Overview
The Secure Shell (SSH) monitor facilitates agentless discovery of SSH-enabled devices.
Linux flavors
The following Linux flavors are supported:
- Ubuntu
- Debian
- CentOS
- Fedora
- SUSE
- OpenSUSE
- Red Hat Enterprise Server
- Oracle Server
- Amazon Linux
Components discovered
The gateway discovers the following data:
- Basic device details such as OS, Mac, Make, Model and Serial No.
- BIOS information
- CPU processor information
- Physical disk drives
- Logical disk drives
- Network cards information
- Video cards information
- Services
- Installed applications
Pre-requisites
- Before starting the discovery process for SSH-enabled devices, provide valid credentials (SSH keys) and IP addresses of SSH-base machines.
- OpsRamp Gateway must be installed.
Agentless SSH Discovery
Agentless discovery uses a Linux gateway instead of an agent to discover SSH-enabled resources.
- Install the gateway.
- Create a discovery profile.
- Scan the devices.
Configure and Install a Linux Integration
- From All Clients, select a client.
- Go to Setup > Account.
- Select the Integrations and Apps tab.
- The Installed Integrations page, where all the installed applications are displayed.
Note: If there are no installed applications, it will navigate to the Available Integrations and Apps page. - Click + ADD on the Installed Integrations page. The Available Integrations and Apps page displays all the available applications along with the newly created application with the version.
Note: You can even search for the application using the search option available. Also you can use the All Categories option to search.
- Click ADD in Linux OS - Agentless.
- In the Configurations page, click + ADD. The Add Configuration page appears.
- Enter the below mentioned BASIC INFORMATION:
Functionality | Description |
---|---|
Name | Enter the name for the integration. |
Host Name/IP Address | Host name or the IP address provided from the installation. |
SSH Credential | Select an existing credential or create a new credential. (Optional) Click + ADD to create a new credential. In the ADD CREDENTIAL window that appears, enter the following information:
|
Discover only SSH enabled devices | If you choose this option, only SSH enabled devices are discovered. |
Perform Actions | Select the Manage Device checkbox, to manage the devices. The +Query option is displayed.
|
- In the Discovery Schedule section, select Recurrence Pattern to add one of the following patterns:
- None: Select this option, If you don’t want to schedule the discovery.
- Minutes: Select this option, If you want to apply the discovery on a minute basis. You can configure this option by choosing: Every minute.
- Hourly: Select this option, If you want to apply the discovery on hourly basis. You can configure this option by choosing: Every hour.
- Daily: Select this option, If you want to apply the discovery daily. You can configure this option by choosing: Every Weekday (Mon-Friday) or Everyday.
- Weekly: Select this option, If you want to apply the discovery on a weekly basis. Configure weekly schedule by selecting: Time preference, Starting date, and Days.
- Monthly: Select this option if you only want to apply discovery on a monthly basis. Configure this by selecting: Time preference, Starting date, and number of days in a month.
- Click ADD.
- Now the integration is saved and displayed on the configurations page after you save it. From the same page, you are able to Edit and Remove the created configuration.
- Click Next.
- (Optional) Click +ADD to create a new collector by providing a name or use the pre-populated name.
- Select an existing registered profile.
- Click FINISH.
The application is installed and displayed on the INSTALLED INTEGRATION page. Use the search field to find the installed integration.
Modify an Installed Integration or Application
See Modify an Installed Integration or Application article.
Note: Select the Linux OS - Agentless application.
View the Linux OS - Agentless Details
Navigate to Infrastructure > Resources > Server. You can go to the Attributes tab to view the below discovery details:
Basic Information
Functionality | Description |
---|---|
Device Type | Device Type Information |
Resource Type | Resource Type information |
OS | Operating System information |
Host Name | The name of the Host |
DNS Name | DNS Name |
IP Address | IP Address |
Mac Address | Mac Address information |
Make | Make of the device |
Model | Model number of the device |
Description | Description of the device. |
Serial Number | Serial number information. |
More Information
Functionality | Description |
---|---|
OS Architecture | Information related to Operating System architecture. |
Hardware Information
The below mentioned attributes are displayed against each component:
Component | Attributes |
---|---|
Device Info | Device Type |
Make | |
Model | |
Domain Name | |
RAM | |
BIOS Info | DNS Name |
Description | |
System Caption | |
BIOS Name | |
BIOS version | |
CPU | Processor |
Processor Name | |
Manufacturer | |
Power Management | |
Family | |
L2 Cache Size | |
Max Clock Speed | |
Data Width | |
Number Of Cores | |
Physical Disk Drive Details | Name |
Model | |
Manufacturer | |
Partitions | |
Media Type | |
Logical Disk Drive Details | Drive Caption |
Drive Name | |
Total Space (GB) | |
File System | |
Video Cards | - |
Network Information | Name |
IP Address | |
MAC Address | |
DHCP Status | |
OOB Interface Cards | - |
Permissions Required and Commands Used
Attribute | Command | Permission |
---|---|---|
KERNEL_NAME | uname | Root permission is not required. |
SYSTEM_INFORMATION_ALL | uname -a | Root permission is not required. |
LSB_RELEASE_ALL | lsb_release -a | Root permission is not required. |
OS_NAME | /etc/os-release | grep PRETTY_NAME | Root permission is not required. |
OS_VERSION | lsb_release -rs | Root permission is not required. |
OS_DISTRIBUTION_ID | lsb_release -is | Root permission is not required. |
CPU_INFORMATION_ALL | /proc/cpuinfo | grep -i 'processor\\|vendor_id\\|cpu family\\|model name\\|cpu MHz\\|cpu cores\\|power management' | Root permission is not required. |
PROCESSOR_SPEED | lscpu | grep -i mhz | Root permission is not required. |
PROCESSOR_TYPE | lscpu | grep -i 'model name' | Root permission is not required. |
PROCESSOR_COUNT | lscpu | Root permission is not required. |
PROCESSOR_WIDTH | lshw -C cpu | grep 'bus info\\|width' | Root permission is not required. |
PROCESSOR_L2_CACHE_SIZE | /sys/devices/system/cpu/cpu | Root permission is not required. |
WHOAMI | whoami | Root permission is not required. |
HOST_ADDRESSES | domainname -i | Root permission is not required. |
ALL_HOST_ADDRESSES | domainname -I | Root permission is not required. |
DNS_DOMAIN_NAME | domainname -d | Root permission is not required. |
LONG_HOST_NAME | domainname -f | Root permission is not required. |
SHORT_HOST_NAME | domainname -s | Root permission is not required. |
DNS_SERVERS | /etc/resolv.conf | Root permission is not required. |
DEFAULT_GATEWAY_BY_ROUTE | route -n | Root permission is not required. |
DEFAULT_GATEWAY_BY_IP | ip route show | Root permission is not required. |
DEFAULT_GATEWAY_BY_NETSTAT | netstat -rn | Root permission is not required. |
DEFAULT_GATEWAY_BY_IFCFG_FILE_PATH | /etc/sysconfig/network-scripts/ifcfg-eth0 | Root permission is not required. |
DEFAULT_GATEWAY_BY_NETWORK_INTERFACES_FILE_PATH | /etc/network/interfaces | Root permission is not required. |
MEM_INFO | grep MemTotal /proc/meminfo | Root permission is not required. |
ASSET_TAG_FILE_PATH | /sys/class/dmi/id/chassis_asset_tag | Root permission is not required. |
HOSTNAME | hostname -s | Root permission is not required. |
HOSTNAME_WITH_DOMAIN_INFO | hostname -f | Root permission is not required. |
DOMAIN_INFO | hostname -d | Root permission is not required. |
NETWORK_INTERFACES_NAMES | /sys/class/net | Root permission is not required. |
NETWORK_INTERFACE_STATUS | /sys/class/net/ | Root permission is not required. |
NETWORK_INTERFACE_MACADDRESS | /sys/class/net/ | Root permission is not required. |
NETWORK_INTERFACE_IPADDRESS | ip addr show | Root permission is not required. |
RPM_SOFTWARE_INSTALLED_APPLICATIONS | rpm -qa --queryformat \"{'name' : '\"%{NAME}\"', 'architecture' : '\"%{ARCH}\"', 'version' : '\"%{VERSION}\"', 'release': '\"%{RELEASE}\"', 'installdate' : '\"%{INSTALLTIME:date}\"', 'size' : '\"%{SIZE}\"', 'vendor' : '\"%{VENDOR}\"','summary' : '\"%{SUMMARY}\"'\\},\\n\" | Root permission is not required. |
DEBIAN_SOFTWARE_INSTALLED_APPLICATIONS | dpkg-query --show -f='{\"package\" : \"${Package}\", \"version\" : \"${Version}\", \"installedsize\" : \"${Installed-Size}\", \"comments\" : \"${Comments}\"},\\n' | Root permission is not required. |
PHYSICAL_DISK_VENDOR_AND_MODEL | cat /sys/class/block/ | Root permission is not required. |
PHYSICAL_DISK_PARTITIONS | cat /proc/partitions | grep ' | Root permission is not required. |
PHYSICAL_DISK_MEDIA_TYPE_PATH1 | cat /sys/block/ | Root permission is not required. |
PHYSICAL_DISK_MEDIA_TYPE_PATH2 | cat /proc/ide/ | Root permission is not required. |
LOGICAL_DISK_DETAILS | cat /etc/mtab | grep /[sh][d][a-z] | Root permission is not required. |
LOGICAL_DISK_SPACE_DETAILS | df -h | grep /[sh][d][a-z] | Root permission is not required. |
BASE_BOARD_MANUFACTURER_FILE_PATH | /sys/class/dmi/id/board_vendor | Root permission is not required. |
BASE_BOARD_PRODUCT_NAME_FILE_PATH | /sys/class/dmi/id/board_name | Root permission is not required. |
SYSTEM_MANUFACTURER_FILE_PATH | /sys/class/dmi/id/sys_vendor | Root permission is not required. |
SYSTEM_PRODUCT_NAME_FILE_PATH | /sys/class/dmi/id/product_name | Root permission is not required. |
BIOS_VERSION_FILE_PATH | /sys/class/dmi/id/bios_version | Root permission is not required. |
BIOS_RELEASE_DATE_FILE_PATH | /sys/class/dmi/id/bios_date | Root permission is not required. |
BIOS_VENDOR_FILE_PATH | /sys/class/dmi/id/bios_vendor | Root permission is not required. |
BASE_BOARD_SERIAL_NUMBER_FILE_PATH | /sys/class/dmi/id/board_serial | Root permission is required. |
SYSTEM_SERIAL_NUMBER_FILE_PATH | /sys/class/dmi/id/chassis_serial | Root permission is required. |
SYSTEM_PRODUCT_UUID_FILE_PATH | /sys/class/dmi/id/product_uuid | Root permission is required. |
Use Case
Behavior of Linux OS - Agentless discovery
Assume you have 40 resources that are divided as follows:
- For 10 resources, SSHD enabled with credentials 1
- For 5 resources, SSHD enabled with credentials 2
- For 25 resources, SSHD is not enabled
Scenario-1: Create a configuration with credentials 1
- If “Discover only SSH enabled devices” option enabled: Only the 10 resources of credentials 1 will get discovered with valid data (OS, Make, and Model).
- If “Discover only SSH enabled devices” option disabled: 10 resources of credentials 1 will get discovered with valid data (OS, Make, and Model) and 25 resources for which SSHD not enabled will get discovered with resource type as Other.
Scenario-2: Create a configuration with credentials 2
- If “Discover only SSH enabled devices” option enabled: Only the 5 resources of credentials 2 will get discovered with valid data (OS, Make, and Model).
- If “Discover only SSH enabled devices” option disabled: 5 resources of credentials 2 will get discovered with valid data (OS, Make, and Model) and 25 resources for which SSHD not enabled will get discovered with resource type as Other.
Scenario-3: Create a configuration with credentials 3 (invalid credentials)
- If “Discover only SSH enabled devices” option enabled: No resource will be discovered.
- If “Discover only SSH enabled devices” option disabled: All 40 resources will get discovered with resource type as Other.