Bots From Extension: asset-discovery
Collects the inventory data using SNMP/CLI protocols
This extension provides 5 bots.
Bot @asset-discovery:access-check
Bot Position In Pipeline: Sink
Perform device access check using SNMP/SSH protocols.
This bot expects a Restricted CFXQL.
Each parameter may be specified using '=' operator and AND logical operation
Following are the parameters expected for this Bot
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| ip_column* | Text | Device IP column to perform access check. | |
| protocol | Text | snmp,ssh | Comma separated protocols to check. Supported protocols are snmp and ssh. |
| concurrent_discovery | Text | 100 | Number of concurrent threads to run. |
| ssh_creds_regex | Text | Regular expression for SSH credentials to use. Credentials of types ssh-cred, device-host-ssh and device-snmpv3 can be provided. If not provided, all credentials of these types will be tried. |
|
| snmp_creds_regex | Text | Regular expression for SNMP credentials to use. Credentials of types snmp-cred, device-snmp-v1v2 and device-snmpv3 can be provided. If not provided, all credentials of these types will be tried. |
|
| stream_name | Text | Status stream name to push the data. | |
| return_type | Text | dataset | Return type. Must be one of pstream, kafka or dataset. |
| kafka_context | Text | datanetwork | Kafka context to use. expects 'external' or 'datanetwork'. Must be provided if return_type is kafka |
| ssh_timeout | Text | 10 | Number of seconds to wait for SSH Timeout. |
| ssh_disable_sha_retry | Text | no | Disable connection retry for SSH authentication. By default, SSH will retry to connect by disabling sha2 algorithms if authentication fails. Set this to 'yes' to disable this behavior. |
| oid | Text | 1.3.6.1.2.1.1.2.0 | OID to collect from the device during access check. Default is sysObjectID (1.3.6.1.2.1.1.2.0). |
| snmp_timeout | Text | 3 | Number of seconds to wait for SNMP Timeout. |
| snmp_retries | Text | 1 | Number of retries for SNMP connection. |
| discover_applicable_groups | Text | no | Use the collection group rules to identify applicable MIB groups for the devices. |
| collection_group_rule | Text | default | Comma separated collection group rule names. |
Bot @asset-discovery:collector
Bot Position In Pipeline: Sink
Inventory data collection using collection rules.
This bot expects a Restricted CFXQL.
Each parameter may be specified using '=' operator and AND logical operation
Following are the parameters expected for this Bot
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| jobname | Text | Custom job name to attach to the output | |
| seed_addresses_col* | Text | Column name in the input datset that contains IP addresses | |
| save_to_local | Text | no | Save to local |
| local_dir_path | Text | /tmp/ec_jobs | If save_location is set as local, data will be stored to this location locally. |
| collection_group_rules | Text | default | comma separated rule names saved in minio |
| snmp_access | Text | yes | Enable SNMP Collection. (yes/no) |
| cli_access | Text | no | Enable CLI Collection. (yes/no) |
| basic_inventory | Text | yes | Collect basic discovery. (yes/no) |
| extended_inventory | Text | no | Collect extended discovery. (yes/no) |
| cdp_discovery | Text | no | Enable CDP Discovery. (yes/no) |
| lldp_discovery | Text | no | Enable LLDP Discovery. (yes/no) |
| arp_discovery | Text | no | Enable ARP Discovery. (yes/no) |
| icmp_ping | Text | no | Enable Trigger ICMP request to update ARP table. (yes/no) |
| l3_device_ips_for_svis | Text | Layer 3 network device seed IP addresses to discover SVIs (Switched Virtual Interfaces) for ICMP ping blast operation. Ex: 10.12.13.11-10.12.13.21,10.12.13.25,10.12.13.8 |
|
| get_seed_from_SVIs | Text | no | Enable Get seed from SVIs (Switch Virtual Interfaces). (yes/no) |
| wait_time_between_ICMP_req | Text | 1 | Wait time between ICMP request in milliseconds. EX: 1 |
| wait_time_between_ICMP_iteration | Text | 3 | Wait time between ICMP iteration in minutes. EX: 3 |
| wait_time_to_start_discovery | Text | 5 | Wait time to start discovery in minutes. EX: 5 |
| site_code | Text | site code for pstream | |
| return_dataset | Text | yes | Return the data to the pipeline after completion (yes/no) |
| status_stream | Text | asset_inventory_collection_status_stream | Stream name to write the collection status to |
| stream_type | Text | pstream | Type of stream to write. Can be one of 'pstream' or 'kafka' |
| kafka_context | Text | datanetwork | Kafka context to use. expects 'external' or 'datanetwork'. Must be provided if return_type is kafka |
| query_pstream_name | Text | Pstream name to get the list of successful credentials.(pstream must contain 'auth_state', 'ip_address', 'used_cred', and 'protocol' columns) |
|
| query | Text | Query the data in given persistent stream via CFXQL. 'query_pstream_name' field is mandatory to support query pstream |
|
| concurrent_discovery | Text | 100 | Number of worker threads to run in parallel |
| max_repititions | Text | Max Repetitions SNMP Bulk Walk Table Operation. | |
| max_rows | Text | 100000 | Max SNMP Rows to be collected for SNMP Table Operations (0 means no limit, default:100,000) |
| max_calls | Text | Max SNMP Calls for SNMP Table Operations (0 means no limit) | |
| max_time | Text | 1800 | Max time in seconds for an SNMP Table Operation (0 means no limit, default:1800) |
| mgmt_addresses | Text | Comma separated management addresses | |
| credential_types | Text | snmp-cred,device-snmpv1v2,device-snmp-v3,device-host-ssh,ssh-cred | Comma separated credential types |
| collection_profile | Text | normal | Collection profile to use (quick/normal/slow/slow-vpn) |
| credentials | Text | Comma separated cedential ids from vault | |
| credential_patterns | Text | Comma separated list of credential patterns. | |
| max_discovery_hops | Text | 8 | Maximum discovery hops |
| dedupe_mac_address | Text | no | Dedupe on MAC Address (yes/no) |
| dedupe_serial_number | Text | yes | Dedupe on serial number (yes/no) |
| keep_raw | Text | no | Keep raw data (yes/no) |
Bot @asset-discovery:entity-analysis
Bot Position In Pipeline: Sink
Processes EC and Asset Discovery zip file and folders and Builds relationships between the entities
This bot expects a Restricted CFXQL.
Each parameter may be specified using '=' operator and AND logical operation
Following are the parameters expected for this Bot
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| path_column* | Text | Column name of the path to the json files | |
| concurrent_discovery | Text | 10 | Number of concurrent jobs to run |
| output_path* | Text | Path to store output files | |
| device_ops_view | Text | False | Enable to create device-ops-view json |
| device_view | Text | False | Enable to create device-view json |
| poe_summary | Text | False | Enable to create poe_summary json |
Bot @asset-discovery:get-collection-files
Bot Position In Pipeline: Sink
Retrieve collection data from objectstore location.
This bot expects a Restricted CFXQL.
Each parameter may be specified using '=' operator and AND logical operation
Following are the parameters expected for this Bot
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| path_column* | Text | Column name that contains path to object in Objectstore bucket. | |
| groups | Text | comma separated collection groups to retrieve from device. | |
| return_success_groups | Text | no | Retrieve only successful groups from the device collection. |
| concurrent_discovery | Text | 10 | Number of workers to run in parallel. |
Bot @asset-discovery:update-outputs-purge-policy
Bot Position In Pipeline: Source
Update the purge policy for output files from minio.
This bot expects a Restricted CFXQL.
Each parameter may be specified using '=' operator and AND logical operation
Following are the parameters expected for this Bot
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| retention_days* | Text | 15 | Number of days to retain the output files in objectstore. |