====== IPAM: IP Address Management ======
{{indexmenu_n>13}}
We are working on the translation of the Pandora FMS documentation. Sorry for any inconvenience.
===== Introduction =====
With the IPAM extension you can manage the IP addresses of the networks in charge, discover the hosts in a subnet and detect their changes in availability (whether they respond to **ping** command or not) or host name (obtained by DNS). Additionally, it can detect your operating system.
IP address management is independent of whether or not you have [[:en:documentation:pandorafms:monitoring:02_operations|Software Agents]] installed on those machines or a [[:en:documentation:pandorafms:monitoring:03_remote_monitoring|Agent with remote monitors]] about that IP. You can optionally "associate" an Agent to the IP address and manage that IP address, but it does not affect the monitoring you are performing on it.
===== IP address detection =====
You can configure a network (using a network and a netmask) to perform address recognition from time to time or only do it manually. This mechanism uses the [[:en:documentation:pandorafms:monitoring:17_discovery_2#netscan|Recon Server (NetScan)]], but manages it automatically.
* For correct operation it is important that you make sure you have the **xprobe** and **fping** packages installed; see the documentation on [[:en:documentation:pandorafms:installation:01_installing|installing Pandora FMS]] for more details on this.
* Operating system detection is always approximate and based on **xprobe**. For greater accuracy in the results use **nmap**.
* Detection in virtual environments is difficult because the hypervisor used must forward the packets exactly and correctly to the hosted device (virtual machine).
* On **Ubuntu server 22** this PFMS IPAM feature is still in the experimental phase.
===== IP addresses with Agents installed =====
After being created in the IPAM control panel, the first time the network is detected Pandora FMS will search for the IP addresses of that network. If it detects that the IP address is operational, it will manage it. If it does not respond to the **ping** command, it will leave it as unmanaged. Any managed IP address that changes state (stops responding to **ping**) will generate an event in the system. You can manually manage those IP addresses you want, editing them to give them an alias or hostname, a description or even force your operating system.
It requires special mention that when IPAM detects an IP address that has a Software Agent installed and has that IP address assigned, it allows it to be explicitly identified.
===== Views =====
==== Sites ====
Note that deleting a root site or subnode with another subnode(s) will break the entire related chain.
**Management** menu → **Admin tools** → **IPAM** → **Sites** tab.
It allows you to edit network sites (by clicking on name, **Name** column), delete with the corresponding trash icon and create new network sites with the **Create** button.
To create a new network location, type the name, by default the **Parent** field will be unselected, indicating that it is a root site. If it is a node, select either a root site or another node. Press the **Create** button again to save the new network site. The editing process is similar but uses the **Update** button.
If you repeat a name (case-insensitive) it will be duly indicated when saving or updating a record.
==== Network locations ====
**Management** menu → **Admin tools** → **IPAM** → **Network locations** tab.
Allows you to edit network locations (click on name, **Name** column), delete with the corresponding trash icon (or multiple delete by selecting each line and then pressing the **Delete** button) and create new network locations with the **Create.** button
To create a new network location, type the name and press the **Create** button again. The editing process is similar but uses the **Update** button.
* If you repeat a name (case-insensitive) it will be duly indicated when saving or updating a record.
* To know the identifier of each location, place the pointer over the name of the location and look at the last number of the link.
==== Operation view ====
**Management** menu → **Admin tools** → **IPAM** → **Operation view** tab.
Allows you to view the created networks, view their IP addresses, modify or delete them.arlas.
By clicking on each of the elements in the first **Network** column or on its corresponding icon in the **Action** column you will be able to enter the **Addresses view** ([[: in:documentation:pandorafms:monitoring:11_ipam#address_view|Address view]]); To delete click on the trash icon located in the same column.
You can search by text in the **Search** field (by name, CIDR network address or description) and/or by [[:en:documentation:pandorafms:monitoring:11_ipam#network_locations|network location]] (**Location **) and/or by [[:en:documentation:pandorafms:monitoring:11_ipam#sites|network site]] (**Site**) and/or by [[:en:documentation:pandorafms:monitoring:11_ipam#vlan_ipam|network virtual]] (**Vlan**) and then press the **Search** button to refine the results.
=== Creating an IPAM network ===
* Operating system detection is always approximate and based on **xprobe**. For greater accuracy in the results use **nmap**.
* On Ubuntu server 22 this PFMS IPAM feature is still in the experimental phase.
* It is accessed through the menu **Management** → **Admin tools** → **IPAM**. To create a new network click on the **Create** button and fill in the following fields:
* **Network**: Network in IP address/mask (CIDR) format.
* **Discovery server**: Server in charge of this task.
If you need to assign this task to a [[:en:documentation:pandorafms:complex_environments_and_optimization:05_satellite#ipam_task|Satellite server]], select the value ''None''.
* **Lightweight mode**: Much faster network exploration without performing hostname or operating system detection of the detected hosts.
* **Group**: Target group for monitoring agent.
* **Scan interval**: Time period (in days) for automatic checking. Set zero if you want to do it manually.
* **Operator users**: [[:en:documentation:pandorafms:monitoring:11_ipam#acl_de_usuarios|Network operator users]]. Only users of type [[:en:documentation:pandorafms:introduction:03_glossary#superadmin|superadmin]] or with Pandora Administrator (PM) rights can create or modify networks. See also [[:en:documentation:pandorafms:management_and_operation:11_managing_and_administration#acl_enterprise_system|ACL Enterprise]].
* Press the **Create** button again to save the network.
Once you have created an IPAM network, using the **Addresses view** icon you will have access to the [[:en:documentation:pandorafms:monitoring:11_ipam#edition_view|Edit view]], [[:en:documentation:pandorafms:monitoring: 11_ipam#address_view|Address view]] and [[:en:documentation:pandorafms:monitoring:11_ipam#mask_operations_view|Mass operations view]].
=== Import via CSV file ===
Starting with version NG 758, this information can be imported from values files separated by commas ( ''.csv'' format). The order is as follows:
network,network name,description,location(ID),group(ID),monitoring(0 or 1),lightweight mode(0 or 1),scan interval(days),recon server(ID)
==== Address View ====
The operation and management of subnet addresses are separated into two types of views: [[:en:documentation:pandorafms:monitoring:11_ipam#edition_view|editing view]] and icon view.
With this view you get information about the subnet, including statistics on the percentage and number of addresses used (marked as managed). You can also export the list to a comma-separated (CSV) format that you can open with any spreadsheet program for editing. The IP addresses will be displayed in the form of an icon, and you can choose between two sizes: small (by default) and large.
^Managed ^^|
^Settings ^Host alive ^Host not responding |
|No agent assigned Events disabled |{{ :wiki:green_host.png }} |{{ :wiki:red_host.png }} |
|With agent assigned Events disabled |{{ :wiki:green_host_agent.png }} |{{ :wiki:red_host_agent.png }} |
|No agent assigned Events triggered |{{ :wiki:green_host_alert.png }} |{{ :wiki:red_host_alert.png }} |
|With agent assigned Events activated |{{ :wiki:green_host_agent_alert.png }} |{{ :wiki:red_host_agent_alert.png }} |
^Unmanaged ^^|
^Settings ^Host alive ^Host not responding |
|Regardless of the configuration, if the host is unmanaged it will only differentiate between if it is alive and not responding |{{ :wiki:green_host_dotted.png }} |{{ :wiki:not_host.png }} |
Each IP address has a link at the bottom right to edit it, if you have sufficient privileges. If you click on the main icon, a modal window will open with all the information of the IP address, including Agent and associated operating system, configuration, etc. and you can also **ping** that address.
The ping is done from the machine where the Pandora FMS Console is installed.
==== Edit View ====
If you have sufficient permissions you will be able to access the edit view, where the IP addresses will appear as a list. You can filter to show the desired addresses, make changes to them and update all at once.
Some fields are automatically populated by the recognition script, such as the hostname, the associated Pandora FMS Agent, and the operating system. You can define these fields as manual and edit them.
^Switching between manual and automatic ^|
|Manual {{ :wiki:manual.png }} |With this symbol the field will not be updated from the recognition script and we can edit it by hand. By clicking we will change to automatic mode. |
|Auto-matic {{ :wiki:automatic.png }} |With this symbol the field will be updated from the recognition script. By clicking we will change to manual mode. |
Fields marked as manual will not be updated by the recognition script.
Other fields that you can modify are:
* Activate events for an address: When the availability of these addresses changes (stops responding or responds again) or their name changes, an event will be generated. When an address is created the first time, it will always raise an event.
* Mark an address as managed: These addresses will be the ones that we recognize as assigned on our network. You can filter the IP addresses to only show those marked as managed.
* Disable: Disabled IP addresses will not be checked by the handshake script.
==== Bulk Operations View ====
**Management** menu → **Admin tools** → **IPAM** → **Operation view** tab → click on **Addresses view** of each item → **Massive operations**.
There is an option to manage IP addresses in bulk, helping the user to manage large groups of IP addresses.
==== Filters ====
In the **Manage addresses** and **Addresses view** views, **Filter options** option, you can sort by IP addresses, Hostname and by the last time they were checked.
It is also possible to filter by a free string which will search for substrings in the IP address, Hostname or Comments. Activating the checkbox next to the search box will perform an **exact** search by IP address.
* By default unresponsive hosts are not shown, but can be enabled.
* You can also display only IP addresses that you have marked as managed.
===== Subnet Calculator =====
IPAM includes a tool to calculate IPV4 and IPv6 subnets.
In this tool you can, from an IP address and the mask of the network to which it belongs, obtain information about said subnet:
* Network (Address/Bitmask).
* Netmask.
* The Wildcard mask.
* The network address.
* The Broadcast address.
* First valid IP address.
* Last valid IP address.
* Number of IP addresses on the network.
These fields are given in address format (decimal for IPv4 and hexadecimal for IPv6) and in binary format.
===== Creation of reconnaissance tasks and Discovery server =====
The IPAM module uses the **Net Scan** system of **Discovery server**. The IPAM type tasks that you see in the Discovery Task Lists are created by the IPAM handshake task and you should not manually create or delete IPAM handshake tasks.
For more information on how to run a reconnaissance, see the [[:en:documentation:pandorafms:monitoring:17_discovery_2#netscan|Discovery]] section.
===== IPAM VLAN =====
**Management** menu → **Admin tools** → **IPAM** → **Vlan config** tab → **New Vlan**.
To create a new VLAN, a unique name must be entered as a requirement and a description as an option.
For NG versions 758 to 760, this information can be imported from CSV files in this order:
VLAN network, VLAN description
From version NG 761 onwards:
VLAN network, VLAN description, VLAN custom ID
Once created, it can be consulted from the list of created VLANs, where the following information is shown**:**
* **Name**: VLAN name.
* **Description**: VLAN description.
* **Networks**: Networks assigned to VLAN: If no network is assigned, displays the message "Not assigned networks".
Operations:
{{:wiki:icon_config.png?21x21 }}Update VLAN data.
{{:wiki:icon_trash.png?21x21 }}Delete VLAN: If a VLAN is deleted, a confirmation message will be displayed.
{{:wiki:icon_statistics.png?21x21 }}Statistics: Link to the VLAN statistics view.
{{:wiki:icon_plus.png?21x21 }}Addnetworks to VLAN.
* **If there are available networks:** A selector like the one shown below will appear, where you can select one or more networks.
* **If there are no available networks:** An informational message will appear.
A network can **only** belong to one VLAN.
==== IPAM Vlan Statistics ====
To obtain information about a VLAN, there is a view that shows its statistics.
{{ :wiki:pfms-management-admin_tools-ipam-vlan_config-show_statistics.png }}
These statistics can be exported in CSV and XLS format.
==== Wizard IPAM Vlan ====
**Management** menu → **Admin tools** → **IPAM** → **Vlan wizard** tab.
This view allows you to create a VLAN over SNMP. In order to execute the SNMP query, it is mandatory to enter address, community and version. Once entered, a list will be displayed with all the VLANs available for that address. If the VLAN has not been created, a check box will appear to select it for subsequent creation, adding data such as description, address and its interfaces.
===== IPAM Supernet =====
**Management** menu → **Admin tools** → **IPAM** → **Supernet config** tab → **New supernet**.
* **Supernet**: This name field is required and must be unique.
* **Address**: Initial IP address. Obligatory field.
* **Mask**: Network mask. Obligatory field.
Starting with version NG 758, this information can be imported from CSV files in this order:
name, description, address, mask, subnetting mask
Once created, it can be consulted from the list of created supernets, operations:
* {{:wiki:icon_config.png}} Update supernet data.
* {{:wiki:icon_trash.png}} Remove supernet.
* {{:wiki:icon_statistics.png}} Link to the statistics view.
* {{:wiki:icon_plus.png}} Add networks to Superred.
* **If there are available networks:** A selector like the one shown below will appear, where you can select one or more networks.
* A new network can be created from the selector using the **Next network** option. If a subnet mask has been added, the next available network will be selected by default.
* **If there are no available networks:** An informational message will appear.
It is important to know that a network cannot belong to two different supernets.
==== IPAM Supernet Map ====
**Management** menu → **Admin tools** → **IPAM** → **Supernet map** tab.
{{ :wiki:ipam88.png }}
Networks and supernets will be represented as nodes. The difference between the two is that supernets have a thicker edge.
Interior of each node:
* Network or supernet name.
* Percentage of occupation.
* Number of available IP addresses.
{{ :wiki:ipam_15.png }}
In the **Setup** of Pandora FMS, in the **Enterprise** part, the critical and warning thresholds can be configured, showing the nodes in red for critical and orange for warning.
==== Supernet treeview ====
**Management** menu → **Admin tools** → **IPAM** → **Supernet Treeview** tab.
The Supernet tree view shows all the supernets created in a simplified graphical way, clicking on the respective icon will show a pop-up window with additional information and the possibility of modifying said element in another tab of the web browser.
===== IPAM network usage monitoring =====
The new IPAM system allows the creation of reports, graphs, generation of alerts, etc. To do this, it will be necessary for the network you want to monitor to have the **Monitoring** option activated, as well as the group assignment option.
This will create an agent in Pandora FMS whose name will be **IPAM_**, whose Modules will have the following information:
* Total number of available IP addresses.
* Total number of free IP addresses (unassigned).
* Total number of occupied IP addresses (assigned, reserved).
* Total number of reserved IP addresses.
* Percentage of free IP addresses (free/available).
===== IPAM for DHCP Server =====
The tool [[https://pandorafms.com/library/ipam-dhcp-tool/|Pandora FMS IPAM DHCP]] provides DHCP Monitoring Modules for an MS Windows® DHCP server and complements the information displayed in the IPAM extension.
* A collection must be created in the Pandora FMS Console.
* The IPAM Agent tool is added to the collection and the collection is rebuilt.
* The collection is assigned to the Pandora FMS Agent of the Windows® DHCP server.
* The execution is recorded in the **Add-ons** tab in the Pandora FMS Agent administration:
%ProgramFiles%\pandora_agent\collections\ipam\ipam_agent_tool.exe
After a while, the file will be transferred to the Agent and run, providing the following modules:
* [network] DHCP usage.
* [network] DHCP IP addresses available.
* [network] DHCP free IP addresses.
* [network] DHCP assigned IP addresses.
* [network] DHCP reserved IP addresses.
The information provided in the IPAM extension is not overwritten if the destination IP addresses are in "managed" state.
[[:en:documentation:start|Return to Pandora FMS Documentation Index]]