Using the SSH discovery utility - BlueCat Integrity - 9.3.0

Address Manager Administration Guide

Product name
BlueCat Integrity

Use the SSH discovery utility to discover Cisco IOS routers or switches on your network.

To use the SSH discovery utility:

  1. Log in to the Address Manager server using SSH. You must have sufficient privileges to read, write, and execute.
  2. Change to the /home/bluecat/discovery directory.
  3. Modify the file discovery_config.txt with the router information in the network. The data format must be:
    device_ip, device_name, username, password, device_type, cipher, privileged_EXEC_mode_password
    • device_ip—IP address of the device.
    • device_name—Name of the device.
    • username—User name to log into the specified device.
    • password—Password for the specified username to log into the device.
    • device_type—Enter Router for routers and switches, and ASA for ASA. The value is not case-sensitive.
    • cipher—Enter one of the following values. This is required and case-sensitive.
      • default—the connection will be established using ciphers in the host appliance’s SSH configuration.
      • weak—the connection will be established using weak ciphers: aes128-cbc, 3des-cbc, aes192-cbc, aes256-cbc
      • <specific cipher>—the connection will be established using only the particular cipher specified in the configuration file. Comma-separated multiple ciphers can't be specified.
    • privileged_EXEC_mode_password— the password for the enable mode. This is a mandatory for ASA-type devices but not required for router type devices.
  4. Run the following command to execute the discovery script:
    /usr/local/bluecat/ discovery_config.txt output.json
    • discovery_config.txt—the configuration file.
    • output.json—the name of the format output file.