Discovering SNMP devices

If remote login attempts are unsuccessful, BMC Discovery attempts SNMP queries. However, login attempts with SNMP queries are used only if the SNMP port (UDP 161) is open on the target host. You do not need to set the SNMP parameters unless you use a read community other than Public. You can configure different SNMP parameters for different host systems.

Discovery using SNMP is supported for hosts (for a complete list, see the Discovery Platforms page) only if an SNMP credential is available for the IP address of the host. However, SNMP provides only basic host information, running processes, network connections, and installed packages. It does not support interrogating files, HBAs, or running OS commands. If a host is discovered using SNMP, Reasoning always checks to see whether a login credential is available for that host, because discovered data is richer when a login is achieved. If a login credential is found and used successfully, the host node created using SNMP discovery is updated. In rare cases, duplicate nodes could be created when the host is subsequently discovered using a login credential (which can happen, for example, when the IP configuration changes).

If an SNMP device is not identified, you can set up recognition rules to ensure that BMC Discovery is able to identify that SNMP device in the future. For more information Recognizing SNMP devices.

Granting SNMP v3 permissions

When SNMP v3 is used to discover a device that uses different security contexts for different instances of a MIB (in the same way that community string indexing is used for v1 or v2), the SNMP v3 user might not have access to the different security contexts.

If a device is discovered where access to different contexts is required but access has not been granted to the user, discovery gathers less information. In this case, a ScriptFailure node is associated with the DeviceInfo for the DiscoveryAccess, with a message of the type Failed to access vlan-1 (AuthorizationError), where vlan-1 is the name of the security context that discovery attempted to access.

To ensure that discovery has full access, grant users access to all of the contexts on the network device. For example, to grant access to all contexts to the group privgroup on a Cisco device with a recent version of Cisco IOS, you can use the following configuration command:

snmp-server group privgroup v3 auth context vlan- match prefix

Was this page helpful? Yes No Submitting... Thank you

Comments

  1. Nageswari Varadarajan

    How can the network devices be discovered using remote login - login credential, ie. via ssh/telnet?

    Mar 30, 2017 04:34
  2. Oscar omar Posada sanchez

    and how to discovery "Divice is an unsupported divice"

    Jun 28, 2017 02:47
    1. Duncan Tweed

      You can use SNMP recognition rules (Recognizing SNMP devices) to identify unknown/unsupported devices. I've added a link in the text above.

      Thanks, Duncan.

      Jul 03, 2017 03:56
      1. Oscar omar Posada sanchez

        Thanks Duncan

        Jul 10, 2017 12:15