Closed RokasBudrys closed 4 years ago
If your DNS has PTR records for discovered devices, these records will be used as descriptions. Nmap handles it.
Yes. Actually, this script does it using Paramiko which uses SSH. After connecting, the command show run | inc hostname
is run.
Just insert the IP addresses of your Cisco devices and your TACACS+ credentials in the config file.
No. At this moment, I think it's best to connect a monitoring system (which uses SNMP) and NetBox using API than to implement SNMP queries in netbox-scanner.
I'm just wondering if anything needs to be additionally configured, 192.168.22.120 has a ptr although scanner creates it as unknown host:
[root@netbox netbox-scanner]# cat netbox-scanner-20191021T162710Z.log 2019-10-21 16:27:10,523 netbox-scanner INFO started: 1 networks 2019-10-21 16:27:44,796 netbox-scanner INFO scanned: 192.168.22.0/24 (2 hosts discovered) 2019-10-21 16:27:44,863 netbox-scanner INFO created: 192.168.22.120/32 "unknown host" 2019-10-21 16:27:45,359 netbox-scanner INFO finished: +1 ~0 -0 ?0 !0
192.168.22.120 Name: printsrv02.output ommited Address: 192.168.22.120
[root@netbox netbox-scanner]# cat /root/.netbox-scanner.conf
[GENERAL] tag = auto unknown = unknown host log = . nmap_args = -T4 -O -F --host-timeout 30s
[NETBOX] address = output ommited token =output ommited tls_verify = True
[TACACS] user = password = command = regex = hostname ([A-Z|a-z|0-9|-|_]+) regroup = 1
[SCAN]
networks = 192.168.22.0/24
As I mentioned before, netbox-scanner
uses nmap findings. If nmap doesn't recognize the host (usually by PTR record), netbox-scanner
tryes to connect to it (Cisco) via TACACS+. If it's not possible, and nmap found no further information, host is set to unknown
.
Will try to create a modular environment for v2, then it'll be easier to insert new data sources.
Hello,
currently I'm trying to figure out if Netbox Scanner is able to login to devices (Linux or Windows VM, Cisco and other network devices) and retrieve FQDN. (Maybe Scanner is able to perform this by querying DNS?)
For instance I'm sure that FQDN could be also inserted into Netbox DB after the scan. Although I haven't found any detailed explanation if anything needs to be done from my side in config file. (I can see that additional host have been found but they are marked as unkown host and no DNS name) Only tacacs config which implies that netbox scanner should be able to login to devices?
Once looking into code I found that TACACS config is used in:
So it seems that only Cisco devices are supported right now? correct me if I'm wrong.
To sum up: