Discovery - Using SNMP only behavior for network device ranges

Ravish Shetty
Tera Guru

‎08-06-2019 10:22 AM

hi all,

I am using SNMP only behaviour for the network device and the good thing is that I see fewer warnings (which reduces the noise) and the same number of devices discovered (compared to non behaviour discovery) for a given range which has network devices only (that's what I assume).

let me know if there is any issue with this or something that I need to be aware of.

 

find_real_file.png

Preview file
62 KB
0 Helpfuls
  • 2,026 Views
6 REPLIES 6

VaranAwesomenow
Mega Sage

‎08-06-2019 10:29 AM

Nice approach, dont see any issue with it, but in order to make use of load balancing capability of the behavior, I would add more than one midserver in the behavior functionality.

 

FYI, it is also possible to have a single behavior with different behavior functionalities to handle windows and non windows devices, if the IP range is not specific to a device type.

https://docs.servicenow.com/bundle/london-it-operations-management/page/product/discovery/reference/...

Checkout Varan awesomenow youtube channel for more learning videos!
0 Helpfuls

Ryan Zulli
ServiceNow Employee
ServiceNow Employee

‎08-06-2019 12:19 PM

Hi Ravish,

  when you say "reduce noise" I believe you are referring to the SSH authentication errors when discovering network gear right?  This is due to two things...1) on most network gear the management port is 22, which triggers our SSH classification, and 2) how we Prioritize our classification ports. 

If you answered yes - read on, if not please let me know what you meant by "reduce noise" ::

If you go to Discovery Definition --> Port Probes and use the Gear to modify your list view to include a field called "Classification Priority"

here you'll notice that 1 = WMI / 2 = SSH / 3 = snmp, in this case our best practice is to switch 2 and 3, that way SNMP will trigger  first, and being UDP (stateless) it will not throw an error.

 

Let me know if this helps.

Thanks,

-Ryan

Ravish Shetty
Tera Guru
In response to Ryan Zulli

‎08-08-2019 10:11 AM

yes, I was referring to the SSH warnings. first, we tried with changing the classification priority but it still didn't work for us.

 

find_real_file.png

Preview file
30 KB
Preview file
25 KB
0 Helpfuls

anusha_narapura
Tera Expert

‎08-06-2019 10:57 PM

Hi Ravish, The phase should be 1 instead of 100 to avoid Unix classify probe and have only SNMP Classify Probe. This is the only thing i see here. 

Regards,

Anusha