Hi and thank you for the idea! It has been accepted for further discussion within our internal team. Stay tuned!

@dbisciotti Just want you to be aware that the username and password are needed to deliver Security Advisories and some Insights if you have Campus Success Tracks L1 or L2.  For example, without those credentials, we won't be able to collect the CLI needed for Crash Diagnostics.  Rapid Problem Resolution is also not possible without it.

@Chris Camplejohn, I'm a newbie in the CX Cloud world, so not everything is clear for me; if I'm not wrong the seed file is used for a refresh of the discovery when it' scheduled, so I expect that the crash is reported to the cloud after the next polling, and this can happen after a while; maybe the crash can be seen more quickly via a classic monitoring system. It's always a balance between pros and cons .

@dbisciotti Yes it's always tradeoffs. What I'm pretty sure @Chris Camplejohn is saying is that when CX Cloud is informed of what devices are in the network via a seedfile versus when they are connected say via DNAC or Intersight things work a little different. With DNAC/Intersight connectivity the systems know how to talk to end devices so when events happen (ie: case open that triggers RPR to automatically collect and process data to help speed up case resolution) or other insights (additional data needed for new bug, psirt, etc. correlation) if CX Cloud can't get access to the devices it can't do those functions because it can't get the data. It's more sophisticated than just say "here is the seed file ping each device and if it's online that's all CX Cloud needs". For crashes as an example a notification could be just via a syslog but to do an automated crash analysis files such as system report or crashinfo files would need to be retrieved from the device.

Thanks @Rodney Dunn for the clarification, I thought that DNA or ACI do their job without seed file, that's why I was focusing on legacy devices.

@dbisciotti If the devices are connected to CX Cloud via a DNAC you are correct a seed file is not needed and all the functionality will work. It's when you are trying to cover legacy (or non DNAC connected) devices that the seed file would be used. 

@dbisciotti You are correct that the seedfile is just for devices you want to collect from directly.  If those devices are in Cisco DNA Center or in Intersight (ACI or Compute) then you do not see the seedfile option.  But when you do use the seedfile, that seedfile is a list of devices to collect from.  The SNMP string is used to "discover" that the device is out there and collect the primary inventory information.  But for advisories and insights, additional CLI data is required, for which we need the username and password.

For example, during the scheduled collection from your seedfile devices, we will attempt to collect "show running-config" for Campus devices.  CX Cloud then uses that output as part of the Security Advisory analysis (for CX Level 1 support coverage) to provide a more precise matching (i.e. if a Security Advisory requires you to have BGP enabled to be affected and you don't have BGP enabled, then we won't report that advisory to you-- saves you time).

Another example, during the scheduled collection from your seedfile devices, we will attempt to collect some show commands for Campus devices.  CX Cloud uses the output of those commands to determine if the device has crashed recently.  If it detects a crash, that is shown in Insights (for CX Level 2 support coverage) and for some of those crashes, the crash file is automatically retrieved (SSH) and analyzed for root cause.