Does credential order or affility take presidence?

tomcollins · ‎01-06-2017

I have a situation where I am successfully discovering some switches and even though there is an affinity to an SNMP credential, discovery is still attempting to discover it first using my SSH credentials. I am assuming this is because SSH is turned on in the switches. My question is, why is discovery even trying to use any SSH credentials when the affinity is with a single SNMP credential? Is credential order somehow overriding the affinity?

How do I restrict discovery to using ONLY the SNMP credential and attempting the SSH credential ONLY IF the SNMP one fails?

I checked and there is no other affinity to any other credentials other than the successful SNMP credential.

This is causing a lot of unneeded alerts on the network side for unsuccessful login attempts that I would rather avoid .

Thanks,

TC

Version: Helsinki

tomcollins · ‎01-17-2017

Jeremy, I am not available this afternoon but I would like to setup a time where we can look at this issue. Please reach out to me via email (thc1@ntrs.com) and we can setup a time where we can chat and possibily resolve this. Thanks for your and Doug's comments on this.

bobweaver_kar_ · ‎01-23-2017

Hello,

After reading both threads (this one & Pros and Cons of IP Service Affinity) I'm 90% convinced I would like to change SNMP to fire first and SSH afterwards (I've got a security team hounding me). However, I'm left wondering about Linux servers that we want to classify with SSH that have SNMP enabled with a valid credential. I'm starting to test, but wanted to ask if we would lose the valuable information that the SSH probes provide for linux servers?

doug_schulze · ‎01-23-2017

Bob,

You wont have a worry there, we have no SNMP Classifiers for compute so even if your unix/linux hosts respond to the SNMP Classify probe, there are no classifiers for it to match. With no match, it will then move onto the SSH classifier (as defined in the classification priority) and discover it as expected!