Collecting inventory data from servers, network devices, and workstations across your company is a challenging task. Initially, this process requires installing agents on every computer. However, there are common obstacles. Perhaps internal policies prevent agents from being installed on all servers, or there’s no centralized installation method. Sometimes, networks are isolated, making it impossible to connect to your GLPI server, or you might simply need to collect data remotely from your network.
Additionally, consider the scenario where data collection is necessary from network devices and printers. This is where the GLPI Agent becomes invaluable. Since its 1.6 version, the GLPI Agent includes a Toolbox plugin. This plugin significantly expands your capabilities, allowing for network discovery and inventory of network devices using SNMP. It also facilitates remote data collection of hosts: Windows through WinRM, Linux via SSH, and ESXi.
The beauty of the GLPI Agent lies in its versatility – all these functions are integrated into a single agent, simplifying what was once a complex and multifaceted task.
All you need before starting is:
- At least 1 device with the GLPI Agent 1.6 or above installed and with access to the networks you need to scan
- The GLPI Agent Toolbox plugin activated
- The list of IP Ranges from the network you want to scan and collect data from
a. If you have many VLANs or want to segment the scans between tasks, you can separate the ranges following your company policies
4. The list of SSH, WinRM and SNMP credentials with administration permissions
The toolbox is not intended to be installed on insecure networks.
- Activate the basic authentication
- Set the trusted IP networks or hosts authorized to access the toolbox
- Activate SSL on the agent
- Take good care of the yaml file that is created during the configuration
After we’ve gathered all this information, You can follow these steps contained in the video below:
- Activate the GLPI Agent Toolbox plugin
- Activate the navigation bar menus
a. You will need just the 4 menus that are on the documentation:
iii. IP Ranges
3. Create the IP ranges you want to discover and inventory devices remotely
4. Register the SNMP credentials of your devices
5. Register the SSH credentials of your devices
6. Register the ESXi credentials – if you have them
7. Create the scheduling you want GLPI Agent to run – if you want to do it recurrently
a. Even if you want the task to be run just once, we must create a schedule to add to the task
8. Create an Inventory task
a. If you set a huge network, you need to be aware that more time will be needed for the agent to finish its job.
b. threads is the number of remote devices the task will query for at the same time.
i. This can be set higher to make more requests at the same time and keep the task running in a shorter time.
ii. The value must be reasonable, and the right value can depend on the resources allocated to the agent.
c. timeout is the number of seconds before the agent will decide a remote device is not responding.
i. On a local network with devices responding quickly, it can probably be set to 1 second.
ii. On devices located behind a far network or if devices can be overloaded, this may require a higher value.
iii. When have SSH authentication is included, 10s is better, so the agent can wait for the device to respond.
9. Run the task
a. If you activate the debug of the agent to the ID 2, which is the most complete debug mode, you will be able to watch each tentative of the agent to connect to each IP of the range.
In this scenario, we are collecting just information about SNMP equipments, and Linux instances using SSH. For this lab and video, we are not collecting Windows information, even though it is possible if you enable WinRM connections from the host containing the GLPI Agent Toolbox and registering a WinRM credential to the configuration of the agent.