I sat down recently to set up a lab environment again after years without one, and previously blogged about how incredibly easy the basic setup of discovery (MID Server Host, MID Server, Discovery schedule) was.
I described that basic setup, which took approximately 30 minutes, here.
The purpose of doing all this, really, is as of a means to an end really. It's foundational stuff that needs to be in place to enable me to get access to and more deeply understand how more sophisticated capabilities work. If they are underpinned by discovery, and the CMDB though - I need to get that all in place first.
A key difference between the results I see, and those that you would see doing this in real enterprise environment is that my network is totally flat. Effectively 1 network, 1 subnet, no firewalls - until you get to my broadband router.
That means I don't have any network level restrictions on what can be accessed. Should there be appropriate credentials, I should get some useful intel.
What did my discover actually find though? The answer was 45 devices; and only one classified. My HP ENVY colour printer.
I decided that since it took so little time to get this far, I'd see if I could improve on that a bit. To do that, I'm going to provide a couple of credentials for my lab servers themselves; they are running Linux.
I would love to get credential-less working too, but all the docs I could find refer to windows only. It might be possible to get credential-less working through a linux mid server, but after a little bit of reading and experimentation, it seems it is not at all easy. One for another day then.
I added credentials for my none root user 'rich', and made sure that user had sudo/nopasswd access to run dmidecode/lsof, as per the docs. Then reran the schedule.
With credentials in place, we now have classification of and CIs created for my two linux servers. I can see all the info I'd expect to get back with a discovery:-
It includes all the related records for the network, storage, software installs, running processes, Ips, etc.
The next step I want to take is to get information from my two Windows PCs. For that, I'm going to experiment with something different though: DEX. More on that another day.
