/script.py', "routers='snmpwalk -v 2c -c XXXXXXXXX -OXsq 192.168.27.1 .1.3.6.1.2.1.3.1.1.2'"] 00:06:21 [SNMPDSC] In script 00:06:21 [SNMPDSC] Router snmpwalk command: snmpwalk -v 2c -c XXXXXXXXX -OXsq 192.168.27.1 .1.3.6.1.2.1.3.1.1.2 00:06:21 [SNMPDSC] output: mib-2.3.1.1.2.10.1.192.168.24.221 "BC 24 11 56 E2 87 " mib-2.3.1.1.2.10.1.192.168.27.83 "4C EB D6 01 37 FF " mib-2.3.1.1.2.10.1.192.168.27.85 "E8 DB 84 49 C0 4F " mib-2.3.1.1.2.10.1.192.168.27.100 "D0 C2 4E 28 84 D6 " mib-2.3.1.1.2.10.1.192.168.27.220 "BC 24 11 6C 38 54 " mib-2.3.1.1.2.10.1.192.168.27.221 "BC 24 11 56 E2 87 " mib-2.3.1.1.2.10.1.192.168.27.230 "BC 24 11 8C 50 C2 " mib-2.3.1.1.2.10.1.192.168.27.231 "BC 24 11 2A 69 60 " mib-2.3.1.1.2.10.1.192.168.27.254 "BC 24 11 9F A5 48 "

00:06:21 [SNMPDSC] Entries found: 0 00:06:21 [Plugins] No output received from the plugin SNMPDSC - enable LOG_LEVEL=debug and check logs 00:06:21 [2024-05-29 00:06:21-03:00] END Run: SNMPDSC 00:06:21 [API] Update API starting

Debug enabled

[X] I have read and followed the steps in the wiki link above and provided the required debug logs and the log section covers the time when the issue occurs.

jokob-sk commented 5 months ago

Thanks a lot for the detailed report @pabloalcantara !

This seems to be a bug - not sure why, but the output of the SNMP command has changed from iso.... to mib.... I removed the check for iso....

This should be available in the next release. Please have a look at the netalertx-dev docker image, in about 15 minutes (or after the last action finishes) from now.

Make sure you refresh your browser cache - and click the 🔄 refresh button in the top right corner.

It would be great if you could test this (backup everything first or use a new container) on your end by switching to the above image and letting me know if the issue was resolved/the new feature is working.

Thanks in advance, j

pabloalcantara commented 5 months ago

Thanks, it worked as expected

Em qua., 29 de mai. de 2024 às 04:09, jokob-sk @.***> escreveu:

Thanks a lot for the detailed report @pabloalcantara https://github.com/pabloalcantara !

This seems to be a bug - not sure why, but the output of the SNMP command has changed from iso.... to mib.... I removed the check for iso....

This should be available in the next release. Please have a look at the netalertx-dev docker image, in about 15 minutes (or after the last action finishes https://github.com/jokob-sk/NetAlertX/actions) from now.

Make sure you refresh your browser cache - and click the 🔄 refresh button in the top right corner.

It would be great if you could test this (backup everything first or use a new container) on your end by switching to the above image and letting me know if the issue was resolved/the new feature is working.

Thanks in advance, j

— Reply to this email directly, view it on GitHub https://github.com/jokob-sk/NetAlertX/issues/690#issuecomment-2136691420, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAHBTSDVJ72EWQG5Q3ZNYATZEV5JXAVCNFSM6AAAAABIOCAXBKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCMZWGY4TCNBSGA . You are receiving this because you were mentioned.Message ID: @.***>

-- Atenciosamente, Pablo Alcântara

Analista de Tecnologia da Informação, Comunicação e segurança

jokob-sk commented 4 months ago

closing -> releasing in ~10min

jokob-sk / NetAlertX