Follow

How To Control The Auto-Discovery of Devices

Applies To

  • Zenoss 5.x
  • Zenoss 4.x
  • Zenoss 3.x
  • Zenoss 2.x

Summary

Auto-discovery refers to the process of detecting devices and then adding them to Zenoss for ongoing monitoring. The process can be useful for situations where the environment is not known (for example, a fresh installation of Zenoss), or for periodic checks to investigate whether new devices have come online (for example, audit or detective controls on the business process of commissioning new systems). Auto-discovery in Zenoss is completely optional; it is not necessary to 'sweep' all devices in your environment every day to keep Zenoss functional.

Procedure

The auto-discovery feature is manually activated. It does NOT run automatically on a periodic basis without administrator intervention. The zendisc command is used for auto discovery, but auto- discovery is only one of zendisc's functions. The zendisc command is also used in a more targeted fashion to add specific devices. Note that the zendisc command must be run from a zope container in Zenoss versions 5.x.
The zendisc command is invoked in one of the following ways:

  1. When adding a new device (even through the user interface), zendisc is invoked but targeted only to the specific device being added.
  2. When navigating in the user interface to /Networks, selecting a network, and then selecting the Discover option, zendisc is invoked to auto discover all devices on the chosen network.
  3. When running zendisc manually at the command line as the zenoss user, for the purpose of either adding specific devices or for auto discovery.

Some helpful, option controls for zendisc include:

  • Allowing auto-discovery on networks below the specified network tree (zAutoDiscover).
  • Ignoring devices that do not respond to SNMP (zSnmpStrictDiscovery).

 

Note: It is important to establish clear lines of authority among Zenoss administrators for who may run auto-discovery to prevent the unintentional addition of large numbers of devices to the Zenoss instance.

Note: Monitoring of new devices added using auto-discovery begins immediately. For commercial users of Zenoss, this means that your site requires sufficient licenses to account for new devices added by auto-discovery.

Note: You can initiate a discovery via the command line or via scripts / cron as follows:

"zendisc run --now --monitor localhost --deviceclass /Discovered --parallel 8 --net 10.0.111.0/24" ...
That would intiate a discovery of the 10.0.100.0/24 network segment and place any discovered devices within the /Discovered device class.

Note: Auto-discovery is not always the most effective method of adding devices. If a network segment has several workstations, printers, IP phones, etc... on it then those will most likely be picked up and added as well. Unless you're certain that a network segment only contains devices that you want to monitor you may want to look at alternative methods of bulk adding devices such as zenbatchload.

Impacts of Scripting Periodic Auto-Discovery

Scheduling Auto-Discovery to run automatically on a predefined schedule (for example using cron) has the following implications that administrators should carefully consider:

Pros
  • Get automatic events showing when a device shows up on the network.
  • Act as a detective control on change processes. This helps identify gaps in the process, such as when someone forgets a step.
  • Help verify hardware inventory for audit purposes.
Cons
  • Periodic scans can trigger intrusion detection system suites unless the process is white-listed.  
    Note: Whitelisting can potentially cause other security issues.
  • Adds additional network impact on ALL devices on the network.
  • Results in additional load on the Zenoss servers.
  • Each new device added during auto discovery consumes a license.
  • May commence unnecessary monitoring of devices that may be undesirable (for example, ping monitoring all printers).
Was this article helpful?
1 out of 1 found this helpful

Comments

Powered by Zendesk