Skip to main content
Version: 11.0

Run a Device Discovery

One of Resolve Insights’ key features is the ability to discover various types of devices in your environment.

You can use device discovery to identify devices that exist in your infrastructure and collect detailed information about the devices and their parent-child connections. Depending on what you want from a discovery scan and what devices you are working with, you can choose from various discovery types. Once discovered, the devices are added to the inventory table.

Discover devices in your data center

If you have a multi-site infrastructure, containing data centers in different locations, you can choose to discover devices in only one of the locations or to create a discovery that will collect information from all sites simultaneously.

In both cases, the discovery is performed by using various connection types:

  • SNMP: It is used to discover network devices and provides basic inventory details. Discovery will attempt SNMP queries only if the SNMP is enabled on the target host.

    caution

    Discovery of compute devices over SNMP is not recommended in most environments as it can create device duplicates in the topology. Use it at your own risk.

    Normally, the discovery of compute devices happens over protocols such as SSH or Telnet. If, however, these protocols are disabled in your network, you might want to enable discovery over SNMP.

    Take these steps on each DC node in your cluster to enable SNMP discovery of compute devices:

    1. Log in to the node as root.
    2. Open /opt/meridian/dc/var/fsdc/conf/netra.conf for editing. Replace /opt/meridian with your actual installation path.
    3. Set snmp_compute_blocked to False.
    4. Restart the meridian service:
      service meridian-dc stop
      service meridian-dc start

  • SSH: It is used to discover network devices and UNIX servers.

  • Telnet: It is another mechanism to connect to the devices and collect device configuration information.

  • Windows: It is used mainly to discover Windows servers and Hyper-V and to collect details and device configuration information.

  • API: It is used to connect to 3rd party APIs and collect device data through them. See ::title for details about the supported APIs.

  • Custom Configuration: It is used to discover devices from types that are not in the supported devices list. See ::title for details about how to define your own type of device.

Discover devices in a single site

  1. Navigate to Discovery > Device Discovery > Local Devices

  2. Choose the Org and Site from the drop-down. The discovery process will be executed under the selected organization and site and the results will be stored under the respective inventory.

  3. Choose the data collection type - SNMP, SSH, Telnet, Windows, API, and Custom Configuration. You can choose one or multiple connectors in a single request.

  4. Under each tab, and do one of the following:

    • Select one or multiple Service Account/s (if any) from the drop-down list. See ::title for details about service accounts.
    • Manually enter credentials with which to authenticate on the device. Depending on the selected connection type, you might need to provide additional details such as URL, ports, etc.
    • For the API connection type, you need to specify the API type by selecting it from the drop-down list.
    • For the Custom Configuration, you need to specify the custom device configuration, created in the ::title.

  5. Choose the discovery scope:

    • IP Range - Use this option to discover one or more IPv4 ranges.
    • Subnet - Use this option to discover one or more IPv4 subnets.
    • FQDN/IP List - Use this option to discover a specific device or set of devices by providing a comma-separated list of FQDNs, IPv4, or IPv6 addresses. If you specify both the IPv4 and IPv6 address of a single device, it is still discovered as a single device.
      • Upload - Use this option to discover a list of more than 100 devices.
    note

    For Cisco Meraki API type, you don't need to specify the discovery scope. The discovery will collect all available data based on the provided API key and URL.

  6. (Optional) Choose additional discovery settings:

    • Ignore Past Credentials - Use this option to override earlier credentials for the already discovered devices.
    • Ignore Discovered Devices - Use this option to discover only new devices and not to scan for already existing ones. You can specify which exact devices to skip.
    • Ignore Ping Reachability - Use this option to continue with the discovery even if the device is not pingable. Usually, the discovery process will check first which devices have a ping, and only for them, will proceed and perform discovery with the chosen connection type. Devices that have ping only are considered as not discovered and are not included in the inventory.
    note

    If you want to exclude devices from discovery, please refer to exclude devices from discovery.

  7. Choose the discovery action:

    • Click Start to immediately run the discovery. It will create a job that will be automatically triggered and executed only once.
    • Click Schedule to create a discovery that will be triggered at a later time and will be executed periodically. You can specify a start time, an end time, and a recurrence interval of the schedule.
    • Click Update Credentials to update the credentials for the devices you are currently managing in Resolve Insights. This action will not trigger a discovery!

  8. Name your discovery.

Discover devices in multiple sites (bulk discovery)

  1. Navigate to Discovery > Bulk Discovery

  2. In the New section enter the required fields:

    • In Request Name enter the name of the discovery request.
    • Click the One Time button if you want this discovery to be executed only once. Otherwise, you would need to enter values for Recurring Interval and End Date.
    • Choose the Site Name from the drop-down list. It will create one row per site. You can select one or more rows (i.e. sites) to include in the bulk discovery request.
    • Enter the Start Date.
    • Enter the discovery scope by choosing one of the following methods:
      • A list of comma-separated FQDN/IP and/or IPv6 adresses
      • A from-to range by entering From IP and To IP addresses
    • Enter service accounts for each connection type you want to include in the discovery request. The bulk discovery works only with service accounts.
    note

    The maximum number of devices included in a single bulk request is 3000.

  3. Click Submit to create the bulk discovery request.

Discover devices in your cloud

Resolve Insights support discoveries in Azure and AWS cloud providers.

Azure cloud discovery

The Azure cloud discovery uses Azure API to discover VMs and load balancers in single or multiple regions/locations.

  1. Navigate to Discovery > Device Discovery > Cloud > Azure

  2. Choose the Org and Site from the drop-down. The discovery process will be executed under the selected organization and site and the results will be stored under the respective inventory.

  3. Do one of the following

    • Select one or multiple Service Account/s (if any) from the drop-down list. See ::title for details about service accounts.
    • Manually enter credentials with which to authenticate on Azure API - Subscription ID, Client ID, Client Secret, Tenant ID, and Locations
    note

    The Azure subscription used for the discovery needs to have read access to the Microsoft Graph API for that user so that it can call Microsoft.Compute/virtualMachines and Microsoft.Network/loadBalancers APIs.

  4. Choose the discovery action:

    • Click Start to immediately run the discovery. It will create a job that will be automatically triggered and executed only once.
    • Click Schedule to create a discovery that will be triggered at a later time and will be executed periodically. You can specify a start time, an end time, and a recurrence interval of the schedule.
    • Click Update Credentials to update the credentials for the Azure API. This action will not trigger a discovery!

  5. Name your discovery

A device discovery request will be created on successful submission under the In-progress tab. Upon clicking on it, a popup window with details will appear where you can see the local host successfully discovered with the AZURE_API connector.

Navigate to the Inventory table and apply a filter on Reachable List = AZURE_API to find all devices discovered by the Azure discovery request. The discovered devices are:

  • Virtual Machines - Linux & Windows OS
  • Load Balancers
note

No links are shown after an Azure API discovery in the Topology menu. Devices are shown under the Un-Linked Devices icon.

AWS cloud discovery

The AWS cloud discovery uses AWS API to discover VMs, storages, gateways, and load balancers in single or multiple regions/locations.

The Discovery of AWS devices goes in two steps - first, run an AWS cloud discovery to find the devices and add them to the inventory table, and then run an SSH/Windows discovery for the compute devices to collect details and services.

AWS cloud discovery:

  1. Navigate to Discovery > Device Discovery > Cloud > AWS
  2. Choose the Org and Site from the drop-down. The discovery process will be executed under the selected organization and site and the results will be stored under the respective inventory.
  3. Do one of the following
    • Select one or multiple Service Account/s (if any) from the drop-down list. See ::title for details about service accounts.
    • Manually enter credentials with which to authenticate on AWS API - Account Name, Access Key, Secret Key and Regions
note

The IAM credentials used for the discovery need to have these minimum IAM Policies to read configured AWS Services in selected region/s.

  • AmazonAPIGatewayInvokeFullAccess
  • AmazonEC2ReadOnlyAccess
  • AmazonVPCReadOnlyAccess
  • AmazonS3ReadOnlyAccess
  1. Choose the discovery action:
    • Click Start to immediately run the discovery. It will create a job that will be automatically triggered and executed only once.
    • Click Schedule to create a discovery that will be triggered at a later time and will be executed periodically. You can specify a start time, an end time, and a recurrence interval of the schedule.
    • Click Update Credentials to update the credentials for the AWS API. This action will not trigger a discovery!
  2. Name your discovery

A device discovery request will be created on successful submission under the In-progress tab. Upon clicking on it, a popup window with details will appear where you can see the local host successfully discovered with the AWS_CLOUDWATCH connector.

Navigate to the Inventory table and apply a filter on Reachable List = AWS_CLOUDWATCH to find all devices discovered by the AWS discovery request. The discovered devices are:

  • EC2 instances - Linux & Windows OS
  • S3 storages
  • Subnet Geteways - Gateway for each subnet identified by associated ipv4 address
  • VPCs - Not as a separate device but details are shown in attached VMs
  • ELB Classic - Classic Load balancers, which fall into the ELB & ELBv2 category - ELB, Application ELB, Network ELB

SSH/Windows discovery:

Insights uses SSH to perform in-guest discovery of Linux-based EC2 instances, and pyWMI to perform in-guest discovery of Windows-based EC2 instances.

  1. Navigate to Discovery > Device Discovery > Local Devices
  2. Choose the Org and Site from the drop-down. The discovery process will be executed under the selected organization and site and the results will be stored under the respective inventory.
  3. Choose the connection type - SSH or Windows - depending on the VM to discover.
  4. Enter the username & SSH key (or password) taken from the EC2 instance details.
  5. Enter the public IP of the VM.
  6. Choose Ignore Ping Reachability option.
  7. Click Start to immediately run the discovery

The device will be updated in the Inventory with more information about the hostname, model, SSH/pyWMI will be added to the reachability list, the service details will be updated, etc.

In AWS, the EC2 Key pair is used for OS connection by default. Insights use a key pair file (.pem) associated with the EC2 instance to establish a connection between the Data Collector and the EC2 instance. Insights allow users to create a service account to add key pair file (.pem) content and use the created service account to perform in-guest discovery.

note

Insights Data Collector (DC) requires access via HTTP to AWS region-specific endpoint to connect with AWS Cloud for discovery and data collection. Most Amazon Web Services offer a Regional endpoint used to make API requests. It can be any endpoint URL ending with *amazonaws.com.

  • VMs: https://ec2.<REGION>.amazonaws.com
  • S3 Buckets: https://s3.<REGION>.amazonaws.com
  • ELBs: https://elasticloadbalancing.<REGION>.amazonaws.com
  • Cloudwatch: https://monitoring.<REGION>.amazonaws.com
note

No links are shown after an AWS API discovery in the Topology menu. Devices are shown under the Un-Linked Devices icon.

Operations with discoveries

Once the device discovery is created, you can perform several operations.

Find the discovery

Once you navigate to the Discovery section, you will see under the Device Discovery Requests > In-progress tab a list of running local device discoveries for your default organization and site. You can choose the organization and the site from the drop-down list. You can also switch to the Completed tab to see the history of all completed discoveries.

To find your cloud discoveries, select the Cloud tab from the right and then the respective cloud provider. Then, apply the same filters on site and status.

note

The scheduled discovery requests are automatically moved to the In-progress tab when the schedule starts, and to the Completed tab when they complete.

Under each tab, you will see details about the discovery such as:

  • Discovery request ID used for detailed troubleshooting.
  • Discovery name used for easy navigation.
  • Discovery start/end date applicable for recurring discoveries, indicating when the discovery request was created and optionally an end date.
  • Discovery last started/ last completed date indicating when the discovery was last executed (started and completed). It is useful when you want to know when a scheduled discovery was last executed and how many devices it scanned last time.
  • Discovery recurring interval in human-readable format indicating how often a discovery is scheduled to run.
  • Job status with details of how many devices have been scanned during the last discovery run and what's their status.

Find a discovery by IP

If you want to know which discovery should have scanned a particular IP, you can search for a discovery job by IP.

Enter a valid IPv4 address in the search field next to the organization and site drop-down lists and click the GO button. A new window will be opened with a list of discovery jobs that have been created for this particular IP and basic information for each of them. You can click on each row to deep-dive into the discovery details.

View discovery details

You can see a summary of information about the devices, included in a particular discovery process by clicking on it from the In-progress or Completed tabs.

A new window will be opened with 2 tabs:

  • Octet View - Shows the scanned devices and their statuses in an IP table view.
  • Table View - Shows the scanned devices, basic information about them, the connector status that was attempted, and the last time when the device was discovered by this particular discovery request.

Re-run a discovery

You can re-run a completed discovery by clicking on the Replay button from the Action column next to the discovery. A new window appears where you can choose to change some of the additional discovery options. The credentials previously entered are already available in the Resolve Insights database, and the system is updated with the changes.

If you choose to re-run a scheduled discovery, it will create a discovery with the same options but will be executed only once. You can't create a new schedule by choosing rediscovery.

Start/stop a discovery

If you want to temporarily stop the execution of any scheduled discovery without the need to delete and create it again, you can do that by using the Start/Pause buttons under the Action column next to the discovery. When started, the discovery starts from the last point it was stopped.

Delete a discovery

You can easily delete any discovery regardless of its type and status by clicking the Delete button from the Action column next to the discovery.

Exclude devices from discovery

By default, Resolve Insights tries to discover all devices within your network. You can exclude unwanted assets from being discovered based on various criteria.

By device IP

Using the Exclude IP List option, you can exclude one or more IPv4 or IPv6 addresses from the discovery schedule.

  1. Navigate to Discovery > Device Discovery
  2. Click Exclude IP List button
  3. Choose the Org and Site from the drop-down.
  4. In the ADD tab, choose how to specify the list of IP addresses to exclude - IP List, Range, Subnet. The options are the same as when you're choosing a discovery scope.
  5. Click ADD button
  6. View the current list of excluded devices in the Exclude IP List tab. You can remove individual devices from the list by clicking the trash icon or you can remove multiple devices by selecting them and clicking Delete Record.

By device type

You can disable the discovery of Disks-type devices. Disks are discoverable by default.

To disable the discovery of Disks-type devices, take the following steps on each DC node in your cluster:

  1. Log in to the node as root.
  2. Open /opt/meridian/dc/var/fsdc/conf/netra.conf for editing. Replace /opt/meridian with your actual installation path.
  3. Set disable-disk_discovery to True.
  4. Restart the meridian service:
    service meridian-dc stop
    service meridian-dc start