Credential-less discovery not creating CI
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-27-2025 10:02 AM
I have a subnet of IP Phones that I need to discover. I have credential-less discovery enabled and I can see (in the discovery status) that "Pattern Launcher: Credentialless Discovery Network Device" is launched.
In the discovery log, I see:
2025-02-27 10:39:15: setAttribute(hostIP,<ip address redacted>)
2025-02-27 10:39:15: setAttribute(ports,21,22,23,25,53,80,110,111,135,137,139,161,162,199,389,427,443,445,515,548,631,636,902,993,1414,1443,1521,2049,3306,5060,5432,5480,5666,5985,5986,5989,7001,7500,8080,9080,9100,9440,9443,9443,10000,50000)
2025-02-27 10:39:15: setAttribute(command,HostDiscovery)
2025-02-27 10:39:15: Running local command: "C:\MidServer\ServiceNow MID Server <mid server name>\agent\nmap\nmap.exe" -Pn -PS -PA -O -p 21,22,23,25,53,80,110,111,135,137,139,161,162,199,389,427,443,445,515,548,631,636,902,993,1414,1443,1521,2049,3306,5060,5432,5480,5666,5985,5986,5989,7001,7500,8080,9080,9100,9440,9443,10000,50000 --datadir "C:\MidServer\ServiceNow MID Server <mid server name>\agent\nmap\safeScripts" -oX - 2>"C:\MidServer\ServiceNow MID Server <mid server name>\agent\nmap\commandResults\9d87a120990022102ff3f338cff9f16d-1081377968497800.xml" -T4 -v -Pn -r --reason --system-dns <ip address redacted>
2025-02-27 10:39:15: Command response:
2025-02-27 10:39:15: Running local command: "C:\MidServer\ServiceNow MID Server <mid server name>\agent\nmap\nmap.exe" -sT -Pn -p 21,22,23,25,53,80,110,111,135,137,139,161,162,199,389,427,443,445,515,548,631,636,902,993,1414,1443,1521,2049,3306,5060,5432,5480,5666,5985,5986,5989,7001,7500,8080,9080,9100,9440,9443,10000,50000 --datadir "C:\MidServer\ServiceNow MID Server <mid server name>\agent\nmap\safeScripts" -T4 -v -Pn -r --reason --system-dns -oX - 2>"C:\MidServer\ServiceNow MID Server <mid server name>\agent\nmap\commandResults\9d87a120990022102ff3f338cff9f16d-1081377968497800.xml" <ip address redacted>
2025-02-27 10:40:35: Command response: <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///C:/MidServer/ServiceNow MID Server <mid server name>/agent/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap OEM 7.94 scan initiated Thu Feb 27 10:39:15 2025 as: "C:\\MidServer\\ServiceNow MID Server <mid server name>\\agent\\nmap\\nmap.exe" -sT -Pn -p 21,22,23,25,53,80,110,111,135,137,139,161,162,199,389,427,443,445,515,548,631,636,902,993,1414,1443,1521,2049,3306,5060,5432,5480,5666,5985,5986,5989,7001,7500,8080,9080,9100,9440,9443,10000,50000 --datadir "C:\\MidServer\\ServiceNow MID Server <mid server name>\\agent\\nmap\\safeScripts" -T4 -v -Pn -r --reason --system-dns -oX - <ip address redacted> -->
<nmaprun scanner="nmap" args=""C:\\MidServer\\ServiceNow MID Server <mid server name>\\agent\\nmap\\nmap.exe" -sT -Pn -p 21,22,23,25,53,80,110,111,135,137,139,161,162,199,389,427,443,445,515,548,631,636,902,993,1414,1443,1521,2049,3306,5060,5432,5480,566
2025-02-27 10:40:35: Exception occurred while executing operation Credentialless Discovery Command Using Nmap. Custom operation Failed to run script due to the following error: JAVASCRIPT_CODE_FAILURE: com.snc.sw.exception.CommandFailureException: Internal error. Error unable to delete Nmap command error result file: C:\MidServer\ServiceNow MID Server <mid server name>\agent\nmap\commandResults\9d87a120990022102ff3f338cff9f16d-1081377968497800.xml
2025-02-27 10:40:35: Execution time: 80620 ms
I verified the MID server record shows nmap version 7.94 is installed and in the ecc queue, I see:
{
"result": {
"ip": "<ip address redacted>",
"active": true,
"alive": true,
"hostName": null,
"domainName": null,
"scanners": [
{
"result": "open",
"service": "snmp",
"protocol": "udp",
"name": "SNMP",
"port": "161",
"portProbe": "snmp",
"contents": {
"snmp_version": "3"
},
"scanners": [],
"hostName": null,
"domainName": null
},
{
"result": "timed_out",
"service": "winrm_ssl",
"protocol": "tcp",
"name": "HTTPS",
"port": "5986",
"portProbe": "winrm_ssl",
"contents": {},
"scanners": [],
"hostName": null,
"domainName": null
},
{
"result": "open",
"service": "ssh",
"protocol": "tcp",
"name": "SSH",
"port": "22",
"portProbe": "ssh",
"contents": {
"banner_text": "SSH-2.0-X",
"banner_bytes": ".53.53.48.2d.32.2e.30.2d.58.0d.0a."
},
"scanners": [],
"hostName": null,
"domainName": null
},
{
"result": "refused",
"service": "ms-nb-ns",
"protocol": "udp",
"name": "NBT",
"port": "137",
"portProbe": "wins",
"contents": {},
"scanners": [],
"hostName": null,
"domainName": null
},
{
"result": "refused",
"service": "epmap",
"protocol": "tcp",
"name": "GenericTCP",
"port": "135",
"portProbe": "wmi",
"contents": {},
"scanners": [],
"hostName": null,
"domainName": null
},
{
"result": "refused",
"service": "slp",
"protocol": "udp",
"name": "SLP",
"port": "427",
"portProbe": "slp",
"contents": {},
"scanners": [],
"hostName": null,
"domainName": null
},
{
"result": "refused",
"service": "wbem_https",
"protocol": "tcp",
"name": "GenericTCP",
"port": "5989",
"portProbe": "wbem",
"contents": {},
"scanners": [],
"hostName": null,
"domainName": null
},
{
"result": "unresolved",
"service": "dns",
"protocol": "udp",
"name": "DNS",
"port": "53",
"portProbe": "dns",
"contents": {},
"scanners": [],
"hostName": null,
"domainName": null
},
{
"result": "open",
"service": "http",
"protocol": "tcp",
"name": "HTTP",
"port": "80",
"portProbe": "http",
"contents": {
"response_code": "400",
"Server": "nginx",
"http_version": "HTTP/1.1",
"response_text": "Bad Request"
},
"scanners": [],
"hostName": null,
"domainName": null
},
{
"result": "open",
"service": "https",
"protocol": "tcp",
"name": "HTTP",
"port": "443",
"portProbe": "http",
"contents": {
"response_code": "400",
"Server": "nginx",
"http_version": "HTTP/1.1",
"response_text": "Bad Request"
},
"scanners": [],
"hostName": null,
"domainName": null
}
]
},
"ecc_queue": "d577e564eb402650dfe4f984cad0cdc3",
"errMsgs": [],
"status": {
"valid": true,
"sysID": "f767a564eb402650dfe4f984cad0cd49",
"number": "DIS0010708",
"scheduleID": null,
"jobID": null,
"discover": "CIs",
"include": null,
"description": "Discover CI",
"createdOn": "2025-02-27 17:38:51",
"updatedOn": "2025-02-27 17:38:51",
"useSnmpVersion": "undefined",
"source": "Quick_Discovery",
"priority": "1",
"includeAlive": false,
"logStateChanges": true,
"scratchpad": {
"behavior:0": 1,
"unique": "bf67a564eb402650dfe4f984cad0cd92"
}
}
}
Any idea why I am not getting a CI?
0 REPLIES 0