Discovery Services

Discovery Services is a Data Analytics tool for Ivanti® Management Suite that helps you gather data about SNMP-enabled devices for which Management Suite has no agent, such as printers, switches, routers, and so on. You can also use Discovery Services to gather inventory data from WMI-enabled devices that you've chosen not to deploy the Ivanti agent to.

Discovery Services uses a scan configuration to connect to these devices, then gathers and stores the available inventory data in either the Asset Control database (for SNMP-enabled devices) or the inventory database (for WMI-enabled devices).

Once the scan configuration has run, you can view and query the resulting inventory data in either database, and use the licensed-software rules in Data Translation Services to convert the data into more meaningful information.

Discovery Services is also useful for gathering additional data that's not attainable with a normal network scan. For example, you can use a scan configuration, along with a Data Translation Services rule, to determine edition type and version for certain software products. For more information, see Product edition and version discovery.

About the Discovery Services view

When you open Discovery Services, a pane appears across the bottom of the Management Suite console. This pane consists of a tree structure that lists various folders.

The tree list contains these main folders:

  • Addresses: Shows the network addresses you want to scan to discover devices. These addresses can be found via an IP address range, UDD devices or groups, an Asset Control or Management Suite query, or Active Directory. If you scan for UDD or Asset Control devices, the IP addresses associated with these entries will be used.
  • Logins: Shows the login information Discovery Services needs to connect to and scan SNMP- or WMI-enabled devices. For SNMP connections, the minimum needed is the read community string, though additional information may be necessary depending on your environment. You may need to create multiple logins. For WMI connections, you need to configure a Windows login.
  • MIBs: Shows the data that may be available on your devices, used only for reference or for limiting the scope of data retrieved from the scan. While it's helpful to load MIBs that apply to your hardware, they're not necessary for retrieving the data or interpreting it.
  • WMI: Shows the scannable data that may be available on your WMI-enabled devices. Use WMI groups to limit the scope of data retrieved from the scan.
  • Remote Scanners: Shows devices that are remote scanners. Remote scanners offload the scanning process from the core server and are most useful for scanning subnets that are not accessible from the core. The Remote Scanners folder remains empty until you set up any number of devices as remote scanners.
  • Configurations: Shows the scan configurations you've created. After configuring addresses and logins and deploying remote scanners, you need to map them to each other to pull inventory data from devices.
  • Refresh: Refreshes the tree list.
  • Delete: Deletes an item from the tree list.
  • Settings: Enables you to define settings for threads and for duplicate record detection. Use the Threads tab to select how many addresses to scan for at once; ten is the recommended number. For information about the Duplicates tab, see Detecting duplicate inventory records.

Getting started

To use Discovery Services, you need to complete the following tasks. In the final task, you'll create a scan configuration that uses the information set up in the other tasks to pull data from UDD devices or other devices.

To discover unmanaged devices with Discovery Services, you must configure the network addresses you want to scan. These addresses can be found via an IP address range, UDD devices or groups, an Asset Control or Management Suite query, or Active Directory. If you scan for UDD or Asset Control devices, the IP addresses associated with these entries will be used.

You can configure as many addresses as you want and create groups of addresses as well. To update any of the addresses defined in the Addresses sub-folders, right-click Addresses and select Update network addresses.

To configure addresses to scan

  1. In the tree view, expand Addresses.
  2. Right-click All Addresses and select Add Address.
  3. Enter a name for the address configuration, then select one of the options below for the specific type of address you're adding:
    • IP Address Range: Enter a Start IP address. If you do not enter an End, Discovery Services will only scan the one address.
    • Asset Control query: Click the ellipsis (...) button to select a query from the list. These queries are created in the Asset Control view.
    • Windows domain: Enter a Server name, User, and Password. Select a Container and select Search subcontainers to search for addresses in those places.
    • UDD Device: Click the ellipsis (...) button to select a single device address from the inventory database.
    • UDD Group: From the drop-down list, select a UDD group to scan.
    • Management Suite query: From the drop-down list, select an existing Ivanti query.
  4. For Maximum time for retrieving data, the recommended time is 600 seconds.
  5. Click the OK button.

To connect to SNMP-enabled devices, at minimum you need the read community string, though additional information may be necessary depending on your environment. You may need to create multiple logins.

To configure SNMP login information
  1. Click Tools > Configuration > Credential Manager.
  2. In the tree, right-click SNMP credentials > Create SNMP credentials.
  3. Enter a Name for this login configuration.
  4. Enter the Community string (by default, this is public).
  5. Set the other options as necessary for your environment.
  6. Click the Save button.

To connect to WMI-enabled devices, you need to configure a Windows login.

To configure Windows (WMI) login information
  1. Click Tools > Configuration > Credential Manager.
  2. In the tree, right-click WMI credentials > Manage WMI credentials.
  3. Select the Add button.
  4. Enter a Name for this login configuration.
  5. Enter the User as <domain>\<login> for domain accounts or \<login> for local accounts.
  6. Enter the user's Password for this login.
  7. Click the Save button.

SNMP uses MIBs to define what data is stored and how that data is accessed. The data uses a "." notation (for example, 1.3.6.1.2.1.1.1) in the sysDescription field. The MIB tree that's visible in Discovery Services is used only for reference or for limiting the scope of information retrieved from the scan.

While it's helpful to load MIBs that apply to your hardware, if a MIB is not loaded, network scanning isn't affected. You can browse the tree to see what information may be available on your devices.

Use the MIBS folder right-click menu to load a MIB file, export the MIBs list to an .XML file, or import MIBs from an .XML file.

While there are literally thousands of different attributes defined in the standard MIBs, and many more that are specific to manufacturers and models, it's up to a manufacturer to decide what information is actually available on a particular device.

Discovery Services uses MIB groups, which are simply collections of OIDs, for scanning. You can create MIB groups and use them for different scans (for example, in a full scan one day but in a scan that only gathers toner information the next day). Configuring different MIB groups allows you to change the information that's scanned.

When you add an OID, the scanner will collect that OID and all OIDs that start with that number. For example, by entering 1.3.6.1.2.1.43, all items starting with that value will be scanned. However, 1.3.6.1.2.1.44 or any OID starting with a different value will not be scanned.

To create a MIB group and add OIDs
  1. In the tree view, expand MIBs, right-click MIB groups, and select Create group. Name the group.
  2. Add OIDs by right-clicking the group folder and selecting Add OID.
  3. In the Select MIB entries dialog, expand the available MIB entries to add an OID.
  4. Click the OK button. Repeat the procedure as necessary to build a collection of OIDs for this MIB group.

There are two main reasons to create a scan configuration for WMI-enabled devices:

  • When you've chosen not to deploy the Ivanti agent to these devices, yet you want inventory data about them.
  • When you want additional data that's not attainable with a normal network scan. For example, you can use a scan configuration, along with the Data Translation Services licensed-software rules, to determine the edition type of your software products, such as Microsoft SQL Server. For more information, see Product edition and version discovery.

In either case, after running the scan configuration, the resulting data will be added to the inventory database.

Use the right-click menus in the various WMI folders to create new WMI classes, change a namespace, add WMI items, and create new WMI groups. Before making changes to the WMI folder, you should have a working knowledge of WMI classes.

WMI groups contain the WMI items that you'll want the Discovery Services scan to find. From the WMI > WMI groups folder, you can view existing WMI groups and configure new ones. To populate a new WMI group, expand the WMI classes or WMI groups folder, select a WMI item, then drag and drop it into the new group folder you've created.

A remote scanner is a device that offloads the scanning process from the core server. It can run a complete network scan and is most useful for scanning subnets that are not accessible from the core.

Remote scanners receive the scan configurations (that you create in the final task below) from the core server and run them every 24 hours by default. For a device to be a remote scanner, it must have two agents deployed to it: the Ivanti agent and the Ivanti Data Analytics Discovery Services Remote Agent.

The Ivanti Data Analytics Discovery Services Remote Agent installs with Data Analytics as a distribution package and is available to deploy to devices from the Scheduled Tasks tool. For the agent to run successfully, devices must already be in the inventory database. You can deploy the agent to as many devices as needed.

In a scan configuration, if you assign a specific remote scanner to run, it will run the entire configuration. If you select Autodistribute by subnet, the scanner will run only the configurations that contain a subnet that the scanner is directly connected to. When the remote scanner receives the configuration, it will only scan directly connected networks; all other items in the configuration will be ignored.

While a remote scanner is run as a service, you can initiate it manually by running MANAGEDPLANET.DISCOVERYSERVICES.REMOTESCANNER.EXE /NOSERVICE from the installation directory.

Remote-scanner log files can be found be default in the C:\Program Files (x86)\LANDesk\Data Analytics\Discovery Services\ directory.

After completing the tasks above, you need to combine the information into a scan configuration that will pull data from UDD devices or other devices.

To create a scan configuation
  1. In the tree view, expand Configurations.
  2. Right-click All Configs and select Add Config.
  3. Enter a Name and Description for the configuration. For SNMP-enabled devices, select Use SNMP. Only select Add to database if responds to ping if you want to add every address to the database that responds to a ping. In most cases, you won't want to select this option. For WMI-enabled devices, select Use WMI.
  4. Select the addresses you want to add to this configuration by clicking the Add button and highlighting the addresses you want.
  5. Add logins to the configuration by clicking the Add button and highlighting the logins you want. The order of the logins in the list is the order the remote scanner will use when attempting to connect to the devices.
  6. For SNMP-enabled devices: Select specific OIDs or MIB groups to search for by clicking the Add button. If you don't add anything, the scanner will return all OIDs that the login has access to. The scan process can take a long time with large MIB databases, such as large routers or switches, but generally this will not cause a problem.

    For WMI-enabled devices: Select the WMI groups to search for by clicking the Add button. If you don't add anything, the scanner will return all groups that the login has access to.
  7. Select whether the configuration will be made available to remote scanners and which ones. If you select Autodistribute by subnet, the agent will only run configurations that contain a subnet that the scanner is directly connected to. The agent will also only run those subnets that are directly connected to the remote scanner.
  8. Click the Finish button.
To run a scan configuration immediately
  1. Right-click the configuration.
  2. Select Run now.

After running a configuration, new inventory data will appear in either the Asset Control view (for SNMP-enabled devices) or the Management Suite network view (for WMI-enabled devices).

Two files are created during the process—a log file, which lets you know if the configuration succeeded or failed and an .XML file, which contains the actual inventory data. By default, the files are located in these directories:

  • Log file—C:\Program Files (x86)\LANDesk\ManagementSuite\MP_Log. The filename will appear as Discovery - <configuration name> - <date><time>.log.
  • .XML file—C:\Program Files (x86)\LANDesk\ManagementSuite\MP_TEMP\DiscServ\Processed.
To schedule periodic scans using a configuration

It's important to scan devices periodically for any changes. You can automate this process by doing the following.

  1. Right-click the configuration and select Schedule.
  2. Name and configure the task. Click the Save button to add the task to the Scheduled Tasks tool in the Management Suite console.