12 Replies Latest reply on Jun 11, 2019 1:40 AM by Bernard Stern

    List of exclude hosts

    Ana Lorite
      Share This:

      Hi all,


      I've created an exclude range with some IP address (physical server) that my customer doesn't want to discover due to different reason. This exclude range will grow. 


      For this exclude range, my customer wants a report that shows the hostname and the reason so they can query why a physical host is not discovered  on purpose.


      And I don't know how to do it.


      I've created a pattern with a table like this:


      table motivoHostFisicosExcluidos 1.0

         "db2pstm1" -> "Test Machine";

         "db2pstcf1" -> "IBM Management";

         default -> "Incluida";

      end table;


      And I thought to create an orphan detail node for every row in the motivoHostFisicosExcluidos but what would it be the trigger condition? The purpose would be to query that orphan details node (and create a report)


      I thought to use the Location node for this purpose but what will happen if my customer want to use Locations in a future?


      I thought to do something with the exclude range, something like search that exclude range and for every IP in the range field (a string), create a row in the report. But I don't know how to split that column or traverse it:

      search in '_System' ExcludeRange

      where name =  'My Excluded Physical Server'

      show BLABLABLA


      The ExcludeRange node doesn't have any relationship so I cannot traverse.


      The thing is: is it possible to create something like this??


      Very very very very grateful for your help.





        • 1. Re: List of exclude hosts
          Brian Morris

          Hey Ana,


          Maybe not the answer your looking for, but something simple that might be worth considering is to temporarily disable the exclude on those IP's and then do a sweep scan. This will get your report of the current system sitting at that IP, the projected OS, and if it's in DNS, the hostname. This sweep scan could be used to reconfirm the exclude list from time to time as well.




          • 2. Re: List of exclude hosts
            Andrew Waters

            This is not what happens. DNS is not queried unless doing a full scan. What you will get is the name of the device as it reports itself.


            Is this really a Discovery thing? If things change and you have exclusions you will not know about the change.

            • 3. Re: List of exclude hosts
              Brian Morris

              Oh yes, that's correct, thank you. Even getting the device's self-reported name is probably better than a static list maintained in Discovery though.

              • 4. Re: List of exclude hosts
                Bob Anderson



                I have some suggestions for this as I'm currently working on a very similar effort.


                I'll share some of my experience with this in a couple of days.


                For the most part, Discovery cannot properly determine a hostname without credentials.  So, put the responsibility for keeping this table of IPAddresses and Hostnames up to date on those persons who don't want their equipment scanned.  They need to provide an up-to-date list on a regular basis that you can either process with a pattern, or import as 'CSV'.




                2 of 2 people found this helpful
                • 5. Re: List of exclude hosts
                  Ana Lorite

                  Hi Brian,


                  Thanks for your answer. No, this is not what I need. But thanks for your time.


                  Andrew Waters Although my question is not a Discovery thing, my customer need to know what server won't be discovered and the reason why. I have this report for virtual hosts (creating a Detail node in the Software Instance) but for physical host is more complicated.


                  Thank you anyway!

                  • 6. Re: List of exclude hosts
                    Ana Lorite

                    OMG. I'm looking forward to hearing from you!


                    And I will think about your suggestion.


                    Thanks a million, Bob Anderson!!


                    Kindly regards.



                    • 7. Re: List of exclude hosts
                      Andrew Waters

                      Trying to represent the absence of something in Discovery seems rather obtuse.


                      How are you planning to even be able to see them?

                      • 8. Re: List of exclude hosts
                        Ana Lorite

                        Hi Andrew Waters


                        Probably it is obtuse , I'm sure it is, but i understand the necessity of my customer too. I am at both sides. They want to discover their state but X host. And they want to inventory this. It is a way to prove in a future that a host was not discovered because someone decided not to do it. You know what I mean?


                        As I said before, I have a report that shows a list of  <host>,<reason of exclusion> in virtual hosts. I created a pattern with a table.


                        For physical servers is completely different. And complicated. I don't know how to create a model with this information because I don't want how to trigger it.


                        I will continue thinking about it.


                        Thanks, Andrew!!!

                        • 9. Re: List of exclude hosts
                          Andrew Waters

                          If it is just a static report why does it even need to be in Discovery?

                          • 10. Re: List of exclude hosts
                            Ana Lorite

                            Yes, it could be but... a static report? How can I write a static query/report?



                            • 11. Re: List of exclude hosts
                              Andrew Waters

                              In that it will only report what you import so there is no dynamic information. You already have all the information because you needed to effectively import it.

                              2 of 2 people found this helpful
                              • 12. Re: List of exclude hosts
                                Bernard Stern

                                If that static list is kept short, then it might work. However, in any larger infrastructure, I believe there are many endpoints that you are not allowed to scan and this approach would be very difficult to maintain. At my company, we are getting the IP addresses to scan in the form of a daily CSV containing among other the network range to scan, and a boolean flag saying to scan that range or not (eg. we are not allowd to scan some subnets due to security or confidentiality reasons). In this case the information you are seeking can be derived from that CSV file. So I would rather not "upload" this part in ADDM via a TPL module but work on the source which in my case is the CSV.

                                My 2 cents!



                                2 of 2 people found this helpful