Versions Compared

Old Version 11

changes.mady.by.user Antoine Malpel

Saved on

compared with

New Version 12

changes.mady.by.user Antoine Malpel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Shinken Enterprise allows you to detect network checks and physical type of your servers located in your IT. 
  

Edit and add new network scan list

The network scan can be setup directly in the Administration Interface. 
  
First click on the discovery source in the home page.Image Removed  Image Added
Then click on the "See nework scan list" button:Image Removed  Image Added

You can list the current network scan in the Discovery menu.

You can enable new scan with the Add new scan button.

Image Removed  Image Added
And you will see the configuration of a new scan:Image Modified  

You must set up the following parameters:

  • Name
  • IP range: must match a nmap command range definition
  • Scan interval, in minutes
  • You can setup notes about this scan

Adding a new scan will automatically enable it and your new hosts or your new tags will appears in a few minutes.

 
  

Add new port to host template rule

Without rules, the raw data that is being generated by the discovery scripts is useless. The rules are defined in the /etc/shinken/discovery_rules.cfg file.   

Here is an example of how to set the ftp host template host for anything that is detected by nmap with the TCP/21 port open:

There are three main parts for a rule:

  • discoveryrule_name: should be unique
  • creation_type: should be host
  • openports: regexp about the port that will be match. The and $ is for the regexp thing, so 21 and only 21 will be match, and not 210 for example.
  • +use: This mentions the template from which the generated object will inherit from. You can add as many properties as you want.
Code Block
define discoveryrule {
   discoveryrule_name         FtpRule
   creation_type              host
   openports                  ^21$
   +use                        ftp
}
  
Here is the list of the default port to Host templates rules:
 
  
  
  
  
 
 
 
...
           
 
PortHost template
27017mongodb
 
53dns
25smtp
465smtps
 
3306mysql
22ssh
110pop3
995pop3s
 
9100printer-hp
 
1521oracle
80http
 
443https
1433mssql
2301hp-asm
143imap
 
993imaps
 
389ldap
636ldaps
 
  
Security: nmap command parameters
 
Here are the the parameters used by the nmap command used by this module:
  • -sU
  • -sT
  • --min-rate 1000
  • --max-retries 3
  • -T4
  • -O