Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Updated OS (ftd) for Cisco FirePOWER devices #10046

Merged
merged 4 commits into from May 24, 2019

Conversation

Projects
None yet
4 participants
@spencerbutler
Copy link
Contributor

commented Mar 29, 2019

Fixes:
#9880

There is a similar OS named ftd, but most of the modules are disabled. The CISCO-PRODUCTS-MIB lists several Cisco FirePOWER devices in the same OID range -- I don't know if they all need their own OS, or if they can be grouped into the same OS. Please advise.

I would like to get some sensors added to this OS, hence the "WiP" tag.

DO NOT DELETE THIS TEXT

Please note

Please read this information carefully. You can run ./scripts/pre-commit.php to check your code before submitting.

Testers

If you would like to test this pull request then please run: ./scripts/github-apply <pr_id>, i.e ./scripts/github-apply 5926
After you are done testing, you can remove the changes with ./scripts/github-remove. If there are schema changes, you can ask on discord how to revert.

@PipoCanaja

This comment has been minimized.

Copy link
Contributor

commented Mar 29, 2019

ftd should in fact be ciscoftd to be consistant, but renaming an OS is a bit of a problem for the actual users. So I would avoid the rename.
Now, most probably all Firepower devices should be included in ftd OS, unless you find an incompatibility that would justify not to.
I would suggest to start this approach first, and only spend time on the new OS if that approach fails.

@spencerbutler

This comment has been minimized.

Copy link
Contributor Author

commented Mar 29, 2019

The only incompatibility I found was that the sensors, mempool, and processor modules are disabled. Do you have any idea why it is configured in that manor?

@PipoCanaja

This comment has been minimized.

Copy link
Contributor

commented Mar 29, 2019

Nope, not at all. I would still suggest to start from that OS, with the snmpwalk data of the issue, try re-enabling the discovery (which any user can disable from config.php if he wants) and see what you discover. There is no definitions/discovery/ftd.yaml file for the moment, so everything that is coming today is completely standard, not at all specific to ftd anyway.

@spencerbutler

This comment has been minimized.

Copy link
Contributor Author

commented Mar 29, 2019

I did start with that OS and moved to this one, named from the CISCO-PRODUCTS-MIB definitions (ie ciscoFpr2140td OBJECT IDENTIFIER ::= { ciscoProducts 2407 }) because the discovery modules are disabled it ftd. There is only one Ftd device listed in the CISCO-PRODUCTS-MIB, and it's OID is not included in the ftd OS, so I'm at a lost for why: a) it's name doesn't match the documentation b) it's modules are disabled.

@PipoCanaja

This comment has been minimized.

Copy link
Contributor

commented Mar 29, 2019

The OS name in LibreNMS is absolutely arbitrary. Only depends on what name was chosen by the contributor.
Discovery modules disabled or not is not important. As the FirePower devices are running linux, may be the contributor wanted to avoid the default linux values, it will be difficult to see. But adding new sensors to an existing OS does not harm existing devices that would not have this sensor. It is necessary to split only if devices behave differently enough.

@PipoCanaja PipoCanaja added this to the 1.51 milestone Mar 30, 2019

@PipoCanaja PipoCanaja removed this from the 1.51 milestone Mar 30, 2019

@laf

This comment has been minimized.

Copy link
Member

commented Apr 9, 2019

For the modules disabled in the ftd definition just remove those lines if you need them.

Definitely needs to be put in to one definition though rather than 2.

@laf laf added the User-Pending label Apr 9, 2019

@murrant
Copy link
Member

left a comment

I think you just need to update the ftd os.

@spencerbutler

This comment has been minimized.

Copy link
Contributor Author

commented Apr 30, 2019

I think you just need to update the ftd os.

That is the plan. I had an unexpected event carry me away from coding for the past 2 weeks. I'll have a new commit for this "soon".

@spencerbutler spencerbutler changed the title WiP - Adding support for Cisco FirePOWER devices Updated OS (ftd) for Cisco FirePOWER devices May 21, 2019

@spencerbutler

This comment has been minimized.

Copy link
Contributor Author

commented May 21, 2019

Added to OS (ftd).

@murrant
Copy link
Member

left a comment

Looks good, I removed the modules set to true, because we should almost never force-enable modules in the OS.

@murrant murrant removed the User-Pending label May 24, 2019

@murrant murrant merged commit 5c39c41 into librenms:master May 24, 2019

6 checks passed

Inspection Summary
Details
Node: analysis
Details
Travis CI - Pull Request Build Passed
Details
WIP Ready for review
Details
codeclimate All good!
Details
license/cla Contributor License Agreement is signed.
Details
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.