Summary of opAddress information collection
...
Interface listing for each host
- IP address
- Subnet Mask
- interface details such as type and speed
- Subnet information which is inferred from the above - when/if the subnet is scanned this also generates an IP address for every possible IP in the subnet
- Device name
- Location information
- Gateways - if the device has two or more interfaces and has location information it is added as a gateway for it's subnets.
NOTES
...
for OAE \ NMIS imports (as of release 1.0.5)
- The time and frequency of the import is controlled through cron (/etc/cron.d/opaddress) the default being at 01:11 and 01:21.
- OpenAudit must be Enterprise edition as we make use of the API feature for import
- Gateways are only added if they have a location
- NMIS import is only known to work with localhost not remote hosts (it may operate for opHA enabled servers but not currently tested ver1.0.5
NOTES for opAddress 2.0.0
- Open-AudIT must have a query with the name opAddress in order for opAddress to import Open-AudIT information. This query will be built in to Open-AudIT as at the next release after May 2021. If you do not have this query, but do have opAddress 2.0.0 and want to import Open-AudIT data, please see opAddress 2.0 -> Open-AudIT 4.x Query for importing.
30 minute interval subnet_scan process
Every IP address in every known subnet is pinged
- This is done in batches of 50 addresses to limit impact
- The kick of the batch process is what creates "Addresses" in the address table if they do not already exist.
- At the end of each scan batch the ARP tables of the gateways for that subnet are queried for MAC addresses and these MACs are created as endpoints
If a live IP is found
The address "Operational Status" is changed to "reachable"
The address "Administrative Status" is changed - what it changes to is configurable in opCommon.nmis / 'opaddress_default_address_state'. I recommend changing this to "allocated" from the default undef/"unkonwn"
The address is associated with an endpoint / MAC address found from the ARP entry / endpoint table
At the end of the subnet_scan the DNS lookups are completed for the live IPs to attempt to find a name.
NOTES
:- The subnet will only be scanned if it's "admin status" is "allocated" or "unallocated"
- auto added subnets default to Allocated
- manually added subnets default to unknown or rather the dropdown when adding subnets manually defaults to unknown.
- If you do not want an automatically added subnet to be scanned then change the admin status to something such as delegated or unmanaged.
- An IP address will NOT be pinged if the address has had it's "administrative status" changed to "unmanaged", "delegated" or "reserved"
- The subnet will only be scanned if it's "admin status" is "allocated" or "unallocated"
...