Overview

The Secure Shell (SSH) monitor facilitates agentless discovery of SSH-enabled devices.

Linux flavors

The following Linux flavors are supported:

  • Ubuntu
  • Debian
  • CentOS
  • Fedora
  • SUSE
  • OpenSUSE
  • Red Hat Enterprise Server
  • Oracle Server
  • Amazon Linux

Components discovered

The gateway discovers the following data:

  • Basic device details such as OS, Mac, Make, Model and Serial No.
  • BIOS information
  • CPU processor information
  • Physical disk drives
  • Logical disk drives
  • Network cards information
  • Video cards information
  • Services
  • Installed applications

Pre-requisites

  • Before starting the discovery process for SSH-enabled devices, provide valid credentials (SSH keys) and IP addresses of SSH-base machines.
  • OpsRamp Gateway must be installed.

Agentless SSH Discovery

Agentless discovery uses a Linux gateway instead of an agent to discover SSH-enabled resources.

  1. Install the gateway.
  2. Create a discovery profile.
  3. Scan the devices.

Configure and Install a Linux Integration

  1. From All Clients, select a client.
  2. Go to Setup > Account.
  3. Select the Integrations and Apps tab.
  4. The Installed Integrations page, where all the installed applications are displayed.
    Note: If there are no installed applications, it will navigate to the Available Integrations and Apps page.
  5. Click + ADD on the Installed Integrations page. The Available Integrations and Apps page displays all the available applications along with the newly created application with the version.
    Note: You can even search for the application using the search option available. Also you can use the All Categories option to search.
Dell PowerFlex
  1. Click ADD in Linux OS - Agentless.
  2. In the Configurations page, click + ADD. The Add Configuration page appears.
  3. Enter the below mentioned BASIC INFORMATION:
FunctionalityDescription
NameEnter the name for the integration.
Host Name/IP AddressHost name or the IP address provided from the installation.
SSH CredentialSelect an existing credential or create a new credential.
(Optional) Click + ADD to create a new credential. In the ADD CREDENTIAL window that appears, enter the following information:
  • Name - Enter the name.
  • Description - Provide a description.
  • Authentication Type - The Password or Keypair option is available. For the password option, enter the username, password, and confirm password fields. For the keypair option, upload a file through the Upload via file option or provide a link through the Already has a link option.
  • User Name (mandatory) - Enter the username.
  • Password - Enter the password. To ensure that you have typed the correct password, click the eye icon to view the password that you entered.
  • Confirm Password - Reenter the password. To ensure that you have typed the correct password, click the eye icon to view the password that you entered.
  • SSH Key Passphrase - Enter the passphrase. To ensure that you have typed the correct passphrase, click the eye icon to view the passphrase that you entered.
  • Confirm SSH Key Passphrase - Reenter the passphrase. To ensure that you have typed the correct passphrase, click the eye icon to view the passphrase that you entered.
  • Secure - Select the option based on your preference.
  • Port - Enter the port number - 22
  • Connection Timeout(ms) - Enter a value.
  • Click ADD.
Discover only SSH enabled devicesIf you choose this option, only SSH enabled devices are discovered.
Perform ActionsSelect the Manage Device checkbox, to manage the devices. The +Query option is displayed.
  • Use queries to filter the resources you want to manage.
    Note: If you do not select the Manage Device option, the devices will be in the discovered state.
  1. In the Discovery Schedule section, select Recurrence Pattern to add one of the following patterns:
    • None: Select this option, If you don’t want to schedule the discovery.
    • Minutes: Select this option, If you want to apply the discovery on a minute basis. You can configure this option by choosing: Every minute.
    • Hourly: Select this option, If you want to apply the discovery on hourly basis. You can configure this option by choosing: Every hour.
    • Daily: Select this option, If you want to apply the discovery daily. You can configure this option by choosing: Every Weekday (Mon-Friday) or Everyday.
    • Weekly: Select this option, If you want to apply the discovery on a weekly basis. Configure weekly schedule by selecting: Time preference, Starting date, and Days.
    • Monthly: Select this option if you only want to apply discovery on a monthly basis. Configure this by selecting: Time preference, Starting date, and number of days in a month.
  2. Click ADD.
  3. Now the integration is saved and displayed on the configurations page after you save it. From the same page, you are able to Edit and Remove the created configuration.
Edit and Remove Options
  1. Click Next.
  2. (Optional) Click +ADD to create a new collector by providing a name or use the pre-populated name.
Veeam
  1. Select an existing registered profile.
Veeam
  1. Click FINISH.

The application is installed and displayed on the INSTALLED INTEGRATION page. Use the search field to find the installed integration.

Modify an Installed Integration or Application

View the Linux OS - Agentless Details

Navigate to Infrastructure > Resources > Server. You can go to the Attributes tab to view the below discovery details:

Basic Information

FunctionalityDescription
Device TypeDevice Type Information
Resource TypeResource Type information
OSOperating System information
Host NameThe name of the Host
DNS NameDNS Name
IP AddressIP Address
Mac AddressMac Address information
MakeMake of the device
ModelModel number of the device
DescriptionDescription of the device.
Serial NumberSerial number information.

More Information

FunctionalityDescription
OS ArchitectureInformation related to Operating System architecture.

Hardware Information

The below mentioned attributes are displayed against each component:

ComponentAttributes
Device InfoDevice Type
Make
Model
Domain Name
RAM
BIOS InfoDNS Name
Description
System Caption
BIOS Name
BIOS version
CPUProcessor
Processor Name
Manufacturer
Power Management
Family
L2 Cache Size
Max Clock Speed
Data Width
Number Of Cores
Physical Disk Drive DetailsName
Model
Manufacturer
Partitions
Media Type
Logical Disk Drive DetailsDrive Caption
Drive Name
Total Space (GB)
File System
Video Cards-
Network InformationName
IP Address
MAC Address
DHCP Status
OOB Interface Cards-

Permissions Required and Commands Used

AttributeCommandPermission
KERNEL_NAMEunameRoot permission is not required.
SYSTEM_INFORMATION_ALLuname -aRoot permission is not required.
LSB_RELEASE_ALLlsb_release -aRoot permission is not required.
OS_NAME/etc/os-release | grep PRETTY_NAMERoot permission is not required.
OS_VERSIONlsb_release -rsRoot permission is not required.
OS_DISTRIBUTION_IDlsb_release -isRoot permission is not required.
CPU_INFORMATION_ALL/proc/cpuinfo | grep -i 'processor\\|vendor_id\\|cpu family\\|model name\\|cpu MHz\\|cpu cores\\|power management'Root permission is not required.
PROCESSOR_SPEEDlscpu | grep -i mhzRoot permission is not required.
PROCESSOR_TYPElscpu | grep -i 'model name'Root permission is not required.
PROCESSOR_COUNTlscpuRoot permission is not required.
PROCESSOR_WIDTHlshw -C cpu | grep 'bus info\\|width'Root permission is not required.
PROCESSOR_L2_CACHE_SIZE/sys/devices/system/cpu/cpu/cache/index2/sizeRoot permission is not required.
WHOAMIwhoamiRoot permission is not required.
HOST_ADDRESSESdomainname -iRoot permission is not required.
ALL_HOST_ADDRESSESdomainname -IRoot permission is not required.
DNS_DOMAIN_NAMEdomainname -dRoot permission is not required.
LONG_HOST_NAMEdomainname -fRoot permission is not required.
SHORT_HOST_NAMEdomainname -sRoot permission is not required.
DNS_SERVERS/etc/resolv.confRoot permission is not required.
DEFAULT_GATEWAY_BY_ROUTEroute -nRoot permission is not required.
DEFAULT_GATEWAY_BY_IPip route showRoot permission is not required.
DEFAULT_GATEWAY_BY_NETSTATnetstat -rnRoot permission is not required.
DEFAULT_GATEWAY_BY_IFCFG_FILE_PATH/etc/sysconfig/network-scripts/ifcfg-eth0Root permission is not required.
DEFAULT_GATEWAY_BY_NETWORK_INTERFACES_FILE_PATH/etc/network/interfacesRoot permission is not required.
MEM_INFOgrep MemTotal /proc/meminfoRoot permission is not required.
ASSET_TAG_FILE_PATH/sys/class/dmi/id/chassis_asset_tagRoot permission is not required.
HOSTNAMEhostname -sRoot permission is not required.
HOSTNAME_WITH_DOMAIN_INFOhostname -fRoot permission is not required.
DOMAIN_INFOhostname -dRoot permission is not required.
NETWORK_INTERFACES_NAMES/sys/class/netRoot permission is not required.
NETWORK_INTERFACE_STATUS/sys/class/net//operstateRoot permission is not required.
NETWORK_INTERFACE_MACADDRESS/sys/class/net//addressRoot permission is not required.
NETWORK_INTERFACE_IPADDRESSip addr show | grep 'inet ' |Awk '{print $2}' | cut -f1 -d'/'Root permission is not required.
RPM_SOFTWARE_INSTALLED_APPLICATIONSrpm -qa --queryformat \"{'name' : '\"%{NAME}\"', 'architecture' : '\"%{ARCH}\"', 'version' : '\"%{VERSION}\"', 'release': '\"%{RELEASE}\"', 'installdate' : '\"%{INSTALLTIME:date}\"', 'size' : '\"%{SIZE}\"', 'vendor' : '\"%{VENDOR}\"','summary' : '\"%{SUMMARY}\"'\\},\\n\"Root permission is not required.
DEBIAN_SOFTWARE_INSTALLED_APPLICATIONSdpkg-query --show -f='{\"package\" : \"${Package}\", \"version\" : \"${Version}\", \"installedsize\" : \"${Installed-Size}\", \"comments\" : \"${Comments}\"},\\n'Root permission is not required.
PHYSICAL_DISK_VENDOR_AND_MODELcat /sys/class/block//device/{vendoR,model}Root permission is not required.
PHYSICAL_DISK_PARTITIONScat /proc/partitions | grep '[0-9]'Root permission is not required.
PHYSICAL_DISK_MEDIA_TYPE_PATH1cat /sys/block//removableRoot permission is not required.
PHYSICAL_DISK_MEDIA_TYPE_PATH2cat /proc/ide//removableRoot permission is not required.
LOGICAL_DISK_DETAILScat /etc/mtab | grep /[sh][d][a-z]Root permission is not required.
LOGICAL_DISK_SPACE_DETAILSdf -h | grep /[sh][d][a-z]Root permission is not required.
BASE_BOARD_MANUFACTURER_FILE_PATH/sys/class/dmi/id/board_vendorRoot permission is not required.
BASE_BOARD_PRODUCT_NAME_FILE_PATH/sys/class/dmi/id/board_nameRoot permission is not required.
SYSTEM_MANUFACTURER_FILE_PATH/sys/class/dmi/id/sys_vendorRoot permission is not required.
SYSTEM_PRODUCT_NAME_FILE_PATH/sys/class/dmi/id/product_nameRoot permission is not required.
BIOS_VERSION_FILE_PATH/sys/class/dmi/id/bios_versionRoot permission is not required.
BIOS_RELEASE_DATE_FILE_PATH/sys/class/dmi/id/bios_dateRoot permission is not required.
BIOS_VENDOR_FILE_PATH/sys/class/dmi/id/bios_vendorRoot permission is not required.
BASE_BOARD_SERIAL_NUMBER_FILE_PATH/sys/class/dmi/id/board_serialRoot permission is required.
SYSTEM_SERIAL_NUMBER_FILE_PATH/sys/class/dmi/id/chassis_serialRoot permission is required.
SYSTEM_PRODUCT_UUID_FILE_PATH/sys/class/dmi/id/product_uuidRoot permission is required.

Use Case

Behavior of Linux OS - Agentless discovery

Assume you have 40 resources that are divided as follows:

  • For 10 resources, SSHD enabled with credentials 1
  • For 5 resources, SSHD enabled with credentials 2
  • For 25 resources, SSHD is not enabled

Scenario-1: Create a configuration with credentials 1

  • If “Discover only SSH enabled devices” option enabled: Only the 10 resources of credentials 1 will get discovered with valid data (OS, Make, and Model).
  • If “Discover only SSH enabled devices” option disabled: 10 resources of credentials 1 will get discovered with valid data (OS, Make, and Model) and 25 resources for which SSHD not enabled will get discovered with resource type as Other.

Scenario-2: Create a configuration with credentials 2

  • If “Discover only SSH enabled devices” option enabled: Only the 5 resources of credentials 2 will get discovered with valid data (OS, Make, and Model).
  • If “Discover only SSH enabled devices” option disabled: 5 resources of credentials 2 will get discovered with valid data (OS, Make, and Model) and 25 resources for which SSHD not enabled will get discovered with resource type as Other.

Scenario-3: Create a configuration with credentials 3 (invalid credentials)

  • If “Discover only SSH enabled devices” option enabled: No resource will be discovered.
  • If “Discover only SSH enabled devices” option disabled: All 40 resources will get discovered with resource type as Other.