NetXMS Support Forum

Hi Dani, that shows up info for airmax/airfiber devices under the UBNT-MIB tree, but still not seeing any unifi structure from the Unifi MIB.

Putting the MIB through an online checker it says all the description fields are missing, I wouldn't have thought that would stop the OID names from being added to the tree though?

Do you see branches in your MIB tree for the unifi bits?

ubntUniFi MODULE-IDENTITY
  LAST-UPDATED "201606250000Z"
  ORGANIZATION "Ubiquiti Networks, Inc."
  CONTACT-INFO "[email protected]"
  DESCRIPTION "The UniFi MIB module for Ubiquiti Networks, Inc. entities"
  REVISION "201606250000Z"
  DESCRIPTION "Initial Revision."
  ::= { ubntMIB 6 }

unifiApWireless OBJECT IDENTIFIER ::= { ubntUniFi 1 }
unifiApIf       OBJECT IDENTIFIER ::= { ubntUniFi 2 }
unifiApSystem   OBJECT IDENTIFIER ::= { ubntUniFi 3 }
ubntUniFiGroups OBJECT IDENTIFIER ::= { ubntMIB 2 5}

Thanks for the help.

Hi, on ver 2.2.2, I have tried setting up a few syslog parser rules with the editor for the internal syslog.

I have one successfully working rule (looking at logins to a synology DSM).  However any rule I've added since (one for VPN logins and one for unifi time sync) does not seem to generate an event in the event log. 
Have tried:

• altering the order of the rules
• click process all
• look at a level 9 debug (the syslog is being seen and added to the database but no EVENT is generated).
• restarting the server
• The custom events are configured to write to the event log

Is there an error in my regex?

<parser trace="9">
   <file/>
   <rules>
      <rule name="L2TP login to routers">
         <match repeatCount="0" repeatInterval="60">^l2tp,ppp,info,account (.*) logged in, (.*)</match>
         <event params="2">100811</event>
         <severity>5</severity>
         <tag>l2tp</tag>
         <description>Trigger a login event when VPN logins to routers occur</description>
      </rule>
      <rule name="Synology Admin Logins">
         <match repeatCount="0" repeatInterval="120">(Connection admin:.*User.*logged in from.*)</match>
         <event params="1">100801</event>
         <severity>64</severity>
         <tag>Connection</tag>
         <description>Trigger Log event when synology admin logins occur</description>
      </rule>
      <rule name="unifi current time not set">
         <match repeatCount="0" repeatInterval="120">(.*current time is not set yet)</match>
         <event params="1">100813</event>
         <severity>5</severity>
         <facility>1</facility>
         <tag>syswrapper</tag>
         <description>Log event when ntp is not updating on unifi devices</description>
      </rule>
   </rules>
   <macros/>
</parser>

syslog format:
16.01.2018 16:20:18 r01.domain.name 1 5 r01.domain.name l2tp l2tp,ppp,info,account USERNAME logged in, IPADDRESS

Hi Dani, I've compiled the MIBs you provided here but it seems I don't get the UniFi MIB description info loading.

Everything still shows up as the raw OID under ubntMIB instead of any of the structure from the UBNT-UniFi-MIB showing up.  Tried restarting console and server.

Have you had anything like this with the unifi gear before?

No idea about timelines but if you follow the commits in GitHub there are changes in there for a 2.2.2 and 3.0.

https://github.com/netxms/netxms/commits/master

OK, thanks Victor.

Hi, I was trying out the MTBF/MTTR script from the wiki and getting transformation script errors:
6102883 29.12.2017 12:28:50 netxms 2330 SYS_SCRIPT_ERROR Minor Script (DCI::OCB WiFi Demarc::2330::TransformationScript) execution error: Error 17 in line 8: Argument is not of string type and cannot be converted to string 0
After some fiddling I could trace it back to the fact the some of my nodes are missing what looks like some sort of default "status" DCI while others aren't (those work with the script).

Is the "status" DCI created when a new node is added automatically (discovery)?  I don't seem to have any templates that add this DCI.

Are there any conditions that can cause it not to be created by the server (hence my missing items)?  What happens if this DCI is missing on a node?

Thanks.

ah great. Thanks.

Just wondering if git.netxms.org is down or moved?  I usually track changes via sourcetree and I receive this error when trying to pull changes:

git -c diff.mnemonicprefix=false -c core.quotepath=false fetch origin
fatal: repository 'https://git.netxms.org/public/netxms.git/' not found
Completed with errors, see above.

I notice that the web interface https://git.netxms.org/public/netxms.git/shortlog?js=1  is 13 days out of date which is about when I stopped being able to pull changes.

Has the repo moved or is down for anyone else?

Cheers.

Hi all.  Looking at the agent tunnel functions and wondering how have some of you deployed them operationally? 

I can see their utility for allowing hole-punching out of a proxy site back to the server, but how do you do this securely?

Are you placing the NetXMS server on the public internet to receive the tunnels? 

Or are some of you using an extra NetXMS server in a DMZ and forwarding events/alarms to a primary server behind the firewall?  using a SSL proxy like nginx to unwrap and forward to the server behind the firewall?

Just curious of any deployment recommendations that can avoid directly placing the server online?  Or is the SSL code sufficiently isolated from the rest of the server and I'm being paranoid?

Cheers.

Hi all, I have a WMI DCI that pulls the Dell service tag from the windows machines running the netxms agent.

WMI.Query(root\cimv2,select * from Win32_ComputerSystemProduct,IdentifyingNumber)

This number is generally not what is entered when calling up support, they prefer the DTMF friendly Express Service Code that is a numerical version of the Service Tag (easier to type on number pad).
I've found a couple of links that describe the service tag as a base-36 number [A-Z][0-9] that you just convert to decimal.

http://creativyst.com/Doc/Articles/HT/Dell/DellNumb.htm
https://serverfault.com/questions/589774/how-to-convert-a-dell-service-tag-to-an-express-service-code

What is the best way to do this in NetXMS?

Do I create a DCI that takes the same WMI query and uses a transformation script to convert the number?  Is this possible in NXSL with base36 conversion to decimal?

Or if NXSL can't handle arbitrary bases do I have to use an external Python/nxshell script to do the conversion and call that from a DCI?

My goal is to get it represented as a DCI to display on the object details tab and in DCI summary tables.

Thanks for any suggestions.

Hello Marco, although I can't answer your problem I can add that I've had the same thing happen to me on 2.1.2 server and agent.

64bit agents on windows 10, one will find all counters during the config poll, the other will fail with the same message as you.

Haven't yet had time to look any deeper into it, I guess enabling some debug logging on the agent will be the first step we're told to try unless someone has an idea of what it could be.

Has anyone used agent external parameters/scripts to pull info for guest VMs from Proxmox VE?  Just starting to think about how to do this.

I see they have a documentation website for their REST-like api which it looks like you can call from a CLI tool called pvesh which might work well with the agent external parameter?

https://pve.proxmox.com/wiki/Proxmox_VE_API
https://pve.proxmox.com/pve-docs/api-viewer/index.html

Looking at my mikrotik routers I now realise that none of them display any topology info, and functions like "right click" > "topology" > "switch forwarding database" are empty too.

In Tomas' linked ticket, Alex mentions that the bridge MIB should provide some info (.1.3.6.1.2.1.17.4.3.1.1-3).  I don't get anything back from that whole tree other than 3 rows of STP info on any devices (CRS/CCR/AH1100).
.1.3.6.1.2.1.17.1.1.0 [Hex-STRING] = 00 00 00 00 00 00
.1.3.6.1.2.1.17.2.1.0 [INTEGER] = 3
.1.3.6.1.2.1.17.2.2.0 [INTEGER] = 32768

I have a mix of mikrotik devices with and without switch chips, but most of them are just using bridged interfaces as routers only.  I can only find L2 neighbour information under:

LLDP MIB
.1.0.8802.1.1.2.1.3  &  .1.0.8802.1.1.2.1.4 for LLDP

Mikrotik Neighbour Table (mtxrNeighbourTable .1.3.6.1.4.1.14988.1.1.11.1)
> ip neighbor print oid
0 ip-address=.1.3.6.1.4.1.14988.1.1.11.1.1.2.6 mac-address=.1.3.6.1.4.1.14988.1.1.11.1.1.3.6
   version=.1.3.6.1.4.1.14988.1.1.11.1.1.4.6 platform=.1.3.6.1.4.1.14988.1.1.11.1.1.5.6
   identity=.1.3.6.1.4.1.14988.1.1.11.1.1.6.6 software-id=.1.3.6.1.4.1.14988.1.1.11.1.1.7.6

1 ip-address=.1.3.6.1.4.1.14988.1.1.11.1.1.2.7 mac-address=.1.3.6.1.4.1.14988.1.1.11.1.1.3.7
   version=.1.3.6.1.4.1.14988.1.1.11.1.1.4.7 platform=.1.3.6.1.4.1.14988.1.1.11.1.1.5.7
   identity=.1.3.6.1.4.1.14988.1.1.11.1.1.6.7 software-id=.1.3.6.1.4.1.14988.1.1.11.1.1.7.7

2 ip-address=.1.3.6.1.4.1.14988.1.1.11.1.1.2.5 mac-address=.1.3.6.1.4.1.14988.1.1.11.1.1.3.5
   version=.1.3.6.1.4.1.14988.1.1.11.1.1.4.5 platform=.1.3.6.1.4.1.14988.1.1.11.1.1.5.5
   identity=.1.3.6.1.4.1.14988.1.1.11.1.1.6.5 software-id=.1.3.6.1.4.1.14988.1.1.11.1.1.7.5

3 ip-address=.1.3.6.1.4.1.14988.1.1.11.1.1.2.12 mac-address=.1.3.6.1.4.1.14988.1.1.11.1.1.3.12
   version=.1.3.6.1.4.1.14988.1.1.11.1.1.4.12 platform=.1.3.6.1.4.1.14988.1.1.11.1.1.5.12
   identity=.1.3.6.1.4.1.14988.1.1.11.1.1.6.12 software-id=.1.3.6.1.4.1.14988.1.1.11.1.1.7.12

4 ip-address=.1.3.6.1.4.1.14988.1.1.11.1.1.2.1 mac-address=.1.3.6.1.4.1.14988.1.1.11.1.1.3.1
   version=.1.3.6.1.4.1.14988.1.1.11.1.1.4.1 platform=.1.3.6.1.4.1.14988.1.1.11.1.1.5.1
   identity=.1.3.6.1.4.1.14988.1.1.11.1.1.6.1 software-id=.1.3.6.1.4.1.14988.1.1.11.1.1.7.1

5 ip-address=.1.3.6.1.4.1.14988.1.1.11.1.1.2.9 mac-address=.1.3.6.1.4.1.14988.1.1.11.1.1.3.9
   version=.1.3.6.1.4.1.14988.1.1.11.1.1.4.9 platform=.1.3.6.1.4.1.14988.1.1.11.1.1.5.9
   identity=.1.3.6.1.4.1.14988.1.1.11.1.1.6.9 software-id=.1.3.6.1.4.1.14988.1.1.11.1.1.7.9


On a CRS model I have, seems like unicast FDB (> interface ethernet switch unicast-fdb print) is not available over SNMP either.

I see now Tomas has mentioned before that mikrotik don't expose enough L2 info over SNMP so I guess its down to nagging them and hoping the LLDP/neighbour MIB info can be added to the driver on NX-1189 at some point.

What do the mikrotik experts do?  Does anyone use the API and scripts to get some of this information?  Am I missing anything obvious here?

Thanks guys.

Thanks for the link to the ticket Tomas.

Is this something that the "Network Device Database" feature in 2.1 might help make easier in the future rather than having to write new drivers in c++?  Or is that just for cosmetic layout of ports and vlans on the interface tab and you would still need c++ driver below it?

https://www.netxms.org/forum/announcements/netxms-2-1-rc1-released/msg22296/#msg22296

Hi, since version 6.38, Mikrotik routeros has started to use LLDP as part of "ip > neighbor" discovery.  This version has filtered down to their "bugfix" branch now (the most stable release).

It seems that lldpRemoteSystemsData and lldpLocalSystemData in the LLDPMIB is populated (when I do a walk of a routeros device) - OIDs: .1.0.8802.1.1.2.1.3  &  .1.0.8802.1.1.2.1.4 have data for local and remote devices.

Any chance that this can be added to the mikrotik driver to populate

• peer mac/node/IPaddr columns of the interfaces list on a node object details
• Tools > info > Topology Table [LLDP]
• L2 topology maps

Cheers.