hello, I would like to receive an alert when a new mac is detected on the network. Librenms manages to have a probable port where this is connected, so ideally we should have an alert like new mac xx:xx:xx:xx:xx detected on the network probable name DNSname… probable connection switch xxx, port xxxx
I have just started librenms, the product is great and the data is there I think, but the alert part is not easy to handle, there it would have to do the query on the fsb table if I understand how it works and it would also have to be a new mac so almost compared to the previous recording, or at the creation date, a new mac has an update date I suppose identical to that of creation. It remains how to give him the switch and probable port. has anyone worked on this subject before?
I’m not necessarily asking for the solution, but at least some leads, if for example I want to make an alert request for the entire database but not once for each device. Where would it be wise to make this request? It seems to me that the idea could interest everyone, since being informed that there is a new Mac on your production network seems important to me
Doing a ‘new mac detected’ requires us to record the datetime of when we saw the mac which we don’t so I’m not sure you’re going to be able to do this.
Hello, No, in fact we take for example the production vlan 10, we let it run for a few days/week, so that it has all the fdb tables. then in the alerts we configure a query which searches if the new connected mac (which we know because the registration of the mac is new and not an update) already exists on this vlan in the fdb. We therefore deduce that the port has a mac on the production vlan that we do not know from anywhere.