Identification section pattern error
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-12-2022 11:28 PM
Hi Friends,
I am trying to discover a network VPN devices, but its giving the below error
Identification Engine: Discovery status is FAILURE, Identification sections in pattern failed: section: discovery, error: Match step predicate is not matched. Failed Condition(s): [(${cmdb_ci_hardware[1].sys_class_name} : value=) IS NOT EMPTY ]
Can you please help me how to trouble shoot this?
Regards,
Srinivas
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-12-2022 11:45 PM
It seems like it is trying the Identification rules Hardware. But it should not. It should try to identify a network device.
Firstly check the input log of the first phase like which port is getting detected. whether it is detecting port 161 or some other port.
Ideally which table it should populate ? check that tables classification rules does it match with that device, otherwise you may to tweak that. If it gets classified correctly, it will use the correct Identification rules. Also check whether any Identification rules defined for that table or its parents table.
Firstly check these things, then we can move ahead for the next round of investigation. If possible try to involve someone from the IT team in the investigation
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-13-2022 03:34 AM
Hi Suvro,
Thanks for the reply. Its is on port 443 and i could telnet it from the midserver successfully and in the input it shows 443 port open.
Its failing at the below pattern and gave the above error.
So if i want to find exactly which table its going to update , i can find in credential less pattern only right?
Regards,
Srinivas
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-13-2022 04:01 AM
So from this I am assuming you do not have proper credentials, hence it is trying for credential less discovery. Can you check with the network team and configure a proper credential for that device.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-13-2022 04:10 AM
well 443 is for https. Port 161 is for snmp (for network devices). This port should be open.