Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
654
Views
5
Helpful
3
Replies

Regarding SSH Protocol on SNTC Collector & Scanning CLI for information.

Lmarquez
Level 1
Level 1

‎05-16-2019 10:53 AM

Hey everyone,

I have a customer that was wondering the usage of SSH and scanning via the Discovery Process. They say that the SSH is used and scans out to the environment and picks up the CLI info; I would argue that is not the case, and that SSH is utilize to SSH into the device. So what is the purpose of the SSH credentials being entered in the Collector? 

 

What about the CLI? Is that scanned out by the SNMP RO Strings? They argue that because the 'type' is CLI, and not SNMP, it is not scanned by SNMP, but SSH - but I am fairly confident that it is scanned by SNMP and not SSH. I have trouble explaining this and articulating this - so I would like to verify with others to ensure I have a good understanding and am correct on my assumptions. Below is an image of what I am referencing.

 

IssueImage1.png

 

Thank you. Any assistance is greatly appreciated. 

0 Helpful
3 Replies 3

hadennis
Cisco Employee
Cisco Employee

‎05-16-2019 01:33 PM - edited ‎05-16-2019 01:34 PM

Hi Lmarquez,

 

The SSH credentials that are provided to the Collector are used to SSH into the devices in the environment and run the CLI commands. The SNMP information is provided to query SNMP information, not the CLI commands. In the Collector, if you go to the "Credentials" tab and click "Add" you can see the Protocol drop down menu. When you choose "SSH" it specifies and also asks for other information used to complete the CLI commands such as the Enable User Name and Enable Password. Let me know if you have any other questions about how this works!

 

creds.PNG

Lmarquez
Level 1
Level 1
In response to hadennis

‎05-16-2019 01:45 PM

Ah, okay!
So the SSH Protocol - it isn't necessarily used for actually reading into them via the Discovery Process, that is strictly via the SNMP RO Strings etc. Correct? That was a point of contention we had where they believed SSH was used to discover devices into the collector to then populate into the SNTC Portal.

SSH Largely wouldn't be utilized when just simply wanting to read out to the environment to discover devices for the SNTC Portal if that is my understanding. So what would its use be in this case? Just to complete CLI Commands for a scan?

Thank you so much thus far!
0 Helpful

adias
Cisco Employee
Cisco Employee
In response to Lmarquez

‎05-16-2019 02:26 PM - edited ‎05-16-2019 02:57 PM

I would like to reply to avoid any confusion here. 

Discoveries do NOT sent or collect data to be sent to Portal in any protocol.  The essence of discovery is to learn devices and put on the managed device list on the collector only.  Discoveries use SNMP RO primarily and do not use SSH or Telnet.as a protocol to discover devices

 

What send data is the collection performed by the collection profile, The collection of inventory  is done by the collection profile and primarily by SNMP RO. for inventory purposes this should be sufficient. however for some reports in SNTC like Psirts and field notices, the collection can be enhanced by show commands and there is where ssh and or telnet can  be used  to complement collection and avoid false-positives

0 Helpful
Customers Also Viewed These Support Documents