Refine Scan Rules
When reusing scan rules from a similar sub role, typical approaches include:
Replace enterprise OID part. In most cases, you can adapt existing rules to detect similar devices of a different brand simply by changing the enterprise part of the MIB OID.
Management protocols such as SNMP provide a reliable means to access device manangement information. Most role definitions check or test for the presence of:
- Enterprise part. Identifies the manufacturer as indicated by the enterprise object identifier (OID) authorized by IANA.
- Module identifier. Identifies the SNMPv2 MIB module to be accessed.
: If the default role/sub role you picked to clone is a good starting point, in most cases you can re-use the module identifier (and scan rules using them)
The following example illustrates how to edit the enterprise part of an OID to return information for Liebert devices (lcUpsIdentManufacturer=476) rather than APC (lcUpsIdentManufacturer=318) UPS devices.
Re-use SNMP module identifiers. OIDs that identify device types (NICs, printers, UPS's) or software protocol stacks (HTTP, OSPF, IP), can be re-used if you are extending a role to find similar devices of a different brand or vendor.
Module identifiers are non-negative numbers that indicate the type of protocol or equipment and, therefore, the SNMP MIB management information that is available to WhatsUp Gold. So, unlike enterprise OIDs that are company or "enterprise" specific, the OIDs that identify device types (NICs, printers, UPS's) or software protocol stacks (HTTP, OSPF, IP), are shared and can be re-used.
Check logic within and between rule groups. When you copy a Default role, understand that by design they are generalized and use quick and simple 'match-any' evaluation (any one rule in a group can nominate the role). When you add scan rules that are more specific (let's say for a specific device brand), you will need to adjust your rule groups.
As you create custom monitors, compare and check evaluation logic to those used in Default roles. Make adjustments where needed.
The following infographic contrasts scan rules from a Default UPS with scan rules adapted for a Custom role.
|
Rule Meanings
|
Result Observed when Rule is True...
|
|
A Default UPS sub role scan-rule group that matches on any device detected with a populated SNMP v2 UPS module OR any device that satisfies the discovery criteria for the default functional category of "UPS."
|
The device will be identified as a UPS and have basic monitoring enabled. If the device is an APC brand, the APC-specific monitors (which happen to be part of the default role's monitoring list) will be applied.
|
|
A Default UPS sub role rule that checks for an enterprise MIB object with the value "318" (the vendor ID for APC).
|
The device will be identified as an APC brand UPS and have both basic and vendor specific monitoring applied.
|
|
Custom UPS sub role scan rules chained together by Boolean AND operators (match-all-rules). Checks first that SNMP MIB module for UPS exists on the device, then checks for the vendor ID that identifies the device as Liebert ("476").
|
The device will be identified as a Liebert brand UPS and have both basic and vendor-specific monitoring applied.
|
Create a Custom Device Role