Oxidized Help Setting up

I installed Oxidized on my librenms box. Seems like when I run oxidized it reads from the router.db file correctly. I can see the 3 devices I added to that file in the LibreNMS oxidized tab. Now i’m trying to integrate it with the LibreNMS devices. This is where I am having a hard time…
So in the Global Settings tab under External Settings/Oxidized integration.
I enable the Support, and put the address in From here is where im stuck.

I saw this in the oxidized tab on the website
default: http
debug: false
url: https://librenms/api/v0/oxidized
name: hostname
model: os
group: group
X-Auth-Token: ‘01582bf94c03104ecb7953dsadsadwed’

Where do i get my X-Auth-Token from?
This is the error message im getting when pasting into the oxidized config file.

Error loading config: (): mapping values are not allowed in this context at line 27 column 14
/usr/local/share/gems/gems/oxidized-0.20.0/lib/oxidized/config.rb:52:in rescue in load': Error loading config: (<unknown>): mapping values are not allowed in this context at line 27 column 14 (Oxidized::InvalidConfig) from /usr/local/share/gems/gems/oxidized-0.20.0/lib/oxidized/config.rb:49:inload’
from /usr/local/share/gems/gems/oxidized-0.20.0/lib/oxidized/cli.rb:24:in initialize' from /usr/local/share/gems/gems/oxidized-0.20.0/bin/oxidized:9:innew’
from /usr/local/share/gems/gems/oxidized-0.20.0/bin/oxidized:9:in <top (required)>' from /usr/local/bin/oxidized:23:inload’
from /usr/local/bin/oxidized:23:in `’

Thank You

You can create api tokens under settings (the gear) API -> API Settings.

Thank You,
Was able to figure it out!

@murrant It doesnt seem to be saving version histories of the backup configs. Everytime oxidized stops or restarts the files are lost…
Also im running Cent7 is whats the best way to start oxidized when server starts?

You need to switch your oxidized output to git. File output doesn’t support versioning.

1 Like

OK thank you! Got it working

Hi @laf I am trying to add multiple devices that use different login and passwords. My config is the following:

model: cisco
interval: 3600
use_syslog: false
debug: false
threads: 30
timeout: 30
retries: 3
prompt: !ruby/regexp /^([\[email protected]]+[#>]\s?)$/
vars: {}
groups: {}
pid: /home/oxidized/.config/oxidized/pid
default: ssh, telnet
debug: true
secure: false
default: git
user: admin
email: @something.com
repo: "/root/.config/oxidized/configs/devices.git"
default: http
debug: false
url: http://localhost/api/v0/oxidized
name: hostname
model: os
group: group
username: login
password: Password1
enable: Password1
username: login
password: Password1
username: login
password: Password1
username: login
password: Password1
username: login
password: Password1

For some reason only the Cisco devices work. Is the config wrong?

Your formatting is all off, show us how it’s formatted correctly. Bear in mind this is an oxidized question :slight_smile:

Hi Sorry @laf , here is the pastebin. I didnt see much responding on the oxidized forms so I was hoping someone here can help me.
Thank You

Looks fine to me that, standard docs setup.

Hmm okay Thank you,
For some reason it works with cisco devices but not anything else.

Just looking at your pastebin I think you need to move all our other models out by two spaces. Oxidized cares about spacing so I think you need to get them in line with the others.

That worked. Everything is now backing up. Have you ever noticed retrieving configs can be a bit slow? I have about 1500 devices. Any performance optimizations? The VM I am using has 20 cores and being store on SSDs?
Thank You

No way man. I’m not even close to that setup. Damn. That is some serious gear.

@j808 can you clarify for me when you created your api key, did adding the source http to your oxidized configs, generate any errors? I’m getting an SSL error now when I try and run oxidized.

SSL_connect returned=1 errno=0 state=error: certificate verify failed
/usr/share/ruby/net/http.rb:921:in connect': SSL_connect returned=1 errno=0 state=error: certificate verify failed (OpenSSL::SSL::SSLError)

Seems like an issue with Ruby/SSL but I am honestly struggling to figure out how to fix it.


That means it doesn’t trust the SSL certificate on your librenms server. There are a few ways you can fix that. Use http, add the certificate to the oxidized server, get cert signed by a CA your oxidized server trusts.

@murrant - thanks for the reply. I do have a valid signed cert, at least per firefox etc.

Oxidized is actually running on the same server as librenms.

When I try and curl using the apikey, it seems like a cert issue for sure, but I’m not sure where/what is needed to resolve it.

[[email protected] anchors]# curl -H ‘X-Auth-Token: c0de1e4acf58fa8b2fc4d656353c5a7f’ https://nms1.librenms.com/api/v0/oxidized
curl: (60) Peer’s Certificate issuer is not recognized.
More details here: http://curl.haxx.se/docs/sslcerts.html

That being said, I’ve looked up the error, and I’m not sure how/why its an issue. I think this might also be partly the issue I’ve had with using the API with the librenms IOS app. I’ve not been able to make that work either.

Ok, so, I was missing my SSLCACert file, which has helped with the curl I am testing with per the oxidized documents in librenms.

[[email protected] oxidized]$ curl -H ‘X-Auth-Token: c0de1e4acf58fa8b2fc4d656353c5a7f’ https://nms1.librenms.com/api/v0/oxidized

401 Unauthorized


This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.

If I enable the http source within oxidize, I get this error when starting oxidized:

[[email protected] oxidized]$ oxidized -d
source is not valid JSON!
/usr/local/share/gems/gems/json_pure-2.1.0/lib/json/pure/parser.rb:121:in `parse’: source is not valid JSON! (JSON::ParserError)

I’m assuming that is because the api curl testing from above isn’t working as of the moment.

So, I think this must be related to the way my authentication is setup. I auth against radius/ldap, but via apache. So, when I try and authenticate with an acct that is local to librenms, it fails.

I use http-auth. I’m not sure if that matter with api keys, but I am pretty sure any key I create doesn’t seem to allow me to curl anything.