01-30-2014 10:15 AM
I just enabled port scanning in my new NetMRI box. Things look good. Now I want to cause an issue to be raised for devices that have open ports that I don't like. I'm sure it's possible, I just need a hint about what to do next.
01-30-2014 08:36 PM
01-31-2014 06:25 AM
Yes, you would need a custom Perl script for this:
1. Create a custom issue in Config Mgmt > Job Mgmt > Custom Issues
2. Use a Perl script to query the device service ports API (see /api/2.8/device_ports/docs on your NetMRI); you can query that by device group and port number.
3. Raise the issue on all such devices (see /api/2.8/issue_adhocs/docs, particularly the generate_issue method).
The job engine requires that you run against a device, which is not exactly what you are trying to do here. So, you can do one of these workarounds:
1. You can run the script as an external Perl script (not using the job engine). This could be on any Perl environment, as long as you install the Perl modules. Or you could put the script on the sandbox and create a cron job, if you don't have another environment. The caveat here is you will not see the job in your Job History or anywhere in your UI for that matter. If you do this, you would omit the BatchID parameter in the generate_issue call.
2. You can run the script against each device in question. Then, you can use NetMRI_Easy to raise the issue, and in your query of device_ports you would just use the DeviceID of the specific job detail instance (ie, the one in NetMRI_Easy). This would allow you to see the job results per device in the UI. But since you would be running a separate process for each device, it puts more demand on the system.
3. You can run the script against a single (arbitrary) device, but still do the query and issue raising as in #1. This allows you to see the results in the UI, but will just run a single process. But it's a little awkward and not as easily understood by others (why is this job running against this device an not even talking to it?).
01-31-2014 07:42 AM
Good question. We used to only allow running jobs against devices that are licensed. I think you can run them against any device now; but you won't be able to interact with the device unless it is licensed. But you'll have to give it a try to be sure.
01-31-2014 07:43 AM
Hmm. Actually, I am not sure you can raise an issue against unlicensed devices. So, you may have to just email rather than use the issue functionality. Or license all the devices
01-31-2014 08:41 AM
I do know that NetMRI does create issues for unlicneded devices. I find issues for new found non network devices, but I don't know if htat is somehting we can trigger or only the core of hte system can.