4.1.9. Visibility for external IPs

ON Sensor can discover devices with IPs but without a MAC associated. In this case, we are going to see how to discover this devices without MAC address, that, are external devices located out of our network.

To do that, we need to first of all configure all the networks with its default gateway configured. Go to ON CMDB -> Networks.

To enable the discovery for the external devices, we need to set to true a logstash variable to permit sending MAC Discover polevals to the ON Core. This poleval will try to find the associated MAC for that device, but in this case, will not be possible.

The logstash variable to edit in /etc/default/opennac is the following:

• LOGSTASH_OUTPUT_MACDISCOVER: This parameter is used to enable the logstash MACDISCOVER polevals.

It is important to have in the Visibility Policy the plugins of Discover, UserDeviceProfiling, CheckHostDomain and OpenPorts correctly configured (It is not necessary to have all enabled and running for the use case).