Excluding an IP from discovery

Todd36
Mega Expert

Is there a way to exclude a specific IP from being discovered?

Use case: we have seed lists of IPs that are automatically generated that SN imports into range lists and some IPs may never actually be discovered but the attempts raise red flags on the targets. We like to keep specific IPs from being discovered.

I tried to add an IP to the MID as an exclude, see attached, but that's apparently not what it's for as it when through the discovery attempt anyway.

1 ACCEPTED SOLUTION

DaveHertel
Kilo Sage
Kilo Sage

Hi - Yes, discovery can be set to exclude IPS from jobs.  On the Disco job defintion there is IP range items... and a table for defining exclusion IPs discovery_range_item_exclude    I don't think this table is exposed in left nav by default ( but u can add it of course or make a favorite)

its a little awkward... but the process:

1. create schedule

2. create ip range for that schedule (save it)

3. drill into ip range and definition specific IPs to exclude, either singular or a range

 

EXAMPLE

find_real_file.png

 

then drill into ip range, and ADD a Discovery Range item exclusion record.  like this... where .10 thru .20 is excluded

find_real_file.png

 

which, can be seen in the exclusion table:discovery_range_item_exclude

find_real_file.png

 

DOCS: https://docs.servicenow.com/bundle/geneva-it-operations-management/page/product/discovery/task/t_Exc...

 

Hope this helps?

View solution in original post

7 REPLIES 7

DaveHertel
Kilo Sage
Kilo Sage

Hi - Yes, discovery can be set to exclude IPS from jobs.  On the Disco job defintion there is IP range items... and a table for defining exclusion IPs discovery_range_item_exclude    I don't think this table is exposed in left nav by default ( but u can add it of course or make a favorite)

its a little awkward... but the process:

1. create schedule

2. create ip range for that schedule (save it)

3. drill into ip range and definition specific IPs to exclude, either singular or a range

 

EXAMPLE

find_real_file.png

 

then drill into ip range, and ADD a Discovery Range item exclusion record.  like this... where .10 thru .20 is excluded

find_real_file.png

 

which, can be seen in the exclusion table:discovery_range_item_exclude

find_real_file.png

 

DOCS: https://docs.servicenow.com/bundle/geneva-it-operations-management/page/product/discovery/task/t_Exc...

 

Hope this helps?

Hi Dave - it appears you can't do single IPs?

find_real_file.png

Michael Ritchie
ServiceNow Employee
ServiceNow Employee

Its been years since I did this so may not be applicable anymore but... If you click into the Discovery IP Range record, there is a related list that allows you to define the exceptions.  See this Helsinki article as an example:

https://docs.servicenow.com/bundle/helsinki-it-operations-management/page/product/discovery/task/t_E...

Again I couldn't find recent version of this same article so may no longer apply or be setup in a different area.

John Krueger
Tera Contributor

Thank you for this helpful post!  I've had much success with Dave's approach in New York.  However I have about an  IP Addresses which needs to be excluded where the IP to exclude is NOT within the parent discovery range.  

For example I have 6 schedules with different Discovery Ranges but as each schedule executes they send traffic to a Aruba Clearpass server IPAddress which handles various authentication services, but this Aruba IP is on a totally different network segment.  

Would Dave's same approach work in this case?