topic Re: R80.10: Hosts Discovery and creation in API / CLI Discussion

R80.10: Hosts Discovery and creation

Nicolas_Boisse — Wed, 26 Jul 2017 20:10:28 GMT

Here a new way to save times... Automatic hosts discovery and creation. Know what is going on in your network!

Let's discover some hosts!

How it works: Basically, from the management server (via the cprd_util command), I get the arp table from a gateway. With this info, I create a .csv file.

Subsequently, I import the csv file into the R80 management with the command "mgmt_cli --batch file.csv". If the object already exists, it will not be created. This is supported by "mgmt_cli --batch".

In the definition of the object, I include the following information with relevant comments: IP, Name, MAC address, behind which network interface of the fw, name of the firewall, timestamp.

All the information created here is retrieve via the arp file and automatically create with mgmt_cli:

I also add 2 tags (new feature of R80). This allows quick searches in object list:

For example, if I search for objects behind the eth2 interface:

Searching for all object related to a particular gateway:

EXÉCUTION:

3 options to run the script:

1- Command line in expert mode:

2- With a cronjob at every 5 minutes:

3- Directly from the SmartConsole:

Go to Gateway and server view:

Create a new script and give a name, save and publish the change :

Run the script :

Two arguments are required. Gateway name and IP address of the gateway. Optional third argument: groupe name. If you specify a group name, all the discovered hosts will be added to that group. If you don’t, a group called "Discovered" will be created with all discovered hosts added to it.

Run the script:

Important Note: You must run the script on the management object because of the API calls.

This is a basic example of what we can do via the API and R80. I believe this will be useful when deploying a new gateway and administrator need to discover what is going on…

Hope this helps!

Happy scripting!

Re: R80.10: Hosts Discovery and creation

Moti — Fri, 04 Aug 2017 03:49:13 GMT

Awesome !!

Re: R80.10: Hosts Discovery and creation

Chris_Hoff — Thu, 28 Dec 2017 20:28:51 GMT

Nicolas Boisse I think this is a great script and could be very useful - especially in newer deployments.

Looking at the script I'm not sure if the "validading" portion looks for both the name and the IP and unique instances of one or the other. Would not want to create additional, unnecessary, objects.

A thought, why not pull the IP to host name using something like nslookup in order to provide a better object name. It could still be given a "discovered host" tag and/or be added to the discovered hosts group in order to distinguish between user created vs discovered object. This could help an administrator when viewing logs - rather than seeing "HostDiscovered_IP" they would see a network name that may be more useful to them.

Last thought to bother you with - can you give some other examples where this may be useful. The obvious one is with a new deployment where you quickly want to add hosts for use in the policy. I notice you gave the example of a cronjob running at 5 minute intervals - how would this be useful other than finding new hosts over a period of time?