Skip to main content
Version: 11.1

Run a Device Discovery

Introduction

One of Resolve Insights’ key features is the ability to discover various types of devices in your environment.

You can use device discovery to identify devices that exist in your infrastructure and collect detailed information about the devices and their parent-child connections. Depending on what you want from a discovery scan and what devices you are working with, you can choose from various discovery types. Once discovered, the devices are added to the inventory table.

Discover devices in your Data Center

The network device discovery is performed by using various connection types:

  • SNMP: It is used to discover network devices and provides basic inventory details. Discovery will attempt SNMP queries only if the SNMP is enabled on the target host.

    caution

    Discovery of compute devices over SNMP is not recommended in most environments, as it can create device duplicates in the topology. Use it at your own risk.

    Normally, the discovery of compute devices happens over protocols such as SSH or Telnet. If, however, these protocols are disabled in your network, you might want to enable discovery over SNMP.

    Take these steps on each DC node in your cluster to enable SNMP discovery of compute devices:

    1. Log in to the node as root.
    2. Open /opt/meridian/dc/var/fsdc/conf/netra.conf for editing. Replace /opt/meridian with your actual installation path.
    3. Set snmp_compute_blocked to False.
    4. Restart the meridian service:
      service meridian-dc stop
      service meridian-dc start

  • SSH: It is used to discover network devices and UNIX servers.

  • Telnet: It is another mechanism to connect to the devices and collect device configuration information.

  • Windows: It is used mainly to discover Windows servers and Hyper-V and to collect details and device configuration information.

  • API: It is used to connect to 3rd party APIs and collect device data through them. See APIs for details about the supported APIs.

  • Custom Configuration: It is used to discover devices from types that are not in the supported devices list. See Configuration for details about how to define your own type of device.

Create a Single Discovery

The single discovery applies a single set of protocols and service accounts to the selected IP settings.

  1. Ensure that the correct organization and site are selected from the secondary header. The discovery process will be executed under the selected organization and site, and the results will be stored under the respective inventory.

  2. Navigate to Discovery > Device Discovery

  3. Click + Add Discovery and select Single

  4. Choose Local from the discovery type dropdown list

  5. Enter the discovery Name

  6. Choose the data collection protocols - SNMP, SSH, Telnet, Windows, API, and Custom Configuration. You can choose one or multiple connectors in a single request.

    • Select one or multiple service accounts (if any) from the drop-down list. See Service Accounts for details.
    • For the API connection type, you need to specify the API type by selecting it from the drop-down list.
    • For the Custom Configuration, you need to specify the custom device configuration, created in the custom device configuration.

  7. Click the Open button under the IP Settings to choose the discovery scope. You can

    • Range - Use this option to discover one or more IPv4 ranges. Add multiple ranges with the plus (+) button.
    • Subnet - Use this option to discover one or more IPv4 subnets. Add multiple subnets with the plus (+) button.
    • FQDN/IP - Use this option to discover a specific device or set of devices by providing a comma-separated list of FQDNs, IPv4, or IPv6 addresses. If you specify both the IPv4 and IPv6 address of a single device, it is still discovered as a single device.
    note

    For Cisco Meraki API type, you don't need to specify the discovery scope. The discovery will collect all available data based on the provided API key and URL.

  8. (Optional) Choose additional discovery settings:

    • Ignore Past Credentials - Use this option to override earlier credentials for the already discovered devices.
    • Ignore Discovered Devices - Use this option to discover only new devices and not to scan for already existing ones. You can specify which exact devices to skip.
    • Ignore Ping Reachability - Use this option to continue with the discovery even if the device is not pingable. Usually, the discovery process will check first which devices have a ping, and only for them, will proceed and perform discovery with the chosen connection type. Devices that have ping only are considered as not discovered and are not included in the inventory.

  9. (Optional) Select Schedule to create a discovery that will be triggered at a later time and will be executed periodically. You can specify a start time, an end time, and a recurrence interval of the schedule.

  10. Click Create

Create a Bulk Discovery

The bulk discovery applies different sets of protocols and service accounts to different IP settings within the same request.

  1. Ensure that the correct organization and site are selected from the secondary header. The discovery process will be executed under the selected organization and site, and the results will be stored under the respective inventory.
  2. Navigate to Discovery > Device Discovery
  3. Click + Add Discovery and select Bulk
  4. Enter the discovery Name
  5. Choose the data collection protocols - SNMP, SSH, Telnet, Windows, and API. Select one or multiple service accounts (if any) from the drop-down list.
  6. Select the IP Settings for the discovery scope - Range or FQDN/IP.
  7. (Optional) Select Schedule to create a discovery that will be triggered at a later time and will be executed periodically. You can specify a start time, an end time, and a recurrence interval of the schedule.
  8. (Optional) Ignore Past Credentials - Use this option to override earlier credentials for the already discovered devices.
  9. (Optional) Ignore Ping Reachability - Use this option to continue with the discovery even if the device is not pingable. Usually, the discovery process will check first which devices have a ping, and only for them, will proceed and perform discovery with the chosen connection type. Devices that have ping only are considered not discovered and are not included in the inventory.
  10. Add more protocols for different sets of IP Settings by selecting the plus (+) button.
  11. Click Create
note

The maximum number of devices included in a single bulk request is 3000.

Discover devices in your Cloud

Resolve Insights supports discoveries in Azure and AWS cloud providers.

Azure cloud discovery

The Azure cloud discovery uses the Azure API to discover VMs and load balancers in single or multiple regions/locations.

  1. Ensure that the correct organization and site are selected from the secondary header. The discovery process will be executed under the selected organization and site, and the results will be stored under the respective inventory.

  2. Navigate to Discovery > Device Discovery

  3. Click + Add Discovery and select Single

  4. Choose Cloud from the discovery type dropdown list

  5. Enter the discovery Name

  6. Open the Azure option and select one or multiple Service Account/s (if any) from the drop-down list. See Service Accounts for details.

    note

    The Azure subscription used for the discovery needs to have read access to the Microsoft Graph API for that user so that it can call Microsoft.Compute/virtualMachines and Microsoft.Network/loadBalancers APIs.

  7. (Optional) Select Schedule to create a discovery that will be triggered at a later time and will be executed periodically. You can specify a start time, an end time, and a recurrence interval of the schedule.

  8. Click Create

Navigate to the Inventory table and apply a filter on Reachable List = AZURE_API to find all devices discovered by the Azure discovery request. The discovered devices are:

  • Virtual Machines - Linux & Windows OS
  • Load Balancers
note

No links are shown after an Azure API discovery in the Topology menu. Devices are shown under the Un-Linked Devices icon.

AWS cloud discovery

The AWS cloud discovery uses the AWS API to discover VMs, storage, gateways, and load balancers in single or multiple regions/locations.

The discovery of AWS devices goes in two steps - first, run an AWS cloud discovery to find the devices and add them to the inventory table, and then run an SSH/Windows discovery for the compute devices to collect details and services.

AWS cloud discovery:

  1. Ensure that the correct organization and site are selected from the secondary header. The discovery process will be executed under the selected organization and site, and the results will be stored under the respective inventory.
  2. Navigate to Discovery > Device Discovery
  3. Click + Add Discovery and select Single
  4. Choose Cloud from the discovery type dropdown list
  5. Enter the discovery Name
  6. Open the AWS option and select one or multiple Service Account/s (if any) from the drop-down list. See Service Accounts for details.
note

The IAM credentials used for the discovery need to have these minimum IAM Policies to read the configured AWS Services in the selected region/s.

  • AmazonAPIGatewayInvokeFullAccess
  • AmazonEC2ReadOnlyAccess
  • AmazonVPCReadOnlyAccess
  • AmazonS3ReadOnlyAccess
  1. (Optional) Select Schedule to create a discovery that will be triggered at a later time and will be executed periodically. You can specify a start time, an end time, and a recurrence interval of the schedule.
  2. Click Create

Navigate to the Inventory table and apply a filter on Reachable List = AWS_CLOUDWATCH to find all devices discovered by the AWS discovery request. The discovered devices are:

  • EC2 instances - Linux & Windows OS
  • S3 storages
  • Subnet Gateways - Gateway for each subnet identified by the associated IPv4 address
  • VPCs - Not as a separate device, but details are shown in the attached VMs
  • ELB Classic - Classic Load balancers, which fall into the ELB & ELBv2 category - ELB, Application ELB, Network ELB

SSH/Windows discovery:

Insights uses SSH to perform in-guest discovery of Linux-based EC2 instances and pyWMI to perform in-guest discovery of Windows-based EC2 instances.

  1. Ensure that the correct organization and site are selected from the secondary header. The discovery process will be executed under the selected organization and site, and the results will be stored under the respective inventory.
  2. Navigate to Discovery > Device Discovery
  3. Click + Add Discovery and select Single
  4. Choose Local from the discovery type dropdown list
  5. Enter the discovery Name
  6. Choose the data collection protocols - SSH or Windows - depending on the VM to discover.
    • Select one or multiple service accounts from the drop-down list. The service account should have an SSH key (or password) taken from the EC2 instance details.
  7. Click the Open button under the IP Settings
    • Select FQDN/IP and enter the public IP of the VMs.
  8. Select the Ignore Ping Reachability option
  9. Click Create

The device will be updated in the Inventory with more information about the hostname, model, SSH/pyWMI will be added to the reachability list, the service details will be updated, etc.

In AWS, the EC2 Key pair is used for OS connection by default. Insights use a key pair file (.pem) associated with the EC2 instance to establish a connection between the Data Collector and the EC2 instance. Insights allow users to create a service account to add key pair file (.pem) content and use the created service account to perform in-guest discovery.

note

Insights Data Collector (DC) requires access via HTTP to an AWS region-specific endpoint to connect with the AWS Cloud for discovery and data collection. Most Amazon Web Services offer a Regional endpoint used to make API requests. It can be any endpoint URL ending with *amazonaws.com.

  • VMs: https://ec2.<REGION>.amazonaws.com
  • S3 Buckets: https://s3.<REGION>.amazonaws.com
  • ELBs: https://elasticloadbalancing.<REGION>.amazonaws.com
  • Cloudwatch: https://monitoring.<REGION>.amazonaws.com
note

No links are shown after an AWS API discovery in the Topology menu. Devices are shown under the Un-Linked Devices icon.

Operations with discoveries

Once the device discovery is created, you can perform several operations.

  • Find discovery - On the Device Discovery page, you will see a list of all completed network device discoveries. You can see the discoveries that are currently running, by switchig from the COMPLETE to the IN_PROGRESS toggle. By default, you will see only the list of NETWORK_DISCOVERY, that are scheduled to be executed in your data center. You can select AWS_DISCOVERY or AZURE_DISCOVERY from the discovery type drop-down list.

    note

    The scheduled discovery requests are automatically moved to the IN_PROGRESS tab when the schedule starts, and to the COMPLETE tab when they complete.

  • View discovery details - On the Device Discovery page, you can see basic information about each discovery job - the job ID, name, status, last executed time, recurring interval, job progress, etc.

    • Click the discovery Name to see details about the discovery properties, such as the credentials used for this discovery, and the IP pool for which this discovery was created.
    • Click the Preview Devices (info) icon under the Actions column for a discovery to see the scanned devices, basic information about them, the connector status that was attempted, and the last time the device was discovered by this particular discovery request.

  • Search discovery by device IP - By clicking on the Search IP button, you can search for a discovery that should have scanned a particular IP. Enter a valid IPv4 address in the search field, and you will get a list of discovery jobs that have been created for this particular IP, and basic information for each of them. Click the Preview Devices (info) icon next to each job to see the details for the entire discovery job.

  • Re-run a discovery - If a discovery is already completed, you can re-run it with the same parameters by clicking the Rediscover button under the Actions column for the respective discovery. You can choose to change some of the additional discovery options. The credentials previously entered are already available in the Resolve Insights database, and the system is updated with the changes.

    note

    If you choose to re-run a scheduled discovery, it will create a discovery with the same options but will be executed only once. You can't create a new schedule by choosing rediscovery.

  • Start/stop a discovery - If you want to temporarily stop the execution of any scheduled discovery without the need to delete and create it again, you can do that by using the Start/Pause buttons under the Action column next to the discovery. When started, the discovery starts from the last point it was stopped.

  • Delete a discovery - You can easily delete any discovery, regardless of its type and status, by clicking the Delete (trashbin) icon from the Action column next to the discovery.

  • Exclude devices from discovery - You exclude unwanted assets from being discovered by adding them to the exclude IP list