Oxidize integration with HTTPS Librenms

Hi All,

Started to integrate Oxidized with Librenms, but I am stuck in half-way. This is what I have done so far:

1 - Installed oxidized:

2 - Created user for oxidize, run oxidized to create default config.

3 - Added new source to the config

4- Configured external/oxidized in Librenms global config


Component | Version
--------- | -------
LibreNMS  | 23.10.0-70-g3768e5944 (2023-11-14T23:20:23+01:00)
DB Schema | 2023_11_04_125846_packages_increase_name_column_length (273)
PHP       | 8.2.12
Python    | 3.9.2
Database  | MariaDB 10.5.21-MariaDB-0+deb11u1
RRDTool   | 1.7.2
SNMP      | 5.9

[OK]    Composer Version: 2.6.5
[OK]    Dependencies up-to-date.
[OK]    Database connection successful
[OK]    Database Schema is current
[OK]    SQL Server meets minimum requirements
[OK]    lower_case_table_names is enabled
[OK]    MySQL engine is optimal
[OK]    Database and column collations are correct
[OK]    Database schema correct
[OK]    MySQl and PHP time match
[OK]    Active pollers found
[OK]    Dispatcher Service not detected
[OK]    Locks are functional
[OK]    Python poller wrapper is polling
[OK]    Redis is unavailable
[OK]    rrd_dir is writable
[OK]    rrdtool version ok


nginx config:

server {
 listen 443 ssl http2;

 server_name netmon.example.com;
 root        /opt/librenms/html;
 index       index.php;

 charset utf-8;
 gzip on;
 gzip_types text/css application/javascript text/javascript application/x-javascript image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon;

 ssl_certificate /etc/nginx/ssl/netmon.example.com.crt;
 ssl_certificate_key /etc/nginx/ssl/netmon.example.com.key;
 ssl_session_timeout 1d;
 ssl_session_cache shared:SSL:50m;
 ssl_session_tickets off;

 ssl_protocols TLSv1.2 TLSv1.3;
 ssl_prefer_server_ciphers on;

 add_header Strict-Transport-Security max-age=15768000;

 ssl_stapling on;
 ssl_stapling_verify on;

 location / {
  try_files $uri $uri/ /index.php?$query_string;
 location /api/v0 {
  try_files $uri $uri/ /api_v0.php?$query_string;
 location ~ \.php {
  include fastcgi.conf;
  fastcgi_split_path_info ^(.+\.php)(/.+)$;
  fastcgi_pass unix:/run/php-fpm-librenms.sock;
 location ~ /\.ht {
  deny all;

#--------------> smokeping start / 2023-11-14
# Browsing to `http://yourlibrenms/smokeping/` should bring up the smokeping web interface

location = /smokeping/ {
        fastcgi_intercept_errors on;

        fastcgi_param   SCRIPT_FILENAME         /usr/lib/cgi-bin/smokeping.cgi;
        fastcgi_param   QUERY_STRING            $query_string;
        fastcgi_param   REQUEST_METHOD          $request_method;
        fastcgi_param   CONTENT_TYPE            $content_type;
        fastcgi_param   CONTENT_LENGTH          $content_length;
        fastcgi_param   REQUEST_URI             $request_uri;
        fastcgi_param   DOCUMENT_URI            $document_uri;
        fastcgi_param   DOCUMENT_ROOT           $document_root;
        fastcgi_param   SERVER_PROTOCOL         $server_protocol;
        fastcgi_param   GATEWAY_INTERFACE       CGI/1.1;
        fastcgi_param   SERVER_SOFTWARE         nginx/$nginx_version;
        fastcgi_param   REMOTE_ADDR             $remote_addr;
        fastcgi_param   REMOTE_PORT             $remote_port;
        fastcgi_param   SERVER_ADDR             $server_addr;
        fastcgi_param   SERVER_PORT             $server_port;
        fastcgi_param   SERVER_NAME             $server_name;
        fastcgi_param   HTTPS                   $https if_not_empty;

        fastcgi_pass unix:/var/run/fcgiwrap.socket;

location ^~ /smokeping/ {
        alias /usr/share/smokeping/www/;
        index smokeping.cgi;
        gzip off;
#--------------> smokeping end

 location /nginx-status {
  stub_status on;
  access_log   off;
  deny all;


# Redirect http requests to https
server {
 listen      80;
 server_name netmon.example.com;
 return 301  https://netmon.example.com$request_uri;

 location /nginx-status {
  stub_status on;
  access_log   off;
  deny all;


Oxidized config:

username: test
password: test
model: junos
resolve_dns: true
interval: 3600
use_syslog: true
debug: false
threads: 30
timeout: 20
retries: 3
prompt: !ruby/regexp /^([\w.@-]+[#>]\s?)$/
rest: netmon.example.com:8888
next_adds_job: false
vars: {}
groups: {}
models: {}
pid: "/home/oxidized/.config/oxidized/pid"
  directory: "/home/oxidized/.config/oxidized/crashes"
  hostnames: false
  history_size: 10
  default: ssh
  debug: false
    secure: false
    passive: true
  utf8_encoded: true
  default: git
      user: Oxidized
      email: [email protected]
      repo: "~/.config/oxidized/oxidized.git"
  default: http
  debug: true
    url: https://netmon.example.com/api/v0/oxidized
    scheme: https
    secure: false
      name: hostname
      model: os
      group: group
      X-Auth-Token: xxx
  juniper: junos
  cisco: ios

Librenms config:


Oxidized starts:


Puma starting in single mode...
* Version 3.11.4 (ruby 2.7.4-p191), codename: Love Song
* Min threads: 0, max threads: 16
* Environment: development
* Listening on tcp://netmon.example.com:8888
Use Ctrl-C to stop

Oxidized able to save config:

git ls-files -s

100644 b797a8c2a231b6eaa1522d5f1125ec85b50a677d 0

API is working:

curl -k -X GET -H 'X-Auth-Token:xxx' -i https://netmon.example.com/api/v0/oxidized

HTTP/2 200 
server: nginx/1.18.0
content-type: application/json
cache-control: no-cache, private
date: Wed, 15 Nov 2023 10:49:35 GMT
strict-transport-security: max-age=15768000

        "hostname": "localhost",
        "os": "linux",
        "ip": ""
        "hostname": "",
        "os": "routeros",
        "ip": ""


  1. Cannot see any config in Librenms (under Device > Config, nor under Tools > Oxidized) When I hit “Refresh” got this error:
    (No error logs in librenms.log)


  1. When I try connect to oxidized Rest webpage (https://netmon.exaple.com:8888) I got this error log from oxidized:

HTTP parse error, malformed request (): #<Puma::HttpParserError: Invalid HTTP format, parsing fails.>

and firefox:

2.1 When I try with curl:

curl -v https://netmon.example.com:8888

*   Trying
* Connected to netmon.example.com ( port 8888 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* error:1408F10B:SSL routines:ssl3_get_record:wrong version number
* Closing connection 0
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number

It looks like for me that oxidize able to connect to Librenms and get the list of devices, however I do not see groups collected…

What do I missing here?

Any advise welcome, thanks a lot!


issue 2 has been resolved.
oxidized webpage reachable only in HTTP, i am able to load the page and see the saved configs.

issue with collected groups are also resolved, played with the librenms oxidized config and now i am able to create custom groups.

but issue 1 is still not resolved. i am still having the error in librenms: Could not queue refresh oxidized device.

The URL to your oxidized API is wrong, this should be pointing to your oxidized install so http://netmon.example.com:8888 and you should be good to go.

On another note, what a fantastic help request post, you nailed the detail and did everything right to debug the issue and even came back to report your findings and fixings. Gold star for you :tada:

1 Like

@laf you are right, i made the mistake!

So in the Oxidizes config:

  default: http
  debug: true
    url: https://netmon.example.com/api/v0/oxidized
    scheme: https
    secure: true
      name: hostname
      model: os
      group: group
      X-Auth-Token: xxx



What a bloody mistake by me… I was re-reading the docs over and over and did not spotted it.
Thanks again!


This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.