Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: ESX discovery rules

  1. #1
    Member
    Join Date
    Feb 2012
    Location
    Slovenia
    Posts
    65

    ESX discovery rules

    Me again..
    In etc/packs/vmware/esx/discovery.cfg:
    Code:
    ### Look for a VMWare Host
    define discoveryrule {
        discoveryrule_name    ESX
        creation_type      host
        isesxhost		1
        +use           esx
    }
    What means "isesxhost 1"?
    If I run nmap_discovery_runner, this parameter doesn't come up?
    On an ESX host I get (with nmap_discovery_runner) this:

    Code:
    ./nmap_discovery_runner.py -v -t 172.20.1.164
    Got our target ['172.20.1.164']
    propose a tmppath /tmp/tmpLs2Bg8
    Launching command, sudo nmap 172.20.1.164 -sU -sT -T4 -O --traceroute -oX /tmp/tmpLs2Bg8
    Try to communicate
    Got it ('\nStarting Nmap 5.21 ( http://nmap.org ) at 2012-05-09 11:34 CEST\nNmap scan report for 172.20.1.164\nHost is up (0.00028s latency).\nNot shown: 1000 open|filtered ports, 968 filtered ports\nPORT   STATE SERVICE\n22/tcp  open  ssh\n80/tcp  open  http\n427/tcp closed svrloc\n443/tcp open  https\n902/tcp open  iss-realsecure\n903/tcp open  iss-console-mgr\n2065/tcp closed dlsrpn\n2068/tcp closed advocentkvm\n2099/tcp closed unknown\n2100/tcp closed unknown\n2103/tcp closed zephyr-clt\n2105/tcp closed eklogin\n2106/tcp closed ekshell\n2107/tcp closed unknown\n2111/tcp closed kx\n2119/tcp closed unknown\n2121/tcp closed ccproxy-ftp\n2126/tcp closed unknown\n2135/tcp closed unknown\n2144/tcp closed unknown\n2160/tcp closed unknown\n2161/tcp closed apc-agent\n2170/tcp closed unknown\n2179/tcp closed unknown\n2190/tcp closed unknown\n2191/tcp closed unknown\n2196/tcp closed unknown\n2200/tcp closed unknown\n2222/tcp closed unknown\n5989/tcp open  unknown\n8042/tcp open  unknown\n8045/tcp open  unknown\nMAC Address: 00:50:56:4B:D7:A8 (VMware)\nDevice type: general purpose\nRunning: Linux 2.4.X\nOS details: Linux 2.4.21 - 2.4.31 (likely embedded)\nNetwork Distance: 1 hop\n\nOS detection performed. Please report any incorrect results at http://nmap.org/submit/ .\nNmap done: 1 IP address (1 host up) scanned in 26.74 seconds\n', 'Warning: Traceroute does not support idle or connect scan, disabling...\n')
    Number of hosts : 1
    Can be ('Linux', '2.4.X', '100', 'general purpose', 'Linux')
    Will dump ('Linux', '2.4.X', 'general purpose', 'Linux')
    Doing name 172.20.1.164
    {'mac_vendor': 'vmware', 'parent': '', 'ip': '172.20.1.164', 'open_ports': [22, 80, 443, 902, 903, 5989, 8042, 8045], 'os_version': '2.4.x', 'os_vendor': 'linux', 'os_name': 'linux', 'host_name': '', 'os_type': 'general purpose', 'os': ('Linux', '2.4.X', 'general purpose', 'Linux'), 'os_possibilities': [('Linux', '2.4.X', '100', 'general purpose', 'Linux')]}
    Look for my parent 172.20.1.164 -> 
    172.20.1.164::isup=1
    172.20.1.164::os=linux
    172.20.1.164::osversion=2.4.x
    172.20.1.164::ostype=general purpose
    172.20.1.164::osvendor=linux
    172.20.1.164::macvendor=vmware
    172.20.1.164::openports=22,80,443,902,903,5989,8042,8045
    172.20.1.164::ip=172.20.1.164
    The same for VM machine (isesxvm).
    Is this some sort of discovery rule?

  2. #2
    Member
    Join Date
    Feb 2012
    Location
    Slovenia
    Posts
    65

    Re: ESX discovery rules

    I figured it out, for esx it is used vmware_discovery_runner, not nmap..
    Will try it out

  3. #3
    Shinken project leader
    Join Date
    May 2011
    Location
    Bordeaux (France)
    Posts
    2,131

    Re: ESX discovery rules

    Yes, nmap is unable to know if it's a VM or an ESX (both are macvendor=vmware). The only way is the Vsphere listing (it need check_esx3.pl setup ).
    No direct support by personal message. Please open a thread so everyone can see the solution

  4. #4
    Member
    Join Date
    Feb 2012
    Location
    Slovenia
    Posts
    65

    Re: ESX discovery rules

    Yes, I'm getting some results now

    If I run

    But I stumbled upon a configuration problem, that I don't know how to resolve.

    The config that i have:
    server1 - management server for vmware (running server 2003) - to this one we connect with vmware infrastructure client to manage virtual machines
    server2 - esx01
    server3 - esx03

    In macros.cfg for esx we have:
    vcenter (server1)
    vcenterlogin (login for server1)
    vcenterpassword (password for server1 )

    If I run
    Code:
    ./shinken-discovery -r vsphere -m "NMAPTARGETS=server2(esx01)"
    I get this result:
    Code:
    I'm launching vsphere with a 3600 seconds timeout
    vsphere Check 0 status:done command:/usr/local/shinken/libexec/vmware_discovery_runner.py -V management.eta-cerkno.si -u administrator -p hpinvent -r "lower|nofqdn"
    Error on run
    Got Raw disco data
    Am I missing something obvious??

    No, I'm not

    I figured it out, that it's because I put all my plugins in /usr/lib64/nagios/plugins, and this directory is also set as $PLUGINSDIR$ in resources.cfg, discovery_runner.py doesn't find check_esx3.pl.
    So I added -x $PLUGINSDIR$ to vmware discovery command in /etc/commands.cfg
    Code:
    define command{
        command_name    vmware_esx_discovery
        command_line    $USER1$/vmware_discovery_runner.py -V $VCENTER$ -u $VCENTERLOGIN$ -p $VCENTERPASSWORD$ -r "lower|nofqdn" -x $PLUGINSDIR$
    }
    Now all virtual machines and ESX servers are getting discovered.

    I will see what errors will pop up now that i have in those new 22 hosts



  5. #5
    Shinken project leader
    Join Date
    May 2011
    Location
    Bordeaux (France)
    Posts
    2,131

    Re: ESX discovery rules

    Hum yes, good catch for -x
    No direct support by personal message. Please open a thread so everyone can see the solution

  6. #6
    Member
    Join Date
    Feb 2012
    Location
    Slovenia
    Posts
    65

    Re: ESX discovery rules

    Another bug that i found with vmware discovery script:
    All detected hosts are defined with lowercase host_name.
    This could actually be ok, if discovery script would also define VM alias with REAL virtual machine name (Case sensitive!!).

    Alias - because checks for VM are using $HOSTALIAS$ as host parameter.

    Once I correctly defined aliases, checks on VM-s and esx-s are performed.

  7. #7
    Shinken project leader
    Join Date
    May 2011
    Location
    Bordeaux (France)
    Posts
    2,131

    Re: ESX discovery rules

    Hum yes, good one
    No direct support by personal message. Please open a thread so everyone can see the solution

  8. #8

    Re: ESX discovery rules

    hy,

    bug is still active , i have same problem after using Esx discovery.


    for VM :

    Mem CRITICAL29m 7s CHECK_ESX3.PL CRITICAL - VMware machine "generic-host" does not exist


    and for esx server :

    Mem CRITICAL29m 37s CHECK_ESX3.PL CRITICAL - Host "localhost" does not exist


    Could you explain me how to fix Alias bug ?

    thanks

  9. #9

    Re: ESX discovery rules

    i need to fix that for production server. Someone could help me to fix this bug ?


    thanks !

  10. #10

    Re: ESX discovery rules

    no one ? ;D

    thank in advance !

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •