• State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 38 subscribers
  • Views 1452 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

What NPM Report shows the IP addresses of specific Managed Devices? Or, how do I create a report like this?

rschroeder

Our Security Department continually probes our devices' IP interfaces, and always wants the latest list of Network Assets.  It seems that the list of devices managed by NPM is the right list to start with, when building a report for Security to receive monthly.

But I'd like to tweak such a report in a few minor ways:

  1. It should include ALL the IP addresses of a device.  A Core and a Distribution switch, and Branch Routers, will have multiple IP addresses.  If Security saw they all belonged to the same switch or router, they could stop hammering on every one of them separately, and stop believing they're all separate devices.
  2. The report should NOT included devices NPM is monitoring for other departments.  NPM monitors the status of Lab devices, HVAC gear, security cameras, sometimes only via ICMP, sometimes via WMI or snmp.  Those devices aren't owned by my Network team, and we don't want Security to take this report and assign remediation for vulnerabilities on those devices for which other teams are responsible.
  3. The report should include:
    1. The device name
    2. All IP addresses reachable via ICMP to the device
    3. The Vendor
    4. The Machine Type

Are you aware of such a report already built in NPM?

If not, what's the most efficient way to build such a report that includes ALL IP addresses on a Network-Team-Owned device, and that omits all other devices and their addresses?

  • 0

    this will work in a "Custom Query" resource, which you can either embed in a dashboard or add to a report

    Remove the next-to-last line's comment marker (--) to copy into the "Search" box of the resource if you'd like to be able to search on node name or ip address (wildcards are wrapped around the search string automatically)

    SELECT
    n.Caption AS [DEVICE NAME]
    ,n.WebUri.WebUri AS [_LinkFor_DEVICE NAME]
    ,'/Orion/images/StatusIcons/small-' + ToString(n.StatusIcon) AS [_IconFor_DEVICE NAME]
    ,n.VENDOR
    ,'/NetPerfMon/images/Vendors/' + TOSTRING(n.VendorIcon) AS [_IconFor_VENDOR]
    ,n.MachineType AS [MODEL]
    ,n.NodeIPAddresses.IPAddress AS [IP ADDRESSES]
    FROM Orion.Nodes n
    --WHERE n.Caption LIKE '%${SEARCH_STRING}%' OR n.NodeIPAddresses.IPAddress LIKE '%${SEARCH_STRING}%'
    ORDER BY n.Caption, n.NodeIPAddresses.IPAddress

    On your criteria, you have #2 listed as

    All IP addresses reachable via ICMP to the device

    There's not really NPM can verify all of those IP addresses are responsive to ICMP, but otherwise this should be a good start for you.

    2018-01-26_16-46-06.jpg

  • 0 in reply to zackm

    Thanks, I'll give this a try Monday.

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.