Do I need the router.db file if I’m integration LibreNMS and Oxidized?
No, not if you’re sourcing the data from LibreNMS to Oxidized.
So if there is a router.db the file will be ignore. I wanted to add non Cisco devices that have different username\password such as Ubiquiti EdgeSwitch.
The idea is to create groups in the oxidized config, associate a login/pwd/etc to it, and from LibreNMS you can send the mapping between devices and oxidized_groups, in order for oxidized to use the right username/pwd for each group.
@PipoCanaja how i can do this? I have try almost everything but dont work even.
Documentation is here :
https://docs.librenms.org/Extensions/Oxidized/#feeding-oxidized
Basically, Oxidized will ask LibreNMS for the list of devices. 3 values will be used:
- hostname
- os (that should map to oxidized os, so oxidized knows how to save the config from it)
- group (this one allows to configure in oxidized the username/pwd for each group). This way, oxidzed will know from the group LibreNMS provides which username/pwd should be used.
os/groups overrides are explained at this section :
https://docs.librenms.org/Extensions/Oxidized/#creating-overrides
for example like this grouped by os. I am also ignoring some type of devices and some os to be returned via API
$config['oxidized']['maps']['group']['os'][] = array('match' => 'vrp', 'group' => 'vrp');
$config['oxidized']['maps']['group']['os'][] = array('match' => 'ios', 'group' => 'ios');
$config['oxidized']['maps']['group']['os'][] = array('match' => 'iosxe', 'group' => 'iosxe');
$config['oxidized']['maps']['group']['os'][] = array('match' => 'smartax', 'group' => 'smartax');
$config['oxidized']['maps']['group']['os'][] = array('match' => 'routeros', 'group' => 'routeros');
$config['oxidized']['ignore_types'] = array('server','power','appliance','firewall','printer','storage');
$config['oxidized']['ignore_os'] = array('generic','edgecos','airos','ping','procurve','hwg-ste','linux','windows','routeros','airconsole','saf','alfo80hd','smartax');
and then in config of oxidized in for example /home/oxidized/.config/oxidized/config
add something like this with source http
source:
default: http
debug: false
http:
url: https://librenms/api/v0/oxidized
map:
name: hostname
model: os
group: group
headers:
X-Auth-Token: 'TOKEN'
groups:
iosxe:
username: user
password: pass
ios:
username: user
password: pass
vrp:
username: user
password: pass
routeros:
username: user
password: pass
smartax:
username: user
password: pass
I am still implementing TACACS+ solution to get one bot user to connect to devices, but there is so much of them and no time to get all of that with that solution so some os has different users, passwords. Some are still authorized with RADIUS so another user/pass
I you have some of them with different creds just exclude them from oxidized with misc settings in device setthing and change a user/pass to match what is configured for group and than disable exclude from oxidized and reload node list
There is also a first part of config to get that configs to GIT. I am using self-hosted Gogs for that. I hope that this will help you or someone else
interval: 3600
use_syslog: false
debug: false
threads: 30
timeout: 240
retries: 3
prompt: !ruby/regexp /^([\w.@-]+[#>]\s?)$/
rest: 0.0.0.0:8787
next_adds_job: true
pid: "/home/oxidized/.config/oxidized/pid"
input:
default: ssh
ssh:
secure: false
output:
default: git
git:
user: oxidized
email: [email protected]
single_repo: true
repo: "/home/oxidized/.config/oxidized/repo/config-backup.git"
hooks:
push_to_remote:
type: githubrepo
events: [post_store]
remote_repo: https://git.example.com/oxidized/config-backup.git
username: oxidized
password: pass
Hello @jozefrebjak and all !
Thanks for help. Yes, help me a lot with some issues.
Finally i’ve have actually 98 devices been backup up with Oxidized!
Some issues left yet, like LibreNMS wont show the configuration (integration seems no 100%). I have prefer got Oxidized work with router.db and output via git (to have versioning).
I have many others ideas to integrate with LibreNMS, like configure Syslog, configure Nginx to protect the Oxidized URL, integrate authentication with AD and others.