This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.

You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

SNMPv3 Credential Report

sotherls over 7 years ago

NPM 12.0.1

Need to create a report which shows what the SNMPv3 Username, Authentication method, password, Privileged method and password are.

Used to be able to do prior to 12 before they encrypted it?

This would be used by administrators to check how their nodes are configured.

Ideas?

Top Replies

tbemus over 7 years ago in reply to ctlswadmin +6

There is a way to query the db with the SWQL. http:// <orionserver>/Orion/admin/swis.aspx I messed with it for a while till I figured out what I needed then built a report using the the following SWQL…

0 ctlswadmin over 7 years ago

Hey Sotherls,
Is it safe to assume that all of your passwords are the same based on username ? Or is this the reason for seeking this report to find password typos.
If your passwords always match the username, you could do a sql case statement around the username. I can write you up a query if you'd like, or if you just need the tables. This info is found on the credential and CredentialProperty table.
Cancel
Vote Up 0 Vote Down

Cancel
0 sotherls over 7 years ago

Found it using SDK.
I was able to create the report
Cancel
Vote Up 0 Vote Down

Cancel
0 ctlswadmin over 7 years ago in reply to sotherls

I'm intrested in how you did this, can you share ?
Thanks,
David
Cancel
Vote Up 0 Vote Down

Cancel
0 tbemus over 7 years ago in reply to ctlswadmin

There is a way to query the db with the SWQL. http://<orionserver>/Orion/admin/swis.aspx I messed with it for a while till I figured out what I needed then built a report using the the following SWQL:
SELECT SysName, AgentIP, SNMPUsername, SNMPLevel, SNMPEncryptType, SNMPAuthType, OSVersion, OSImage FROM Cirrus.Nodes
Cancel
Vote Up +6 Vote Down

Cancel
0 ctlswadmin over 7 years ago in reply to tbemus

I ran the query, but the passwords are still encrypted. Any tricks on decryption ?
Cancel
Vote Up 0 Vote Down

Cancel
0 rschroeder over 7 years ago

I was speaking with a SW SE this week about similar topics, and I was lamenting the lack of the ability to discover credentials used by NCM after version 7.3. He said he's heard that complaint a lot, but that SW government customers required it to be removed due to security concerns, so I won't be surprised if the GUI, SQL, or SWQL can't display them.
However, if someone DOES have the process, it would be worth learning if you'd be so kind as to share it. Sometimes troubleshooting is nice to do knowing the exact phrases (password or snmp-v3) that things SHOULD be using, then comparing to what NCM is actually trying to use against them.
Cancel
Vote Up 0 Vote Down

Cancel
0 ctlswadmin over 7 years ago in reply to rschroeder

That explains why they moved away from plain text credential storage. I do think that higher tier organizations have the resources to manipulate their vendor products to fit their needs. We encrypted snmp credentials on 10.7 I believe, might have been an earlier version.
Cancel
Vote Up 0 Vote Down

Cancel
0 pp2 over 6 years ago in reply to tbemus

I run the query, it shows the info I need (node name, IP address, SNMPusername and SNMPversion). good enough.
but how do I export it to excel or csv file.
thanks for your help again.
pp2
Cancel
Vote Up 0 Vote Down

Cancel
0 tbemus over 6 years ago in reply to pp2

I ended up creating a report with the query. the report will have an export to excel button.
Cancel
Vote Up 0 Vote Down

Cancel
0 pp2 over 5 years ago in reply to tbemus

Hi tbemus,
will you be able to share the SNMP query report with excel button?
this will be very helpful to all the operations team.
Thanks.
PP2
Cancel
Vote Up 0 Vote Down

Cancel