Restricting interrogation of specific devices

Edit online

You can exclude specific devices from the discovery by specifying that after their initial detection those devices are not to be interrogated further for connectivity information.

About this task

In order to specify devices that must not be detected, you must append an OQL insert into the scope.detectionFilter table to the DiscoScope.cfg configuration file. There must only be one insert into the scope.detectionFilter table per protocol. Multiple conditions must be defined within a single insert.

Within the detectionFilter table you must specify:

The type of network protocol. Currently only IP is supported.
The filter condition(s). Only devices that pass this filter, that is, for which the filter evaluates true, are further investigated. If no filter is specified, all devices are passed through the detection filter.

A stitcher tests each discovered device against the filter condition in the scope.detectionFilter table, and the outcome of this test determines whether the device is discovered. Since the process flow of the discovery is fully configurable, you can configure this stitcher to act at any time during the discovery process. By default, the stitcher performs the conditional test on the device details returned by the Details agent. Your filter must therefore be based on the columns of the Details.returns table. The following examples show how you might configure the detection filter.

Attention: Multiple examples are shown for illustrative purposes only. In practice you must ensure that there is only one insert into the scope.detectionFilter table per protocol.

Example

Preventing the Interrogation of a Device Based on the IP Address

In this example only devices that do not have the IP address 10.10.63.234 are interrogated further.

insert into scope.detectionFilter
(
        m_Protocol, m_Filter                                    
)
values
(
        1,
        "( ( m_UniqueAddress <> '10.10.63.234' ) )"
);

Interrogation Restriction Based on Object ID

The following example shows how you would prevent the further interrogation of devices that match a given Object ID. The OQL not like clause indicates that only devices that pass the filter (that is, devices for which the OID is not like 1.3.6.1.4.1.*) are interrogated further.

insert into scope.detectionFilter
(
        m_Protocol,
        m_Filter
)
values
(
        1,
        "(
                ( m_ObjectId not like '1\.3\.6\.1\.4\.1\..*' )
        )"
);

The backslash must be used in the above insert to escape the ., which would otherwise be treated as a wildcard.

Combining Multiple Filter Conditions

The following example shows how you can combine filter conditions within a single OQL insert. This example ensures that only devices that do not have the specified OID and do not have the specified IP address are detected.

insert into scope.detectionFilter
(
        m_Protocol,
        m_Filter
)
values
(
        1,
        "(
                ( m_ObjectId not like '1\.3\.6\.1\.4\.1\..*' )
                AND
                ( m_UniqueAddress <> '10.10.63.234' )
        )"
);

Configuring the Filter Condition

Although you can configure the filter condition to test any of the columns in the Details.returns table, you may need to use the IP address as the basis for the filter if you need to restrict the detection of a particular device. If the device does not grant SNMP access to the Details agent, the Details agent may not be able to retrieve MIB variables such as the Object ID. However, you are guaranteed the return of at least the IP address when the device is detected.