# This is the main configuration file for Netdisco web and backend apps
#
# DO NOT EDIT THIS FILE
#
# Overrides should go to ~/environments/deployment.yml
#
# https://github.com/netdisco/netdisco/wiki/Configuration has
# in depth explanations about each setting.
# ----------------
# GENERAL SETTINGS
# ----------------
log: 'warning'
logger_format: '[%P] %U %L %m'
include_paths: []
template_paths: []
site_local_files: false
external_databases: []
# ------------
# WEB FRONTEND
# ------------
domain_suffix: []
no_auth: false
suggest_guest: false
navbar_autocomplete: true
trust_remote_user: false
trust_x_remote_user: false
api_token_lifetime: 3600
tacacs: {}
radius: {}
ldap: {}
# servers: []
# user_string: 'MYDOMAIN\%USER%'
# base: ""
# proxy_user: ""
# proxy_pass: ""
# opts:
# debug: 3
# tls_opts: {}
path: '/'
web_home: '/inventory'
web_plugins:
- Inventory
- Report::PortVLANMismatch
- Report::PortAdminDown
- Report::PortBlocking
- Report::PortMultiNodes
- Report::PortSsid
- Report::PortUtilization
- Report::ApChannelDist
- Report::ApClients
- Report::ApRadioChannelPower
- Report::HalfDuplex
- Report::DeviceAddrNoDNS
- Report::DeviceByLocation
- Report::InventoryByModelByOS
- Report::DeviceDnsMismatch
- Report::DevicePoeStatus
- Report::DuplexMismatch
- Report::IpInventory
- Report::ModuleInventory
- Report::Netbios
- Report::NodeMultiIPs
- Report::NodeVendor
- Report::NodesDiscovered
- Report::SsidInventory
- Report::VlanInventory
- Report::SubnetUtilization
- Report::PortLog
- AdminTask::JobQueue
- AdminTask::NodeMonitor
- AdminTask::Topology
- AdminTask::PollerPerformance
- AdminTask::PseudoDevice
- AdminTask::SlowDevices
- AdminTask::UndiscoveredNeighbors
- AdminTask::OrphanedDevices
- AdminTask::DuplicateDevices
- AdminTask::TimedOutDevices
- AdminTask::UserLog
- AdminTask::Users
- Search::Device
- Search::Node
- Search::VLAN
- Search::Port
- Device::Details
- Device::Ports
- Device::Modules
- Device::Neighbors
- Device::Addresses
- Device::Vlans
- Device::SNMP
extra_web_plugins: []
sidebar_defaults:
search_node:
stamps: { default: checked }
deviceports: { default: checked }
show_vendor: { default: null }
archived: { default: null }
partial: { default: null }
age_invert: { default: null }
daterange: { default: null }
mac_format: { default: IEEE }
search_port:
partial: { default: checked }
uplink: { default: null }
ethernet: { default: checked }
search_device:
matchall: { default: checked }
device_ports:
c_admin: { label: 'Port Controls', default: null, idx: 0 }
c_port: { label: 'Port', default: checked, idx: 1 }
c_descr: { label: 'Description', default: null, idx: 2 }
c_comment: { label: 'Last Comment', default: null, idx: 3 }
c_type: { label: 'Type', default: null, idx: 4 }
c_lastchange: { label: 'Last Change', default: null, idx: 5 }
c_name: { label: 'Name', default: checked, idx: 6 }
c_speed_admin: { label: 'Speed (configured)', default: null, idx: 7 }
c_speed: { label: 'Speed (running)', default: null, idx: 8 }
c_duplex: { label: 'Duplex', default: null, idx: 9 }
c_error: { label: 'Error Message', default: null, idx: 10 }
c_mac: { label: 'Port MAC', default: null, idx: 11 }
c_mtu: { label: 'MTU', default: null, idx: 12 }
c_pvid: { label: 'Native VLAN', default: checked, idx: 13 }
c_vmember: { label: 'VLAN Membership', default: checked, idx: 14 }
c_power: { label: 'PoE', default: null, idx: 16 }
c_ssid: { label: 'SSID', default: null, idx: 17 }
c_nodes: { label: 'Connected Nodes', default: null, idx: 18 }
c_neighbors: { label: 'Connected Devices', default: checked, idx: 19 }
c_stp: { label: 'Spanning Tree', default: null, idx: 20 }
c_up: { label: 'Status', default: null, idx: 21 }
mac_format: { default: IEEE }
n_inventory: { label: 'Remote Inventory', default: checked, idx: 0 }
n_detailed_inventory: { label: 'Remote Advertisement', default: null, idx: 1 }
n_age: { label: 'Age Stamp', default: null, idx: 2 }
n_ip4: { label: 'IPv4 Addresses', default: checked, idx: 3 }
n_ip6: { label: 'IPv6 Addresses', default: checked, idx: 4 }
n_netbios: { label: 'NetBIOS Name', default: checked, idx: 5 }
n_ssid: { label: 'SSID', default: checked, idx: 6 }
n_vendor: { label: 'Vendor', default: null, idx: 7 }
n_archived: { label: 'Archived Data', default: null, idx: 8 }
age_num: { default: 3 }
age_unit: { default: months }
p_vlan_names: { label: 'Use VLAN Names', default: null, idx: 0 }
p_hide1002: { label: 'Hide VLAN 1002-1005', default: null, idx: 1 }
device_netmap:
showips: { default: null }
showspeed: { default: null }
mapshow: { default: neighbors }
colorby: { default: speed }
dynamicsize: { default: checked }
report_moduleinventory:
fruonly: { default: checked }
matchall: { default: checked }
report_portutilization:
age_num: { default: 3 }
age_unit: { default: months }
device_port_col_idx_left: 0
device_port_col_idx_mid: 2
device_port_col_idx_right: -1
jobqueue_refresh: 10
safe_password_store: true
reports: []
system_reports:
- tag: portserrordisabled
label: 'Error Disabled Ports'
category: Port
columns:
- { ip: Device }
- { dns: DNS }
- { port: Port }
- { name: Description }
- { reason: Reason }
query: |
SELECT dp.ip, d.dns, dp.port, dp.name, properties.error_disable_cause AS reason
FROM device_port dp
INNER JOIN device_port_properties properties USING (ip, port)
LEFT JOIN device d USING (ip)
WHERE properties.error_disable_cause IS NOT NULL
ORDER BY dp.ip, dp.port
table_pagesize: 10
table_showrecordsmenu:
- [10, 25, 50, 100, '-1']
- [10, 25, 50, 100, 'All']
vlanctl: true
portctl_nameonly: false
portctl_no: []
portctl_only: []
portctl_nowaps: false
portctl_nophones: false
portctl_vlans: false
portctl_uplinks: false
system_port_control_reasons:
address: 'Address Allocation Abuse'
copyright: 'Copyright Violation'
dos: 'Denial of Service'
bandwidth: 'Excessive Bandwidth'
polling: 'Excessive Polling of DNS/DHCP/SNMP'
noserv: 'Not In Service'
exploit: 'Remote Exploit Possible'
compromised: 'System Compromised'
other: 'Other'
resolved: 'Issue Resolved'
check_userlog: false
devport_vlan_limit: 150
login_logo: ""
defanged_admin: 'admin'
# -------------
# NETDISCO CORE
# -------------
# mibhome is discovered from environment
# mibdirs defaults to contents of mibhome
host_groups:
__ANY__:
- '0.0.0.0/0'
- '::/0'
__LOCAL_ADDRESSES__:
- '::1'
- 'fe80::/10'
- '127.0.0.0/8'
host_group_displaynames: {}
device_identity: []
community: []
community_rw: []
device_auth: []
use_legacy_rancidexport: false
use_legacy_sshcollector: false
get_credentials: ""
bulkwalk_off: false
bulkwalk_no: []
bulkwalk_repeaters: 20
nonincreasing: false
snmpver: 3
snmptimeout: 3000000
snmpretries: 2
snmp_remoteport: {}
snmp_field_protection:
device:
serial: ['group:__ANY__']
devices_no: []
devices_only: []
discover_no: []
discover_only: []
discover_no_type: []
discover_waps: true
discover_phones: false
discover_min_age: 0
macsuck_no: []
macsuck_only: []
macsuck_all_vlans: false
macsuck_no_unnamed: false
macsuck_no_vlan:
- 'fddi-default'
- 'token-ring-default'
- 'fddinet-default'
- 'trnet-default'
- 'fcoe-vsan-4048'
- 'SAM-vlan-boot'
- 'SAM-vlan-appliance-management'
- 'SAM-vlan-management'
macsuck_no_devicevlan: []
macsuck_unsupported: []
macsuck_unsupported_type: []
macsuck_bleed: false
macsuck_min_age: 0
snmpforce_v1: []
snmpforce_v2: []
snmpforce_v3: []
arpnip_no: []
arpnip_only: []
arpnip_min_age: 0
nbtstat_no: []
nbtstat_only: []
nbtstat_max_age: 7
nbtstat_interval: 0.02
nbtstat_response_timeout: 1
node_freshness: 0
expire_devices: 60
expire_nodes: 90
expire_nodes_archive: 60
expire_jobs: 14
expire_userlog: 365
expire_nodeip_freshness: null
store_wireless_clients: true
store_modules: true
ignore_interfaces:
- 'EOBC'
- 'unrouted VLAN(?: \d+)?'
- 'StackPort'
- 'Control Plane Interface'
- 'SPAN (S|R)P Interface'
- 'StackSub-.*'
- 'StackPort\d+'
- 'netflow'
- 'Vlan\d+-mpls layer'
- 'BRI\S+-Bearer Channel'
- 'BRI\S+-Physical'
- 'BRI\S+-Signalling'
- 'BRI\S+-Signaling'
- 'Embedded-Service-Engine\d+\/\d+'
- 'Virtual-Template\d+'
- 'Virtual-Access\d+'
- '(E|T)\d \d\/\d\/\d'
- 'InLoopback0'
- 'NULL\d'
- 'Register-Tunnel\d'
- 'Blade-Aggregation\d'
- 'M-GigabitEthernet\d\/\d\/\d'
- 'Ethernet(?:-| )QOS Packet Scheduler'
- 'Ethernet(?:-| )WFP (?:802\.3|Native) MAC Layer Lightweight Filter'
- 'ii\d\/\d\/\d+'
ignore_interface_types: []
ignore_notpresent_types:
- 'ethernetCsmacd'
- 'tunnel'
- 'ieee8023adLag'
ignore_private_nets: false
reverse_sysname: false
phone_capabilities:
- '(?i:phone)'
phone_platforms:
- '(?i:mitel.5\d{3})'
wap_capabilities:
- 'wlanAccessPoint'
wap_platforms:
- '(?i:\bwap\b)'
- 'cisco\s+AIR-[L|C]?AP'
- '-K9W8-'
# --------------
# BACKEND DAEMON
# --------------
workers:
tasks: 'AUTO * 2'
timeout: 600
sleep_time: 1
min_runtime: 0
max_deferrals: 10
retry_after: '7 days'
queue: PostgreSQL
# this one takes ages
snapshot_timeout: 1200
# 50 minutes
jobs_stale_after: 3000
jobs_qdepth: 50
dns:
max_outstanding: 50
hosts_file: '/etc/hosts'
no: ['group:__LOCAL_ADDRESSES__','169.254.0.0/16']
hooks: []
schedule:
discoverall:
when: '5 7 * * *'
macwalk:
when:
min: 20
arpwalk:
when:
min: 50
nbtwalk:
when: '0 8,13,21 * * *'
expire:
when: '30 23 * * *'
makerancidconf: null
job_prio:
high:
- contact
- hook::exec
- hook::http
- location
- portcontrol
- portname
- power
- snapshot
- vlan
normal:
- arpnip
- arpwalk
- discover
- discoverall
- expire
- macsuck
- macwalk
- nbtstat
- nbtwalk
- stats
worker_plugins:
- 'AddPseudoDevice'
- 'Arpnip'
- 'Arpnip::Hooks'
- 'Arpnip::Nodes'
- 'Arpnip::Subnets'
- 'Arpwalk'
- 'Contact'
- 'Delete'
- 'Discover'
- 'Discover::CanonicalIP'
- 'Discover::Entities'
- 'Discover::Hooks'
- 'Discover::Neighbors'
- 'Discover::Neighbors::DOCSIS'
- 'Discover::Neighbors::Routed'
- 'Discover::PortPower'
- 'Discover::PortProperties'
- 'Discover::Properties'
- 'Discover::VLANs'
- 'Discover::Wireless'
- 'Discover::WithNodes'
- 'DiscoverAll'
- 'DumpConfig'
- 'Expire'
- 'ExpireNodes'
- 'GetAPIKey'
- 'Graph'
- 'Hook'
- 'Hook::Exec'
- 'Hook::HTTP'
- 'LoadMIBs'
- 'Location'
- 'Macsuck'
- 'Macsuck::Hooks'
- 'Macsuck::Nodes'
- 'Macsuck::WirelessNodes'
- 'Macwalk'
- 'MakeRancidConf'
- 'Nbtstat'
- 'Nbtstat::Core'
- 'Nbtwalk'
- 'NodeMonitor'
- 'PortControl'
- 'PortName'
- 'Power'
- 'Psql'
- 'Renumber'
- 'Show'
- 'Snapshot'
- 'Stats'
- 'Vlan'
- 'Vlan::Core'
extra_worker_plugins: []
driver_priority:
restconf: 500
netconf: 400
eapi: 300
cli: 200
snmp: 100
# ---------------
# GraphViz Export
# ---------------
graph:
# ---- Graph Settings ----
edge_color : wheat
graph : 'graph/netmap.gif'
graph_png : 'graph/netmap.png'
graph_bg : black
graph_clusters : false # try fdp layout
graph_color : white
graph_default : png
#graph_dir : net_dir.gif
graph_epsilon : 6
graph_layout : twopi # try neato or fdp too
graph_map : 'graph/netmap.map'
graph_overlap : scale
graph_nodesep : 2
graph_ranksep : .3
graph_raw : 'graph/graph_raw.dot'
graph_splines : false
graph_svg : 'graph/netmap.svg'
graph_timeout : 90
graph_x : 30
graph_y : 30
node_fillcolor : dimgrey
node_font : lucon
node_fontsize : 46.0
node_fontcolor : white
node_problem : red
node_shape : box
node_style : filled
#edge_style : setlinewidth(10)
# ---- Node Maps ----
# variable:matching pattern:node attribute:attribute value:key:key name
#node_map:
# - 'label:cat(?!-g):fillcolor:blue:cat:Blue Box - Catalyst Device'
# - 'label:-g:fillcolor:darkgreen:dev-g:Green Box - Gateway / Router'
# - 'ip:^192.168\.:color:yellow:dev:Yellow Border - ResNet'
# ---------------
# DANCER INTERNAL
# ---------------
charset: 'UTF-8'
warnings: false
show_errors: false
logger: 'console'
engines:
netdisco_template_toolkit:
subclass: 'Template::AutoFilter'
encoding: 'utf8'
start_tag: '[%'
end_tag: '%]'
ANYCASE: 1
ABSOLUTE: 1
PRE_CHOMP: 1
INCLUDE_PATH: []
AUTO_FILTER: 'html_entity'
layout: 'noop'
plugins:
Swagger:
main_api_module: 'App::Netdisco'
ui_url: '/swagger-ui'
show_ui: false
ui_dir: '/dev/null'
Auth::Extensible:
no_api_change_warning: true
no_default_pages: true
no_login_handler: true
realms:
users:
provider: 'App::Netdisco::Web::Auth::Provider::DBIC'
schema_name: 'netdisco'
session: 'cookie'
session_cookie_key: 'this_will_be_overridden_on_webapp_startup'
template: 'netdisco_template_toolkit'
route_cache: true
appname: 'Netdisco'
behind_proxy: false
HTTP-Header-X-Frame-Options: 'DENY'
HTTP-Header-Content-Security-Policy: 'frame-ancestors none;'