19ed3d9747
* Update config.yml these are used internally in cisco ucs blade chassis, there is no reason i can think of to collect these. * update config.yml, ignore ii1/1/1 interfaces nexus 9000's have controllers to control whatever they run between their asics. for some reason they get exposed over snmp, but they are only needed in the internal fabric. as such, ignore them. (they are actually called ii*/*/*, no fancy long names for them as for most other interfaces, if you want to find out more you'll need to google "higig2")
491 lines
12 KiB
YAML
491 lines
12 KiB
YAML
# This is the main configuration file for Netdisco web and backend apps
|
||
#
|
||
# DO NOT EDIT THIS FILE
|
||
#
|
||
# Overrides should go to ~/environments/deployment.yml
|
||
# See App::Netdisco::Manual::Configuration for explanations
|
||
|
||
# ----------------
|
||
# GENERAL SETTINGS
|
||
# ----------------
|
||
|
||
log: 'warning'
|
||
logger_format: '[%P] %U %L %m'
|
||
include_paths: []
|
||
template_paths: []
|
||
site_local_files: false
|
||
external_databases: []
|
||
|
||
# ------------
|
||
# WEB FRONTEND
|
||
# ------------
|
||
|
||
domain_suffix: ""
|
||
no_auth: false
|
||
suggest_guest: false
|
||
navbar_autocomplete: true
|
||
trust_remote_user: false
|
||
trust_x_remote_user: false
|
||
#ldap:
|
||
# servers: []
|
||
# user_string: 'MYDOMAIN\%USER%'
|
||
# base: ""
|
||
# proxy_user: ""
|
||
# proxy_pass: ""
|
||
# opts:
|
||
# debug: 3
|
||
# tls_opts: {}
|
||
path: '/'
|
||
web_plugins:
|
||
- Inventory
|
||
- Report::PortVLANMismatch
|
||
- Report::PortAdminDown
|
||
- Report::PortBlocking
|
||
- Report::PortMultiNodes
|
||
- Report::PortSsid
|
||
- Report::PortUtilization
|
||
- Report::ApChannelDist
|
||
- Report::ApClients
|
||
- Report::ApRadioChannelPower
|
||
- Report::HalfDuplex
|
||
- Report::DeviceAddrNoDNS
|
||
- Report::DeviceByLocation
|
||
- Report::InventoryByModelByOS
|
||
- Report::DeviceDnsMismatch
|
||
- Report::DevicePoeStatus
|
||
- Report::DuplexMismatch
|
||
- Report::IpInventory
|
||
- Report::ModuleInventory
|
||
- Report::Netbios
|
||
- Report::NodeMultiIPs
|
||
- Report::NodeVendor
|
||
- Report::NodesDiscovered
|
||
- Report::SsidInventory
|
||
- Report::VlanInventory
|
||
- Report::SubnetUtilization
|
||
- Report::PortLog
|
||
- AdminTask::JobQueue
|
||
- AdminTask::NodeMonitor
|
||
- AdminTask::Topology
|
||
- AdminTask::PollerPerformance
|
||
- AdminTask::PseudoDevice
|
||
- AdminTask::SlowDevices
|
||
- AdminTask::UndiscoveredNeighbors
|
||
- AdminTask::OrphanedDevices
|
||
- AdminTask::DuplicateDevices
|
||
- AdminTask::TimedOutDevices
|
||
- AdminTask::UserLog
|
||
- AdminTask::Users
|
||
- Search::Device
|
||
- Search::Node
|
||
- Search::VLAN
|
||
- Search::Port
|
||
- Device::Details
|
||
- Device::Ports
|
||
- Device::Modules
|
||
- Device::Neighbors
|
||
- Device::Addresses
|
||
extra_web_plugins: []
|
||
sidebar_defaults:
|
||
search_node:
|
||
stamps: { default: checked }
|
||
deviceports: { default: checked }
|
||
show_vendor: { default: null }
|
||
archived: { default: null }
|
||
partial: { default: null }
|
||
age_invert: { default: null }
|
||
daterange: { default: null }
|
||
mac_format: { default: IEEE }
|
||
search_port:
|
||
partial: { default: null }
|
||
uplink: { default: null }
|
||
ethernet: { default: checked }
|
||
search_device:
|
||
matchall: { default: checked }
|
||
device_ports:
|
||
c_admin: { label: 'Port Controls', default: null, idx: 0 }
|
||
c_port: { label: 'Port', default: checked, idx: 1 }
|
||
c_descr: { label: 'Description', default: null, idx: 2 }
|
||
c_comment: { label: 'Last Comment', default: null, idx: 3 }
|
||
c_type: { label: 'Type', default: null, idx: 4 }
|
||
c_duplex: { label: 'Duplex', default: null, idx: 5 }
|
||
c_lastchange: { label: 'Last Change', default: null, idx: 6 }
|
||
c_name: { label: 'Name', default: checked, idx: 7 }
|
||
c_speed: { label: 'Speed', default: null, idx: 8 }
|
||
c_error: { label: 'Error Message', default: null, idx: 9 }
|
||
c_mac: { label: 'Port MAC', default: null, idx: 10 }
|
||
c_mtu: { label: 'MTU', default: null, idx: 11 }
|
||
c_pvid: { label: 'Native VLAN', default: checked, idx: 12 }
|
||
c_vmember: { label: 'VLAN Membership', default: checked, idx: 13 }
|
||
c_power: { label: 'PoE', default: null, idx: 14 }
|
||
c_ssid: { label: 'SSID', default: null, idx: 15 }
|
||
c_nodes: { label: 'Connected Nodes', default: null, idx: 16 }
|
||
c_neighbors: { label: 'Connected Devices', default: checked, idx: 17 }
|
||
c_stp: { label: 'Spanning Tree', default: null, idx: 18 }
|
||
c_up: { label: 'Status', default: null, idx: 19 }
|
||
mac_format: { default: IEEE }
|
||
n_inventory: { label: 'Inventory Data', default: checked, idx: 0 }
|
||
n_detailed_inventory: { label: 'Detailed Inventory', default: null, idx: 1 }
|
||
n_age: { label: 'Age Stamp', default: null, idx: 2 }
|
||
n_ip4: { label: 'IPv4 Addresses', default: checked, idx: 3 }
|
||
n_ip6: { label: 'IPv6 Addresses', default: checked, idx: 4 }
|
||
n_netbios: { label: 'NetBIOS Name', default: checked, idx: 5 }
|
||
n_ssid: { label: 'SSID', default: checked, idx: 6 }
|
||
n_vendor: { label: 'Vendor', default: null, idx: 7 }
|
||
n_archived: { label: 'Archived Data', default: null, idx: 8 }
|
||
age_num: { default: 3 }
|
||
age_unit: { default: months }
|
||
device_netmap:
|
||
showips: { default: null }
|
||
showspeed: { default: null }
|
||
mapshow: { default: neighbors }
|
||
colorby: { default: speed }
|
||
dynamicsize: { default: checked }
|
||
report_moduleinventory:
|
||
fruonly: { default: checked }
|
||
matchall: { default: checked }
|
||
report_portutilization:
|
||
age_num: { default: 3 }
|
||
age_unit: { default: months }
|
||
device_port_col_idx_left: 0
|
||
device_port_col_idx_mid: 2
|
||
device_port_col_idx_right: -1
|
||
jobqueue_refresh: 10
|
||
safe_password_store: true
|
||
reports: []
|
||
system_reports:
|
||
- tag: portserrordisabled
|
||
label: 'Error Disabled Ports'
|
||
category: Port
|
||
columns:
|
||
- { ip: Device }
|
||
- { dns: DNS }
|
||
- { port: Port }
|
||
- { name: Description }
|
||
- { reason: Reason }
|
||
query: |
|
||
SELECT dp.ip, d.dns, dp.port, dp.name, properties.error_disable_cause AS reason
|
||
FROM device_port dp
|
||
INNER JOIN device_port_properties properties USING (ip, port)
|
||
LEFT JOIN device d USING (ip)
|
||
WHERE properties.error_disable_cause IS NOT NULL
|
||
ORDER BY dp.ip, dp.port
|
||
table_pagesize: 10
|
||
table_showrecordsmenu:
|
||
- [10, 25, 50, 100, '-1']
|
||
- [10, 25, 50, 100, 'All']
|
||
vlanctl: true
|
||
portctl_nameonly: false
|
||
portctl_nophones: false
|
||
portctl_vlans: false
|
||
portctl_uplinks: false
|
||
port_control_reasons:
|
||
address: 'Address Allocation Abuse'
|
||
copyright: 'Copyright Violation'
|
||
dos: 'Denial of Service'
|
||
bandwidth: 'Excessive Bandwidth'
|
||
polling: 'Excessive Polling of DNS/DHCP/SNMP'
|
||
noserv: 'Not In Service'
|
||
exploit: 'Remote Exploit Possible'
|
||
compromised: 'System Compromised'
|
||
other: 'Other'
|
||
resolved: 'Issue Resolved'
|
||
check_userlog: true
|
||
devport_vlan_limit: 150
|
||
login_logo: ""
|
||
defanged_admin: 'admin'
|
||
|
||
# -------------
|
||
# NETDISCO CORE
|
||
# -------------
|
||
|
||
# mibhome is discovered from environment
|
||
# mibdirs defaults to contents of mibhome
|
||
host_groups:
|
||
__ANY__:
|
||
- 'any'
|
||
__LOCAL_ADDRESSES__:
|
||
- '::1'
|
||
- 'fe80::/10'
|
||
- '127.0.0.0/8'
|
||
host_group_displaynames: {}
|
||
device_identity: []
|
||
community: []
|
||
community_rw: []
|
||
device_auth: []
|
||
get_community: ""
|
||
bulkwalk_off: false
|
||
bulkwalk_no: []
|
||
bulkwalk_repeaters: 20
|
||
nonincreasing: false
|
||
snmpver: 3
|
||
snmptimeout: 3000000
|
||
snmpretries: 2
|
||
snmp_remoteport: {}
|
||
devices_no: []
|
||
devices_only: []
|
||
discover_no: []
|
||
discover_only: []
|
||
discover_no_type:
|
||
- '(?i)phone'
|
||
- '(?i)(?:wap|wireless)'
|
||
discover_min_age: 0
|
||
macsuck_no: []
|
||
macsuck_only: []
|
||
macsuck_all_vlans: false
|
||
macsuck_no_unnamed: false
|
||
macsuck_no_vlan:
|
||
- 'fddi-default'
|
||
- 'token-ring-default'
|
||
- 'fddinet-default'
|
||
- 'trnet-default'
|
||
- 'fcoe-vsan-4048'
|
||
- 'SAM-vlan-boot'
|
||
- 'SAM-vlan-appliance-management'
|
||
- 'SAM-vlan-management'
|
||
macsuck_no_devicevlan: []
|
||
macsuck_unsupported: []
|
||
macsuck_unsupported_type: []
|
||
macsuck_bleed: false
|
||
macsuck_min_age: 0
|
||
snmpforce_v1: []
|
||
snmpforce_v2: []
|
||
snmpforce_v3: []
|
||
arpnip_no: []
|
||
arpnip_only: []
|
||
arpnip_min_age: 0
|
||
nbtstat_no: []
|
||
nbtstat_only: []
|
||
nbtstat_max_age: 7
|
||
nbtstat_interval: 0.02
|
||
nbtstat_response_timeout: 1
|
||
node_freshness: 0
|
||
expire_devices: 60
|
||
expire_nodes: 90
|
||
expire_nodes_archive: 60
|
||
expire_jobs: 14
|
||
expire_nodeip_freshness: null
|
||
store_wireless_clients: true
|
||
store_modules: true
|
||
ignore_interfaces:
|
||
- 'EOBC'
|
||
- 'unrouted VLAN(?: \d+)?'
|
||
- 'StackPort'
|
||
- 'Control Plane Interface'
|
||
- 'SPAN (S|R)P Interface'
|
||
- 'StackSub-.*'
|
||
- 'StackPort\d+'
|
||
- 'netflow'
|
||
- 'Vlan\d+-mpls layer'
|
||
- 'BRI\S+-Bearer Channel'
|
||
- 'BRI\S+-Physical'
|
||
- 'BRI\S+-Signalling'
|
||
- 'Embedded-Service-Engine\d+\/\d+'
|
||
- 'Virtual-Template\d+'
|
||
- 'Virtual-Access\d+'
|
||
- '(E|T)\d \d\/\d\/\d'
|
||
- 'InLoopback0'
|
||
- 'NULL\d'
|
||
- 'Register-Tunnel\d'
|
||
- 'Blade-Aggregation\d'
|
||
- 'M-GigabitEthernet\d/\d/\d'
|
||
- 'Ethernet(?:-| )QOS Packet Schedu?ler'
|
||
- 'Ethernet(?:-| )WFP (?:802\.3|Native) MAC Layer Lightweight Filter'
|
||
- 'ii\d\/\d\/\d+'
|
||
ignore_private_nets: false
|
||
reverse_sysname: false
|
||
phone_capabilities:
|
||
- '(?i:phone)'
|
||
phone_platforms:
|
||
- '(?i:mitel.5\d{3})'
|
||
wap_capabilities:
|
||
- 'wlanAccessPoint'
|
||
wap_platforms:
|
||
- '(?i:\bw?ap\b)'
|
||
- 'cisco\s+AIR-[L|C]?AP'
|
||
- '-K9W8-'
|
||
|
||
# --------------
|
||
# BACKEND DAEMON
|
||
# --------------
|
||
|
||
workers:
|
||
tasks: 'AUTO * 2'
|
||
timeout: 600
|
||
sleep_time: 1
|
||
min_runtime: 0
|
||
max_deferrals: 10
|
||
retry_after: '7 days'
|
||
queue: PostgreSQL
|
||
|
||
# 50 minutes
|
||
jobs_stale_after: 3000
|
||
|
||
dns:
|
||
max_outstanding: 50
|
||
hosts_file: '/etc/hosts'
|
||
no: ['group:__LOCAL_ADDRESSES__','169.254.0.0/16']
|
||
|
||
schedule:
|
||
discoverall:
|
||
when: '5 7 * * *'
|
||
macwalk:
|
||
when:
|
||
min: 20
|
||
arpwalk:
|
||
when:
|
||
min: 50
|
||
nbtwalk:
|
||
when: '0 8,13,21 * * *'
|
||
expire:
|
||
when: '30 23 * * *'
|
||
|
||
job_prio:
|
||
high:
|
||
- location
|
||
- contact
|
||
- portcontrol
|
||
- portname
|
||
- vlan
|
||
- power
|
||
normal:
|
||
- discoverall
|
||
- discover
|
||
- arpwalk
|
||
- arpnip
|
||
- macwalk
|
||
- macsuck
|
||
- nbtwalk
|
||
- nbtstat
|
||
- expire
|
||
- stats
|
||
|
||
worker_plugins:
|
||
- 'Arpnip'
|
||
- 'Arpnip::Nodes'
|
||
- 'Arpnip::Subnets'
|
||
- 'Arpwalk'
|
||
- 'Contact'
|
||
- 'Delete'
|
||
- 'Discover'
|
||
- 'Discover::CanonicalIP'
|
||
- 'Discover::Entities'
|
||
- 'Discover::Neighbors'
|
||
- 'Discover::Neighbors::Routed'
|
||
- 'Discover::PortPower'
|
||
- 'Discover::PortProperties'
|
||
- 'Discover::Properties'
|
||
- 'Discover::VLANs'
|
||
- 'Discover::Wireless'
|
||
- 'Discover::WithNodes'
|
||
- 'DiscoverAll'
|
||
- 'DumpConfig'
|
||
- 'Expire'
|
||
- 'ExpireNodes'
|
||
- 'Graph'
|
||
- 'Location'
|
||
- 'Macsuck'
|
||
- 'Macsuck::Nodes'
|
||
- 'Macsuck::WirelessNodes'
|
||
- 'Macwalk'
|
||
- 'MakeRancidConf'
|
||
- 'NodeMonitor'
|
||
- 'Nbtstat'
|
||
- 'Nbtstat::Core'
|
||
- 'Nbtwalk'
|
||
- 'PortControl'
|
||
- 'PortName'
|
||
- 'Power'
|
||
- 'Psql'
|
||
- 'Renumber'
|
||
- 'Show'
|
||
- 'Stats'
|
||
- 'Vlan'
|
||
- 'Vlan::Core'
|
||
|
||
extra_worker_plugins: []
|
||
# - Discover::ConfigBackup::CLI
|
||
|
||
driver_priority:
|
||
restconf: 500
|
||
netconf: 400
|
||
eapi: 300
|
||
cli: 200
|
||
snmp: 100
|
||
|
||
# ---------------
|
||
# GraphViz Export
|
||
# ---------------
|
||
|
||
graph:
|
||
# ---- Graph Settings ----
|
||
edge_color : wheat
|
||
|
||
graph : 'graph/netmap.gif'
|
||
graph_png : 'graph/netmap.png'
|
||
graph_bg : black
|
||
graph_clusters : false # try fdp layout
|
||
graph_color : white
|
||
graph_default : png
|
||
#graph_dir : net_dir.gif
|
||
graph_epsilon : 6
|
||
graph_layout : twopi # try neato or fdp too
|
||
graph_map : 'graph/netmap.map'
|
||
graph_overlap : scale
|
||
graph_nodesep : 2
|
||
graph_ranksep : .3
|
||
graph_raw : 'graph/graph_raw.dot'
|
||
graph_splines : false
|
||
graph_svg : 'graph/netmap.svg'
|
||
graph_timeout : 90
|
||
graph_x : 30
|
||
graph_y : 30
|
||
|
||
node_fillcolor : dimgrey
|
||
node_font : lucon
|
||
node_fontsize : 46.0
|
||
node_fontcolor : white
|
||
node_problem : red
|
||
node_shape : box
|
||
node_style : filled
|
||
#edge_style : setlinewidth(10)
|
||
|
||
# ---- Node Maps ----
|
||
# variable:matching pattern:node attribute:attribute value:key:key name
|
||
#node_map:
|
||
# - 'label:cat(?!-g):fillcolor:blue:cat:Blue Box - Catalyst Device'
|
||
# - 'label:-g:fillcolor:darkgreen:dev-g:Green Box - Gateway / Router'
|
||
# - 'ip:^192.168\.:color:yellow:dev:Yellow Border - ResNet'
|
||
|
||
# ---------------
|
||
# DANCER INTERNAL
|
||
# ---------------
|
||
|
||
charset: 'UTF-8'
|
||
warnings: false
|
||
show_errors: false
|
||
logger: 'console'
|
||
engines:
|
||
netdisco_template_toolkit:
|
||
encoding: 'utf8'
|
||
start_tag: '[%'
|
||
end_tag: '%]'
|
||
PRE_CHOMP: 1
|
||
INCLUDE_PATH: []
|
||
layout: 'main'
|
||
plugins:
|
||
Auth::Extensible:
|
||
no_api_change_warning: true
|
||
no_default_pages: true
|
||
no_login_handler: true
|
||
realms:
|
||
users:
|
||
provider: 'App::Netdisco::Web::Auth::Provider::DBIC'
|
||
schema_name: 'netdisco'
|
||
session: 'cookie'
|
||
session_cookie_key: 'this_will_be_overridden_on_webapp_startup'
|
||
template: 'netdisco_template_toolkit'
|
||
route_cache: true
|
||
appname: 'Netdisco'
|
||
behind_proxy: false
|