Using the SSH discovery utility - BlueCat Integrity - 9.3.0

Address Manager Administration Guide

Locale
English
Product name
BlueCat Integrity
Version
9.3.0

Use the SSH discovery utility to discover Cisco IOS routers or switches on your network.

To use the SSH discovery utility:

  1. Log in to the Address Manager server using SSH. You must have sufficient privileges to read, write, and execute.
  2. Change to the /home/bluecat/discovery directory.
  3. Modify the file discovery_config.txt with the router information in the network. The data format must be:
    device_ip, device_name, username, password, device_type, cipher, privileged_EXEC_mode_password
    Where:
    • device_ip—IP address of the device.
    • device_name—Name of the device.
    • username—User name to log into the specified device.
    • password—Password for the specified username to log into the device.
    • device_type—Enter Router for routers and switches, and ASA for ASA. The value is not case-sensitive.
    • cipher—Enter one of the following values. This is required and case-sensitive.
      • default—the connection will be established using ciphers in the host appliance’s SSH configuration.
      • weak—the connection will be established using weak ciphers: aes128-cbc, 3des-cbc, aes192-cbc, aes256-cbc
      • <specific cipher>—the connection will be established using only the particular cipher specified in the configuration file. Comma-separated multiple ciphers can't be specified.
    • privileged_EXEC_mode_password— the password for the enable mode. This is a mandatory for ASA-type devices but not required for router type devices.
  4. Run the following command to execute the discovery script:
    /usr/local/bluecat/discovery.pl discovery_config.txt output.json
    Where:
    • discovery_config.txt—the configuration file.
    • output.json—the name of the format output file.