Creating SNMP and PowerShell Credentials for Windows Devices

Download this manual as a PDF file

Use the following menu options to navigate the SL1 user interface:

  • To view a pop-out list of menu options, click the menu icon ().
  • To view a page containing all of the menu options, click the Advanced menu icon ().

The following sections describe how to create SNMP and PowerShell credentials for Windows devices that you want to monitor with SL1, general discovery steps, and how to discover Windows Server clusters and component devices on Hyper-V systems:

Creating an SNMP Credential

SNMP credentials allow SL1 to access SNMP data on a managed device. SL1 uses SNMP credentials to perform discovery, run auto-discovery, and gather information from SNMP Dynamic Applications.

To create an SNMP credential:

  1. Go to the Credentials page (Manage > Credentials).
  2. Click the Create New button and then select Create SNMP Credential. The Create Credential modal page appears:

An image of the SNMP Create Credential page

  1. Supply values in the following fields:
  • Name. Name of the credential. Can be any combination of alphanumeric characters, up to 64 characters. This is a required field.
  • All Organizations. Toggle on (blue) to align the credential to all organizations, or toggle off (gray) and then select one or more specific organizations from the What organization manages this service? drop-down field to align the credential with those specific organizations. This field is required.

To learn more about credentials and organizations, see the section Aligning Organizations With a Credential.

  • Timeout (ms). Time, in milliseconds, after which SL1 will stop trying to communicate with the device. The default value is 1500.
  • SNMP Version. SNMP version. Choices are SNMP V1, SNMP V2, and SNMP V3. The default value is SNMP V2.
  • Port. The port SL1 will use to communicate with the external device or application. The default value is 161. This field is required.
  • SNMP Retries. Number of times SL1 will try to authenticate and communicate with the external device. The default value is 1.

SNMP V1/V2 Settings

If you selected SNMP V1 or SNMP V2 in the SNMP Version field, complete these fields. These fields are inactive if you selected SNMP V3.

  • SNMP Community (Read-Only). The SNMP community string (password) required for read-only access of SNMP data on the remote device or application. For SNMP V1 and SNMP V2 credentials, you must supply a community string, either in this field or in the SNMP Community (Read/Write) field.
  • SNMP Community (Read/Write). The SNMP community string (password) required for read and write access of SNMP data on the remote device or application. For SNMP V1 and SNMP V2 credentials, you must supply a community string, either in this field or in the SNMP Community (Read Only) field.

SNMP V3 Settings

If you selected SNMP V3 in the SNMP Version field, complete these fields. These fields are inactive if you selected SNMP V1 or SNMP V2.

  • Security Name. Name for SNMP authentication. This field is required.
  • Security Passphrase. Password to authenticate the credential. This value must contain at least 8 characters. This value is required if you use a Security Level that includes authentication.

In addition to alphanumeric characters, you can also use the following special characters in an SNMP V3 security passphrase: ? - _ = , . : # + % $ [ ] { } & ! ( ) | /

You cannot use the following special characters in an SNMP V3 security passphrase: " ' \

  • Authentication Protocol. Select an authentication algorithm for the credential. This field is required. Choices are:
  • MD5. This is the default value.
  • SHA
  • SHA-224
  • SHA-256
  • SHA-384
  • SHA-512

The SHA option is SHA-128.

  • Security Level. Specifies the combination of security features for the credentials. This field is required. Choices are:
  • No Authentication / No Encryption.
  • Authentication Only. This is the default value.
  • Authentication and Encryption.
  • Engine ID. The unique engine ID for the SNMP agent you want to communicate with. (SNMPv3 authentication and encryption keys are generated based on the associated passwords and the engine ID.) This field is optional.
  • Context. A context is a mechanism within SNMPv3 (and AgentX) that allows you to use parallel versions of the same MIB objects. For example, one version of a MIB might be associated with SNMP Version 2 and another version of the same MIB might be associated with SNMP Version 3. For SNMP Version 3, specify the context name in this field. This field is optional.
  • Privacy Protocol. The privacy service encryption and decryption algorithm. This field is required. Choices are:
  • DES. This is the default value.
  • AES-128
  • AES-192
  • AES-256
  • AES-256-C. This option is for discovering Cisco devices only.
  • Privacy Protocol Passphrase. Privacy password for the credential. This field is optional.
  1. Click Save & Close.

If you would like to test your credential using the Credential Tester panel, click Save & Test. For detailed instructions on using the Credential Tester panel, see the Using the Credential Tester Panel section.

Creating an SNMP Credential in the SL1 Classic User Interface

SNMP Credentials allow SL1 to access SNMP data on a managed device. SL1 uses SNMP credentials to perform discovery, run auto-discovery, and gather information from SNMP Dynamic Applications.

To create an SNMP credential:

  1. Go to the Credential Management page (System > Manage > Credentials).

  2. Click the Actions button and select Create SNMP Credential. The Credential Editor page appears.

  3. Supply values in the following fields:
  • Profile Name. Name of the credential. Can be any combination of alphanumeric characters. This field is required.
  • SNMP Version. SNMP version. Choices are SNMP V1, SNMP V2, and SNMP V3. The default value is SNMP V2.
  • Port. The port SL1 will use to communicate with the external device or application. The default value is 161. This field is required.
  • Timeout (ms). Time, in milliseconds, after which SL1 will stop trying to communicate with the SNMP device. The default value is 1500.
  • Retries. Number of times SL1 will try to authenticate and communicate with the external device. The default value is 1.

SNMP V1/V2 Settings

These fields appear if you selected SNMP V1 or SNMP V2 in the SNMP Version field. The fields are inactive if you selected SNMP V3.

  • SNMP Community (Read-Only). The SNMP community string (password) required for read-only access of SNMP data on the remote device or application. For SNMP V1 and SNMP V2 credentials, you must supply a community string, either in this field or in the SNMP Community (Read/Write) field.
  • SNMP Community (Read/Write). The SNMP community string (password) required for read and write access of SNMP data on the remote device or application. For SNMP V1 and SNMP V2 credentials, you must supply a community string, either in this field or in the SNMP Community (Read Only) field.

SNMP V3 Settings

These fields appear if you selected SNMP V3 in the SNMP Version field. These fields are inactive if you selected SNMP V1 or SNMP V2.

  • Security Name. Name for SNMP authentication. This field is required.
  • Security Passphrase. Password to authenticate the credential. This value must contain at least 8 characters. This value is required if you use a Security Level that includes authentication.
  • Authentication Protocol. Select an authentication algorithm for the credential. This field is required. Choices are:
  • MD5. This is the default value.
  • SHA
  • SHA-224
  • SHA-256
  • SHA-384
  • SHA-512

The SHA option is SHA-128.

  • Security Level. Specifies the combination of security features for the credentials. This field is required. Choices are:
  • No Authentication / No Encryption.
  • Authentication Only. This is the default value.
  • Authentication and Encryption.
  • SNMP v3 Engine ID. The unique engine ID for the SNMP agent you want to communicate with. (SNMPv3 authentication and encryption keys are generated based on the associated passwords and the engine ID.) This field is optional.
  • Context Name. A context is a mechanism within SNMPv3 (and AgentX) that allows you to use parallel versions of the same MIB objects. For example, one version of a MIB might be associated with SNMP Version 2 and another version of the same MIB might be associated with SNMP Version 3. For SNMP Version 3, specify the context name in this field. This field is optional.
  • Privacy Protocol. The privacy service encryption and decryption algorithm. This field is required. Choices are:
  • DES. This is the default value.
  • AES-128
  • AES-192
  • AES-256
  • AES-256-C. This option is for discovering Cisco devices only.
  • Privacy Protocol Passphrase. Privacy password for the credential. This field is optional.
  1. Click the Save button to save the new SNMP credential.
  2. Repeat steps 1-4 for each SNMP-enabled device in your network that you want to monitor with SL1.

NOTE: When you define an SNMP Credential, SL1 automatically aligns the credential with all organizations of which you are a member.

Creating a PowerShell Credential

If you configure your Windows system to respond to PowerShell requests from SL1, you can use PowerShell Dynamic Applications to collect information from your Windows system.

All of the PowerShell Dynamic Applications include a discovery object. If you include a credential for PowerShell Dynamic Applications in the discovery session that includes your Windows system, SL1 will automatically align the appropriate PowerShell Dynamic Applications to the Windows system. For more information about creating a discovery session, see the Running a Discovery Session section.

To define a PowerShell credential in SL1, you will need the following information:

  • The username and password for a user on the Windows device.
  • If the user is an Active Directory account, the hostname or IP address of the Active Directory server and the domain.
  • Determine if an encrypted connection should be used.
  • If you are using a Windows Management Proxy, the hostname or IP address of the proxy server.

To create a PowerShell credential:

  1. Go to the Credentials page (Manage > Credentials).
  2. Click the Create New button and then select Create Powershell Credential. The Create Credential modal page appears:

An image of the powershell Create Credential page.

  1. Supply values in the following fields:
  • Name. Name of the credential. Can be any combination of alphanumeric characters, up to 64 characters. This field is required.
  • All Organizations. Toggle on (blue) to align the credential to all organizations, or toggle off (gray) and then select one or more specific organizations from the What organization manages this service? drop-down field to align the credential with those specific organizations. This field is required.

To learn more about credentials and organizations, see the section Aligning Organizations With a Credential.

  • Timeout (ms). Time, in milliseconds, after which SL1 will stop trying to communicate with the authenticating server. For collection to be successful, SL1 must connect to the authenticating server, execute the PowerShell command, and receive a response within the amount of time specified in this field.
  • Account Type. Type of authentication for the username and password in this credential. Choices are:
  • Active Directory. On the Windows device, Active Directory will authenticate the username and password in this credential.
  • Local. Local security on the Windows device will authenticate the username and password in this credential.
  • Hostname/IP. Hostname or IP address of the device from which you want to retrieve data. This field is required.
  • You can include the variable %D in this field. SL1 will replace the variable with the IP address of the device that is currently using the credential.
  • You can include the variable %N in this field. SL1 will replace the variable with the hostname of the device that is currently using the credential. If SL1 cannot determine the hostname, SL1 will replace the variable with the primary, management IP address for the current device.
  • You can include the prefix HOST or WSMAN before the variable %D in this field if the device you want to monitor uses a service principal name (for example, "HOST://%D" or "WSMAN://%D"). SL1 will use the WinRM service HOST or WSMan instead of HTTP and replace the variable with the IP address of the device that is currently using the credential.
  • Username. Type the username for an account on the Windows device to be monitored or on the proxy server. This field is required.

NOTE: The user should not include the domain name prefix in the username for Active Directory accounts. For example, use "em7admin" instead of "MSDOMAIN\em7admin".

  • Password. Type the password for the account on the Windows device to be monitored or on the proxy server. This field is required.
  • Encrypted. Select whether SL1 will communicate with the device using an encrypted HTTP or HTTPS connection:
  • Toggle on (blue) if SL1 will communicate with the device using an encrypted connection over HTTPS. If toggled on, when communicating with the Windows server, SL1 will use a local user account with authentication of type "Basic Auth". You must then use HTTPS and can use a Microsoft Certificate or a self signed certificate.

    • In SL1 versions 11.3.0 and later, a newer Kerberos library is used that allows for message encryption over HTTP. This feature is on by default and may eliminate the need for you to configure an HTTPS certificate depending on your security requirements.

  • Toggle off (gray) . The credential is encrypted over HTTP rather than HTTPS.
  • Port. Type the port number used by the WinRM service on the Windows device. This field is required and is automatically populated with the default port based on the value you selected in the Encrypted field.
  • PowerShell Proxy Hostname/IP. If you use a proxy server in front of the Windows devices you want to communicate with, type the fully-qualified domain name or the IP address of the proxy server in this field.
  • Active Directory Host/IP. If you selected Active Directory in the Account Type field, type the hostname or IP address of the Active Directory server that will authenticate the credential.
  • Active Directory Domain. If you selected Active Directory in the Account Type field, type the domain where the monitored Windows device resides.
  1. Click Save & Close.

If you would like to test your credential using the Credential Tester panel, click Save & Test. For detailed instructions on using the Credential Tester panel, see the Using the Credential Tester Panel section.

NOTE: If you update the credential after your initial discovery session, you will need to run a new discovery session to update the etc/krb5.conf file and to re-align Dynamic Applications.

Creating a PowerShell Credential in the SL1 Classic User Interface

To define a PowerShell credential in SL1:

  1. Collect the information you need to create the credential:
  • The username and password for a user on the Windows device.
  • If the user is an Active Directory account, the hostname or IP address of the Active Directory server and the domain.
  • Determine if an encrypted connection should be used.
  • If you are using a Windows Management Proxy, the hostname or IP address of the proxy server.
  1. Go to the Credential Management page (System > Manage > Credentials).
  2. In the Credential Management page, click the Actions menu. Select Create PowerShell Credential.
  3. The Credential Editor page appears, where you can define the following fields:
  • Profile Name. Name of the credential. Can be any combination of alphanumeric characters. This field is required.
  • Hostname/IP. Hostname or IP address of the device from which you want to retrieve data. This field is required.
  • You can include the variable %D in this field. SL1 will replace the variable with the IP address of the device that is currently using the credential.
  • You can include the variable %N in this field. SL1 will replace the variable with the hostname of the device that is currently using the credential. If SL1 cannot determine the hostname, SL1 will replace the variable with the primary, management IP address for the current device.
  • You can include the prefix HOST or WSMAN before the variable %D in this field if the device you want to monitor uses a service principal name (for example, "HOST://%D" or "WSMAN://%D"). SL1 will use the WinRM service HOST or WSMan instead of HTTP and replace the variable with the IP address of the device that is currently using the credential.
  • Username. Type the username for an account on the Windows device to be monitored or on the proxy server. This field is required.

NOTE: The user should not include the domain name prefix in the username for Active Directory accounts. For example, use "em7admin" instead of "MSDOMAIN\em7admin".

  • Encrypted. Select whether SL1 will communicate with the device using an encrypted connection. Choices are:
  • yes. When communicating with the Windows server, SL1 will use a local user account with authentication of type "Basic Auth". You must then use HTTPS and can use a Microsoft Certificate or a self-signed certificate.
  • no. When communicating with the Windows server, SL1 will not encrypt the connection.
  • Port. Type the port number used by the WinRM service on the Windows device. This field is automatically populated with the default port based on the value you selected in the Encrypted field. This field is required.

  • Account Type. Type of authentication for the username and password in this credential. Choices are:
  • Active Directory. On the Windows device, Active Directory will authenticate the username and password in this credential.
  • Local. Local security on the Windows device will authenticate the username and password in this credential.

  • Timeout (ms). Type the time, in milliseconds, after which SL1 will stop trying to collect data from the authenticating server. For collection to be successful, SL1 must connect to the authenticating server, execute the PowerShell command, and receive a response within the amount of time specified in this field.
  • Password. Type the password for the account on the Windows device to be monitored or on the proxy server. This field is required.
  • PowerShell Proxy Hostname/IP. If you use a proxy server in front of the Windows devices you want to communicate with, type the fully-qualified domain name or the IP address of the proxy server in this field.
  • Active Directory Hostname/IP. If you selected Active Directory in the Account Type field, type the hostname or IP address of the Active Directory server that will authenticate the credential.
  • Domain. If you selected Active Directory in the Account Type field, type the domain where the monitored Windows device resides.
  1. To save the credential, click the Save button. To clear the values you set, click the Reset button.

NOTE: If you update the credential after your initial discovery session, you will need to run a new discovery session to update the etc/krb5.conf file and to re-align Dynamic Applications.

Testing Windows Credentials

Credential Tests define a series of steps that SL1 can execute on-demand to validate whether a credential works as expected. This section describes the SNMP and PowerShell Credential Tests that are included in the default installation of SL1.

SNMP Credential Test

The SNMP Credential Test can be used to test an SNMP credential for connectivity. The SNMP Credential Test performs the following steps:

  • Test Reachability. Performs an ICMP ping request to the host specified in the credential.
  • Test Port Availability. Performs an NMAP request to the UDP port specified in the credential on the host specified in the credential.
  • Test SNMP Availability. Attempts an SNMP getnext request to .1.3.6.1 using the credential.

PowerShell Credential Test

The PowerShell Credential Test can be used to test a PowerShell credential for connectivity. The PowerShell Credential Test performs the following steps:

  • Test Reachability. Performs an ICMP ping request to the host specified in the credential.
  • Test Port Availability. Performs an NMAP request to the TCP port specified in the credential on the host specified in the credential.
  • Test Name Resolution. Performs an nslookup request on the host specified in the credential.
  • Test Kerberos. If the credential does not specify local authentication, attempts to acquire a kerberos ticket using the credential.
  • Test WinRM Connection. Attempts a WinRM connection using the credential.
  • Execute PowerShell Cmdlet. Attempts to execute the 'Get-WmiObject Win32_Process | Select Name' PowerShell Cmdlet using the credential.

Running a Windows Credential Test

You can test a credential from the Credentials page using a predefined credential test.

To run a credential test from the Credentials page:

  1. Go to the Credentials page (Manage > Credentials).
  2. Click the Actions button () of the credential that you want to test, and then select Test.
  1. The Credential Test Form modal page appears. Fill out the following fields on this page:
  • Credential. Select the credential to test. This drop-down list includes only credentials that you have access to. (If you clicked the Actions button () and then selected Test for a specific credential, then this field is read-only.)
  • Select Credential Test. Select a credential test to run. This drop-down list includes the ScienceLogic Default Credential Tests, credential tests included in any PowerPacks that have been optionally installed on your system, and credential tests that users have created on your system.
  • Collector. Select the All-In-One Appliance or Data Collector that will run the test.
  • IP or Hostname to Test. Type a hostname or IP address that will be used during the test. For example, if you are testing an SNMP credential, the hostname/IP address you supply will be used to perform a test SNMP request.
  1. Click Run Test button to run the credential test. The Testing Credential window appears:

    The Testing Credential window displays a log entry for each step in the credential test. The steps performed are different for each credential test. The log entry for each step includes the following information:

    • Step. The name of the step.
    • Description. A description of the action performed during the step.
    • Log Message. The result of the step for this execution of the credential test.
    • Status. Whether the result of this step indicates the credential and/or the network environment is configured correctly (Passed) or incorrectly (Failed).
    • Step Tip. Mouse over the question mark icon () to display the tip text. The tip text recommends what to do to change the credential and/or the network environment if the step has a status of "Failed".

To run a Windows credential test using the Credential Tester panel:

  1. While defining a credential, supply values in the required fields on the Create Credential page.
  2. Click the Save & Test button. This activates the Credential Tester fields.
  3. In the Credential Tester panel, supply values in the following fields:
  • Select Credential Test. Select a credential test to run. This drop-down list includes the ScienceLogic Default Credential Tests, credential tests included in any PowerPacks that have been optionally installed on your system, and credential tests that users have created on your system.
  • Select Collector. Select the All-In-One Appliance or Data Collector that will run the test.
  • IP or Hostname to test. Type a hostname or IP address that will be used during the test. For example, if you are testing an SNMP credential, the hostname/IP address you supply will be used to perform a test SNMP request.
  1. Click Run Test button to run the credential test. The Testing Credential window appears:

    The Testing Credential window displays a log entry for each step in the credential test. The steps performed are different for each credential test. The log entry for each step includes the following information:

    • Step. The name of the step.
    • Description. A description of the action performed during the step.
    • Log Message. The result of the step for this execution of the credential test.
    • Status. Whether the result of this step indicates the credential and/or the network environment is configured correctly (Passed) or incorrectly (Failed).
    • Step Tip. Mouse over the question mark icon () to display the tip text. The tip text recommends what to do to change the credential and/or the network environment if the step has a status of "Failed".

Running a Windows Credential Test in the SL1 Classic User Interface

To run a Windows credential test from the Credential Management page:

  1. Go to the Credential Management page (System > Manage > Credentials).

  1. Click the Actions menu, and then select Test Credential. The Credential Tester modal page appears.

  1. Supply values in the following fields:
  • Test Type. Select a credential test to run.

  • Credential. Select the credential you want to test. This drop-down list includes only credentials that you have access to that can be tested using the selected credential test.
  • Hostname/IP. Enter a hostname or IP address that will be used during the test. For example, if you are testing an SNMP credential, the hostname/IP address you supply will be used to perform a test SNMP request.
  • Collector. Select the All-In-One Appliance or Data Collector that will run the test.

  1. Click the Run Test button to run the credential test. The Test Credential window appears.

The Test Credential window displays a log entry for each step in the credential test. The steps performed are different for each credential test. The log entry for each step includes the following information:

  • Step. The name of the step.

  • Description. A description of the action performed during the step.
  • Log Message. The result of the step for this execution of the credential test.
  • Status. Whether the result of this step indicates the credential and/or the network environment is configured correctly (Passed) or incorrectly (Failed).
  • Step Tip. Mouse over the question mark icon () to display the tip text. The tip text recommends what to do to change the credential and/or the network environment if the step has a status of "Failed".

  1. Optionally, you can click the Execute Discovery Session button to run a discovery session using the Credential, Hostname/IP, and Collector you selected in the Credential Tester modal page.

Adding Devices Using Unguided Discovery

To run an unguided discovery:

  1. On the Devices page () or the Discovery Sessions page (Devices > Discovery Sessions), click the Add Devices button. The Select page appears.
  2. Click the Unguided Network Discovery button. Additional information about the requirements for discovery appears in the General Information pane to the right.
  3. Click Select. The Add Devices page appears.
  4. Complete the following fields:
  • Discovery Session Name. Type a unique name for this discovery session. This name is displayed in the list of discovery sessions on the Discovery Sessions tab.
  • Description. Type a short description of the discovery session. You can use the text in this description to search for the discovery session on the Discovery Sessions tab. Optional.
  • Select the organization to add discovered devices to. Select the name of the organization to which you want to add the discovered devices.
  1. Click Next. The Credentials page of the Add Devices wizard appears.
  2. On the Credentials page, you can optionally do one of the following:
  • If the credential you need is not in the list, click the Create New button to open the Create Credential window, where you can specify the name and organization for the credential, the third-party username and password, and other data such as Cloud Type and Proxy information. You can also test the credential before you save using the Credential Tester panel. Click Save & Close to save the credential and return to the Credential Selection page of the guided discovery session. For more information on creating new credentials or testing credentials, see the section on Defining Credentials or Using the Credential Tester Panel.
  • To edit a credential on the Credential Selection page, click the name of the credential you would like to edit from the Name column and edit that credential as needed. You can also test the credential before you save using the Credential Tester panel. Click the Save & Close button on the Edit Credential window to save your updates.
  1. On the Credentials page of the Add Devices wizard, select one or more credentials to allow SL1 to access a device's SNMP data and click Next. The Discovery Session Details page of the Add Devices wizard appears.
  2. Complete the following fields:
  • List of IPs/Hostnames. Provide a list of IP addresses, hostnames, or fully-qualified domain names for SL1 to scan during discovery. This field is required. In this field, you can enter a combination of one or more of the following:
  • One or more single IPv4 addresses separated by commas and a new line. Each IP address must be in standard IP notation and cannot exceed 15 characters. For example, "10.20.30.1, 10.20.30.2, 10.20."
  • One or more ranges of IPv4 addresses with "-" (dash) characters between the beginning of the range and the end of the range. Separate each range with a comma. For example, "10.20.30.1 – 10.20.30.254".
  • One or more IP address ranges in IPv4 CIDR notation. Separate each item in the list with a comma. For example, "192.168.168.0/24".
  • One or more ranges of IPv6 addresses with "-" (dash) characters between the beginning of the range and the end of the range. Separate each range with a comma. For example, "2001:DB8:0:0:0:0:0:0-2001:DB8:0:0:0:0:0:0003".
  • One or more IP address ranges in IPv6 CIDR notation. Separate each item in the list with a comma. For example, "2001:DB8:0:0:0:0:0:0/117".
  • One or more hostnames (fully-qualified domain names). Separate each item in the list with a comma.

You can also click the Upload File button to upload a comma-separated list of IPs.

  • Which collector will monitor these devices?. Select an existing collector group to monitor the discovered devices. Required.

When assigning devices to a collector group, SL1's multi-tenancy rules will validate that the collector group you select belongs to the organization you selected in the previous field. If you attempt to run a discovery session where the devices, collector group, and credentials do not all belong to the same organization, you will receive an error message and will not be able to save or execute the discovery session.

  • Run after save. Select this option to run this discovery session as soon as you click Save and Close.
  • Advanced options. Click the down arrow icon () to access additional discovery options. 

In the Advanced options section, complete the following fields as needed:

  • Initial Scan Level. For this discovery session only, specifies the data to be gathered during the initial discovery session. The options are:
  • System Default (recommended). Use the value defined in the Behavior Settings page (System > Settings > Behavior) in the classic user interface of SL1.
  • 1. Model Device Only. Discovery will discover if the device is up and running and if so, collect the make and model of the device. SL1 will then generate a device ID for the device so it can be managed by SL1.
  • 2. Initial Population of Apps. Discovery will search for Dynamic Applications to associate with the device. The discovery tool will attempt to collect data for the aligned Dynamic Applications. Discovery will later retrieve full sets of data from each Dynamic Application. Discovery will also perform 1. Model Device Only discovery.
  • 3. Discover SSL Certificates. Discovery will search for SSL certificates and retrieve SSL data. Discovery will also perform 2. Initial Population of Apps and 1. Model Device Only.
  • 4. Discover Open Ports. Discovery will search for open ports. Discovery will also perform 3. Discover SSL Certificates, 2. Initial Population of Apps, and 1. Model Device Only.

If your system includes a firewall and you select 4. Discover Open Ports, discovery might be blocked and/or might be taxing to your network.

  • 5. Advanced Port Discovery. Discovery will search for open ports, using a faster TCP/IP connection method. Discovery will also perform 3. Discover SSL Certificates, 2. Initial Population of Apps, and 1. Model Device Only.

If your system includes a firewall and you select 5. Advanced Port Discovery, some devices might remain in a pending state (purple icon) for some time after discovery. These devices will achieve a healthy status, but this might take several hours.

  • 6. Deep Discovery. Discovery will use nmap to retrieve the operating system name and version. Discovery will also scan for services running on each open port and can use this information to match devices to device classes. Discovery will search for open ports, using a faster TCP/IP connection method. Discovery will also perform 3. Discover SSL Certificates, 2. Initial Population of Apps, and 1. Model Device Only.

For devices that don't support SNMP, option 6. Deep Discovery allows you to discover devices that don't support SNMP and then align those devices with a device class other than "pingable". Note that option 6. Deep Discovery is compute-intensive.

If SL1 cannot determine the appropriate Device Class, it will assign the device to the Generic SNMP Device Class.

  • Scan Throttle. Specifies the amount of time a discovery process should pause between each specified IP address (specified in the IP Address/Hostname Discovery List field). Pausing discovery processes between IP addresses spreads the amount of network traffic generated by discovery over a longer period of time. The choices are:
  • System Default (recommended). Use the value defined in the Behavior Settings page (System > Settings > Behavior) in the classic user interface for SL1.
  • Disabled. Discovery processes will not pause.
  • 1000 Msec to 10000 Msec. A discovery process will pause for a random amount of time between half the selected value and the selected value.
  • Port Scan All IPs. For the initial discovery session only, specifies whether SL1 should scan all IP addresses on a device for open ports. The choices are:
  • System Default (recommended). Use the value defined in the Behavior Settings page (System > Settings > Behavior) in the classic user interface for SL1.
  • Enabled. SL1 will scan all discovered IP addresses for open ports.
  • Disabled. SL1 will scan only the primary IP address (the one used to communicate with SL1) for open ports.
  • Port Scan Timeout. For the initial discovery session only, specifies the length of time, in milliseconds, after which SL1 should stop trying to scan an IP address for open ports and begin scanning the next IP address (if applicable). Choices are:
  • System Default (recommended). Use the value defined in the Behavior Settings page (System > Settings > Behavior).
  • Choices between 60 to 1,800 seconds.
  • Scan Ports. Specify a list of ports to scan, separated by colons (:). The default is 21:22:25:80:136.
  • Interface Inventory Timeout (ms). Specifies the maximum amount of time that the discovery processes will spend polling a device for the list of interfaces. After the specified time, SL1 will stop polling the device, will not model the device, and will continue with discovery. The default value is 600,000 ms (10 minutes).
  • During the execution of this discovery session, SL1 uses the value in this field first. If you delete the default values and do not specify another value in this field, SL1 uses the value in the Global Threshold Settings page (System > Settings > Thresholds).
  • If you specify a value in this field and do not apply a device template to this discovery session, the Interface Inventory Timeout setting in the Device Thresholds page (Registry > Devices > Device Manager > wrench icon > Thresholds) is set to this value for each discovered device. If there is no device template applied to the discovery session and no value is supplied in this field, SL1 uses the value in the Global Threshold Settings page (System > Settings > Thresholds).
  • Maximum Allowed Interfaces. Specifies the maximum number of interfaces per devices. If a device exceeds this number of interfaces, SL1 will stop scanning the device, will not model the device, and will continue with discovery. The default value is 10,000.
  • During the execution of this discovery session, SL1 uses the value in this field first. If you delete the default values and do not specify another value in this field, SL1 uses the value in the Global Threshold Settings page.
  • If you specify a value in this field and do not apply a device template to this discovery session, the Maximum Allowed Interfaces setting in the Device Thresholds page is set to this value for each discovered device. If there is no device template applied to the discovery session and no value is supplied in this field, SL1 uses the value in the Global Threshold Settings page.
  • Bypass Interface Inventory. Specifies whether or not the discovery session should discover network interfaces.
  • Selected. SL1 will not attempt to discover interfaces for each device in the discovery session. For each discovered device, the Bypass Interface Inventory checkbox on the Device Investigator Settings tab will be selected.
  • Not Selected. SL1 will attempt to discover network interfaces, using the Interface Inventory Timeout value and Maximum Allowed Interfaces value.
  • Discover Non-SNMP. Specifies whether or not SL1 should discover devices that don't respond to SNMP requests.
  • Selected. SL1 will discover devices that don't respond to the SNMP credentials selected in the SNMP Credentials field. These devices will be discovered as "pingable" devices.
  • Not Selected. SL1 will not discover devices that don't respond to the SNMP credentials selected in the SNMP Credentials fields.

You must either select a credential for the discovery session or select the Discover Non-SNMP option. SL1 will prevent you from proceeding with discovery if you have not met those conditions.

  • Model Devices. Determines whether or not the devices that are discovered with this discovery session can be managed through SL1. Choices are:
  • Enabled. When a device is modeled, SL1 creates a device ID for the device; you can then access the device through the Device Manager page and manage the device in SL1.
  • Disabled. If a device is not modeled, you cannot access the device through the Device Manager page, and you cannot manage the device in SL1. However, each discovered device will still appear in the Discovery Session logs. For each discovered device, the discovery logs will display the IP address and device class for the device. This option is useful when performing an initial discovery of your network, to determine which devices you want to monitor and manage with SL1. For the amount of time specified in the Device Model Cache TTL (h) field, a user can manually model the device from the Discovery Session window.
  • Enable DHCP. Specifies whether or not the specified range of IPs and hostnames use DHCP.
  • Selected. SL1 will perform a DNS lookup for the device during discovery and each time SL1 retrieves information from the device.
  • Not Selected. SL1 will perform normal discovery.
  • Device Model Cache TTL (h). Amount of time, in hours, that SL1 stores information about devices that are discovered but not modeled, either because the Model Devices option is not enabled or because SL1 cannot determine whether a duplicate device already exists. The cached data can be used to manually model the device from the Discovery Session window.
  • Log All. Specifies whether or not the discovery session should use verbose logging. When you select verbose logging, SL1 logs details about each IP address or hostname specified in the IP Address/Hostname Discovery List field, even if the results are "No device found at this address."
  • Selected. This discovery session will use verbose logging.
  • Not Selected. This discovery session will not use verbose logging.
  • Apply Device Template. As SL1 discovers a device in the IP discovery list, that device is configured with the selected device template. You can select from a list of all device templates in SL1. For more information on device templates, see the Device Groups and Device Templates section.
  1. Click Save and Close to save the discovery session. The Discovery Sessions page (Devices > Discovery Sessions) displays the new discovery session.

  2. If you selected the Run after save option on this page, the discovery session runs, and the Discovery Logs page displays any relevant log messages. If the discovery session locates and adds any devices, the Discovery Logs page includes a link to the Device Investigator page for the discovered device.

Discovering Windows Server Clusters

To discover a Windows Server cluster with the Microsoft: Windows Server PowerPack, you must align the discovery Dynamic Application to one or more of the cluster node physical devices. To align the Dynamic Application:

  1. On the Collections tab of the Device Investigator, click Edit and then click Align Dynamic App. The Align Dynamic Application window appears.
  2. Click Choose Dynamic Application. The Choose Dynamic Application window appears:

  1. Select the "Microsoft: Windows Server Discovery" Dynamic Application and click Select. The name of the Dynamic Application appears in the Align Dynamic Application window.
  2. If a default credential is listed below the Dynamic Application and you do not want to use that credential, uncheck the box next to the credential name.
  3. Click Choose Credential. The Choose Credential window appears.
  4. Select the credential you created for the Dynamic Application and click the Select button. The name of the selected credential appears in the Align Dynamic Application window.
  5. Click the Align Dynamic App button. When the Dynamic Application is successfully aligned, it is added to the Collections tab, and a confirmation message appears at the bottom of the tab.

To unalign a Dynamic Application from a device, click the Actions button () for that Dynamic Application and select Unalign Dynamic App. However, be advised that when you unalign a Dynamic Application, you also delete the data it has collected.

Once you have aligned the "Microsoft: Windows Server Discovery" Dynamic Application, an event will be generated with the network name of the cluster. The "Microsoft: Windows Server Create Windows Cluster Virtual Device" Run Book action will execute and create a virtual device with the name of the cluster. The necessary Dynamic Applications will automatically align to the virtual device, and the cluster DCM tree will then be created over the next few polling cycles.

Discovering Windows Server Clusters in the SL1 Classic User Interface

To discover a Windows Server cluster with the Microsoft: Windows Server PowerPack, you must align the discovery Dynamic Application to one or more of the cluster node physical devices. To align the Dynamic Application:

  1. Go to the Device Manager page (Devices > Device Manager).
  2. In the Device Manager page, find a cluster node device and click its wrench icon ().
  3. In the Device Administration panel, click the Collections tab.
  4. In the Dynamic Application Collections page, click the [Actions] menu and select Add Dynamic Application.
  5. The Dynamic Application Alignment modal page appears. Locate the "Microsoft: Windows Server Discovery" Dynamic Application and select it.
  6. After selecting a Dynamic Application, select the credential you created in the Credentials field.
  7. Click the [Save] button in the Dynamic Application Alignment modal page to align the Dynamic Application and the credential to the device.

Once you have aligned the "Microsoft: Windows Server Discovery" Dynamic Application, an event will be generated with the network name of the cluster. The "Microsoft: Windows Server Create Windows Cluster Virtual Device" Run Book action will execute and create a virtual device with the name of the cluster. The necessary Dynamic Applications will automatically align to the virtual device, and the cluster DCM tree will then be created over the next few polling cycles.

Discovering Devices with the Microsoft: Windows Server Discovery Template

A device template allows you to save a device configuration and apply it to multiple devices. The Microsoft: Windows Server PowerPack includes a device template for discovering Microsoft devices.

The template will work as-is, unless you would like to remove a Dynamic Application from the template. To remove any Dynamic Applications you may not need:

  1. Go to the Configuration Templates page (Devices > Templates, or Registry > Devices > Templates in the SL1 classic user interface).
  1. Locate the "Microsoft: Windows Server Discovery Template" and click its wrench icon (). The Device Template Editor page appears.
  2. Modify the Template Name field, as you will not want to overwrite the sample template.
  1. Click the Dyn Apps tab. The Editing Dynamic Application Subtemplates page appears.
  1. Click each Dynamic Application and replace the example credential with the credential created for the Windows server(s) being discovered.
  2. To remove a Dynamic Application listed in the Subtemplate Selection section on the left side of the page, click it's bomb icon () and then click OK when asked to confirm.
  3. Click Save As.

To discover the Windows Server devices that you want to monitor:

  1. On the Devices page () or the Discovery Sessions page (Devices > Discovery Sessions), click the Add Devices button. The Select page appears:

Image of the Add Devices wizard, page 1

  1. Click the Unguided Network Discovery button. Additional information about the requirements for discovery appears in the General Information pane to the right.
  1. Click Select. The Add Devices page appears.
  2. Complete the following fields:
  • Name. Type a unique name for this discovery session. This name is displayed in the list of discovery sessions on the Discovery Sessions tab.
  • Description. Optional. Type a short description of the discovery session. You can use the text in this description to search for the discovery session on the Discovery Sessions tab.
  • Select the organization to add discovered devices to. Select the name of the organization to which you want to add the discovered devices.
  1. Click Next. The Credentials page of the Add Devices wizard appears.
  1. On the Credentials page, click Next.
  1. The Discovery Session Details page of the Add Devices wizard appears:

Image of the Add Devices wizard, page 2

  1. Complete the following fields:
  • List of IPs/Hostnames.  Type the IP address or addresses for the Windows Server devices that you want to discover.
  • Which collector will monitor these devices?. Select an existing collector to monitor the discovered devices. Required.
  • Run after save. Select this option to run this discovery session as soon as you click Save and Close.

In the Advanced options section, click the down arrow icon () to complete the following fields:

  • Discover Non-SNMP.Enable this setting.
  • Select Device Template. Select the device template that you configured.

  1. Click Save and Close to save the discovery session. The Discovery Sessions page (Devices > Discovery Sessions) displays the new discovery session.
  2. If you selected the Run after save option on this page, the discovery session runs, and the Discovery Logs page displays any relevant log messages. If the discovery session locates and adds any devices, the Discovery Logs page includes a link to the Device Investigator page for the discovered device.

To discover Windows Server devices in the SL1 classic user interface:

  1. Go to the Discovery Control Panel page (System > Manage > Classic Discovery).

  1. In the Discovery Control Panel, click the Create button.

  1. The Discovery Session Editor page appears. In the Discovery Session Editor page, complete the following fields:
  • Name. Type in a name for your discovery session.
  • IP Address/Hostname Discovery List. Type the IP address or addresses for the Windows Server devices that you want to discover.

  • Discover Non-SNMP. Select this checkbox.
  • Apply Device Template. Select the template you configured.
  1. Click the Save button to save the discovery session, and then close the Discovery Session Editor window.
  2. The discovery session you created appears at the top of the Discovery Control Panel page. Click its lightning-bolt icon () to run the discovery session.
  3. The Discovery Session window appears. When the device(s) are discovered, click the device icon () to view the Device Properties page for each device.

Discovering Component Devices on Hyper-V Systems

The Microsoft: Hyper-V Server PowerPack includes two Dynamic Applications that allow SL1 to collect information about the virtual machines running on a Hyper-V system.

To discover the virtual machines on a Hyper-V system as component devices, align the following two Dynamic Applications with a Hyper-V system:

  • Microsoft: Hyper-V Guest Configuration Cache
  • Microsoft: Hyper-V Gust Discovery

When these Dynamic Applications are aligned to a Hyper-V system, the platform will automatically create a device record for each virtual machine. The platform will also automatically align other Dynamic Applications from the Microsoft: Hyper-V Server PowerPack to each virtual machine.

Viewing Component Devices

When SL1 performs collection for the "Microsoft Hyper-V Guest Configuration Cache" and "Microsoft Hyper-V Guest Discovery" Dynamic Applications, SL1 will create component devices for the virtual machines on the Hyper-V and align other Dynamic Applications to those component devices. All component devices appear in the Device Manager page just like devices discovered using the ScienceLogic discovery process.

In addition to the Device Manager page, you can view the Hyper-V system and all associated component devices in the following places in the user interface:

  • The Device Components page (Devices > Device Components or Registry > Devices > Device Components in the SL1 classic user interface) displays a list of all root devices and component devices discovered by the platform. The Device Components page displays all root devices and component devices in an indented view, so you can easily view the hierarchy and relationships between child devices, parent devices, and root devices. To view the component devices associated with a Hyper-V system, find the Hyper-V system and select its plus icon (+):

  • The Component Map page (Classic Maps > Device Maps > Components or Views > Device Maps > Components in the SL1 classic user interface) allows you to view devices by root node and view the relationships between root nodes, parent components, and child components in a map. This makes it easy to visualize and manage root nodes and their components. SL1 automatically updates the Component Map as new component devices are discovered. SL1 also updates each map with the latest status and event information. To view the map for a Hyper-V system, select the Hyper-V system from the left NavBar. To learn more about the Component Map page, see the section on Views.

Manually Aligning the Microsoft: Print Server Dynamic Application

The Microsoft: Print Server Dynamic Application must be manually aligned. To do so, perform the following steps:

  • Find your Windows device in the Device Manager page (Registry > Devices > Device Manager and click its wrench icon ().
  • From the Device Properties page for the Windows system, click the Collections tab. The Dynamic Application Collections page appears.
  • Click the Action button and then select Add Dynamic Application. The Dynamic Application Alignment page appears.
  • In the Dynamic Applications field, select the "Microsoft: Print Server" Dynamic Application.
  • In the Credentials field, select the credential you created for your Windows system.
  • Click the Save button.