Agent Based Discovery

Device42 Autodiscovery Agent

Device42 offers an autodiscovery agent for Windows, Mac, and Linux that is optional and may be used to provide autodiscovery of devices that may prove difficult otherwise, ie devices external to the local network.

Discovery Account WARNING: Please do not set up an auto-discovery / scan using critical [production] account credentials! Please create a separate, dedicated account to use only for discovery

Doing so, depending on permissions granted & configured password policies could result in account lock-out, therefore causing an otherwise completely avoidable outage.

Installation

The client can be downloaded by going to Tools>Auto-Discovery>Agent Based Scans. Enter the Device42 URL as it will be accessed by the agent from the remote machine, and choose your platform: Windows, Mac, or Linux.

It can be run from the command line or can be scheduled using the relevant scheduling program per OS. When running the application, the following switches are available:

Switch Description
-collect-responses collects all shell commands responses to collected-responses.log
-debug prints the data being sent and result of post operation
-device-customer string default device customer
-device-object-category string default device object category
-device-service-level string default device service level
-device-tags string default device tags
-dry-run doesn’t do a post, just prints the data to be sent
-extended-logs enables extended logs
-hostname-precedence sets device name as new name to prevent creation of new device if only hostname was changed
-ignore-domain ignore domain
-ignore-ipv6 ignore IPv6 addresses
-ignore-local-ips string sets list of local IPs to ignore
-ignore-local-ports string sets list of local ports to ignore
-ignore-remote-ips string sets list of remote IPs to ignore
-ignore-remote-ports string sets list of remote ports to ignore
-ip-vrf-group string default IP VRF group
-light-mode reduces CPU utilization by cost of discovery speed
-quiet enables extended logs
-sudo-password string sudo password used in some OSes (Mac, Linux) to get information about the system
-version print version number and exit

Scheduling With Crontab in Linux

Scheduling the agent as a non-root user will work just fine, but for best results we do recommend running the command as sudo. In order to have the cronjob run successfully with sudo, you’ll need to edit the sudoers file to allow the user to the agent command with sudo without a password. The line in the sudoers file will look something like:

greg   ALL=(ALL:ALL) NOPASSWD: /home/greg/d42agent

Replacing “greg” with the user and “/home/greg/d42agent” with the absolute path to the agent.

Next step, in crontab for the same user, you can have a line like:

* * * * * sudo /home/greg/d42agent

again, replacing the path with the path to the agent. This will run the agent every minute on the machine and you should see all information. Running without sudo will prevent information such as machine serial and uuid, as well as other output from dmidecode from being discovered.

Linux and Mac Note

After downloading, if the agent is not executable make it executable (ie, chmod +x agentname). Sudo is required for best results, and the password may be passed using –sudo-password=”password”.