# This is the main configuration file for Netdisco web and daemon apps
#
# DO NOT EDIT THIS FILE
#
# Overrides should go to ~/environments/deployment.yml
# See App::Netdisco::Manual::Configuration for explanations
# ----------------
# GENERAL SETTINGS
# ----------------
log: 'warning'
logger_format: '[%P] %U %L %m'
include_paths: []
# ------------
# WEB FRONTEND
# ------------
domain_suffix: ""
no_auth: false
suggest_guest: false
navbar_autocomplete: true
trust_remote_user: false
trust_x_remote_user: false
#ldap:
# servers: []
# user_string: 'MYDOMAIN\%USER%'
# base: ""
# proxy_user: ""
# proxy_pass: ""
# opts:
# debug: 3
# tls_opts: {}
path: '/'
web_plugins:
- Inventory
- Report::PortAdminDown
- Report::PortBlocking
- Report::PortMultiNodes
- Report::PortSsid
- Report::PortUtilization
- Report::ApChannelDist
- Report::ApClients
- Report::ApRadioChannelPower
- Report::HalfDuplex
- Report::DeviceAddrNoDNS
- Report::DeviceByLocation
- Report::DeviceDnsMismatch
- Report::DevicePoeStatus
- Report::DuplexMismatch
- Report::IpInventory
- Report::ModuleInventory
- Report::Netbios
- Report::NodeMultiIPs
- Report::NodeVendor
- Report::PhonesDiscovered
- Report::SsidInventory
- Report::VlanInventory
- Report::SubnetUtilization
- Report::PortLog
- AdminTask::JobQueue
- AdminTask::Topology
- AdminTask::PollerPerformance
- AdminTask::PseudoDevice
- AdminTask::SlowDevices
- AdminTask::UndiscoveredNeighbors
- AdminTask::OrphanedDevices
- AdminTask::UserLog
- AdminTask::Users
- Search::Device
- Search::Node
- Search::VLAN
- Search::Port
- Device::Details
- Device::Ports
- Device::Modules
- Device::Neighbors
- Device::Addresses
extra_web_plugins: []
jobqueue_refresh: 10
safe_password_store: true
reports: []
table_pagesize: 10
# -------------
# NETDISCO CORE
# -------------
# mibhome is discovered from environment
# mibdirs defaults to contents of mibhome
community: ['public']
community_rw: ['private']
snmp_auth: []
get_community: ""
bulkwalk_off: false
bulkwalk_no: []
bulkwalk_repeaters: 20
nonincreasing: false
snmpver: 3
snmptimeout: 3000000
snmpretries: 2
discover_no: []
discover_only: []
discover_no_type: []
discover_min_age: 0
macsuck_no: []
macsuck_only: []
macsuck_all_vlans: false
macsuck_no_unnamed: false
macsuck_no_vlan:
- 'fddi-default'
- 'token-ring-default'
- 'fddinet-default'
- 'trnet-default'
macsuck_no_devicevlan: []
macsuck_bleed: false
macsuck_min_age: 0
snmpforce_v1: []
snmpforce_v2: []
snmpforce_v3: []
arpnip_no: []
arpnip_only: []
arpnip_min_age: 0
nbtstat_no: []
nbtstat_only: []
nbtstat_max_age: 7
nbtstat_interval: 0.02
nbtstat_timeout: 1
expire_devices: 0
expire_nodes: 0
expire_nodes_archive: 0
store_wireless_clients: true
store_modules: true
ignore_interfaces:
- 'EOBC'
- 'unrouted VLAN(?: \d+)?'
- 'StackPort'
- 'Control Plane Interface'
- 'SPAN (S|R)P Interface'
- 'StackSub-.*'
- 'StackPort\d+'
- 'netflow'
- 'Vlan\d+-mpls layer'
- 'BRI\S+-Bearer Channel'
- 'BRI\S+-Physical'
- 'BRI\S+-Signalling'
- 'Embedded-Service-Engine\d+\/\d+'
- 'Virtual-Template\d+'
- 'Virtual-Access\d+'
- '(E|T)\d \d\/\d\/\d'
ignore_private_nets: false
reverse_sysname: false
vlanctl: true
portctl_nameonly: false
portctl_nophones: false
portctl_vlans: false
portctl_uplinks: false
check_userlog: true
port_control_reasons:
address: 'Address Allocation Abuse'
copyright: 'Copyright Violation'
dos: 'Denial of Service'
bandwidth: 'Excessive Bandwidth'
polling: 'Excessive Polling of DNS/DHCP/SNMP'
noserv: 'Not In Service'
exploit: 'Remote Exploit Possible'
compromised: 'System Compromised'
other: 'Other'
resolved: 'Issue Resolved'
# --------------
# BACKEND DAEMON
# --------------
workers:
tasks: 'AUTO * 2'
sleep_time: 1
queue: PostgreSQL
dns:
max_outstanding: 50
hosts_file: '/etc/hosts'
no: ['fe80::/64','169.254.0.0/16']
#schedule:
# discoverall:
# when: '5 7 * * *'
# macwalk:
# when:
# min: 20
# arpwalk:
# when:
# min: 50
# nbtwalk:
# when: '0 8,13,21 * * *'
# expire:
# when: '20 23 * * *'
job_prio:
high:
- location
- contact
- portcontrol
- portname
- vlan
- power
normal:
- discoverall
- discover
- arpwalk
- arpnip
- macwalk
- macsuck
- nbtwalk
- nbtstat
- expire
# ---------------
# GraphViz Export
# ---------------
graph:
# ---- Graph Settings ----
edge_color : wheat
graph : 'graph/netmap.gif'
graph_png : 'graph/netmap.png'
graph_bg : black
graph_clusters : false # try fdp layout
graph_color : white
graph_default : png
#graph_dir : net_dir.gif
graph_epsilon : 6
graph_layout : twopi # try neato or fdp too
graph_map : 'graph/netmap.map'
graph_overlap : scale
graph_nodesep : 2
graph_ranksep : .3
graph_raw : 'graph/graph_raw.dot'
graph_splines : false
graph_svg : 'graph/netmap.svg'
graph_timeout : 90
graph_x : 30
graph_y : 30
node_fillcolor : dimgrey
node_font : lucon
node_fontsize : 46.0
node_fontcolor : white
node_problem : red
node_shape : box
node_style : filled
#edge_style : setlinewidth(10)
# ---- Node Maps ----
# variable:matching pattern:node attribute:attribute value:key:key name
#node_map:
# - 'label:cat(?!-g):fillcolor:blue:cat:Blue Box - Catalyst Device'
# - 'label:-g:fillcolor:darkgreen:dev-g:Green Box - Gateway / Router'
# - 'ip:^192.168\.:color:yellow:dev:Yellow Border - ResNet'
# ---------------
# DANCER INTERNAL
# ---------------
charset: 'UTF-8'
warnings: false
show_errors: false
logger: 'console'
engines:
netdisco_template_toolkit:
encoding: 'utf8'
start_tag: '[%'
end_tag: '%]'
PRE_CHOMP: 1
INCLUDE_PATH: []
layout: 'main'
plugins:
Auth::Extensible:
no_api_change_warning: true
no_default_pages: true
no_login_handler: true
realms:
users:
provider: 'App::Netdisco::Web::Auth::Provider::DBIC'
schema_name: 'netdisco'
session: 'YAML'
template: 'netdisco_template_toolkit'
route_cache: true
appname: 'Netdisco'
behind_proxy: false