IPAM: IP Address Management

Management → IPAM menu.

With the IPAM extension you can manage the IP addresses of the networks in charge, discover the hosts in a subnet and detect their changes in availability (whether they respond to ping command or not) or host name (obtained by DNS). Additionally, it can detect your operating system.

IP address management is independent of whether or not you have Software Agents installed on those machines or a Agent with remote monitors about that IP address. You can optionally “associate” an Agent to the IP address and manage that IP address, but it does not affect the monitoring you are performing on it.

You can configure a network (using a network and a netmask) to perform address recognition from time to time or only do it manually. This mechanism uses the Recon Server (NetScan), but manages it automatically.

After being created in the IPAM control panel, the first time the network is detected Pandora FMS will search for the IP addresses of that network. If it detects that the IP address is operational, it will manage it. If it does not respond to the ping command, it will leave it as unmanaged. Any managed IP address that changes state (stops responding to ping) will generate an event in the system. You can manually manage those IP addresses you want, editing them to give them an alias or hostname, a description or even force your operating system.

It requires special mention that when IPAM detects an IP address that has a Software Agent installed and has that IP address assigned, it allows it to be explicitly identified.

Management → IPAM → Sites menu.

It allows you to edit network sites (by clicking on name, Name column), delete with the corresponding trash icon and create new network sites with the Create button.

To create a new network location, type the name, by default the Parent field will be unselected, indicating that it is a root site. If it is a node, select either a root site or another node. Press the Create button again to save the new network site. The editing process is similar but uses the Update button.

Management → IPAM → Network locations menu.

Allows you to edit network locations (click on name, Name column), delete with the corresponding trash icon (or multiple delete by selecting each line and then pressing the Delete button) and create new network locations with the Create. button

To create a new network location, type the name and press the Create button again. The editing process is similar but uses the Update button.

Management → IPAM → Operation view menu.

Allows you to view the networks created, view their IP addresses, modify or delete them.

Clicking on each of the items in the first column Network or on its corresponding icon in the Action column will take you to the Addresses view option (Addresses view); to delete, click on the trash can icon in the same column.

You can search by text in the Search field (by name, CIDR network address or description) and/or by network location (Location) and/or by network site (Site) and/or by virtual network (Vlan) and then click the Search button to refine the results.

• It is accessed through the menu Management → IPAM → Operation view. To create a new network click on the Create button and fill in the following fields:
  • Network: Network in IP address/mask (CIDR) format.
  • Discovery server: Server in charge of this task.

• Lightweight mode: Much faster network exploration without performing hostname or operating system detection of the detected hosts.
• Group: Target group for monitoring agent.
• Scan interval: Time period (in days) for automatic checking. Set zero if you want to do it manually.
• Operator users: Network operator users. Only users of type superadmin or with Pandora Administrator rights (PM) can create or modify the networks.
• Press the Create button again to save the network.

Starting with version NG 758, this information may be imported from values files separated by commas ( .csv format). The order is as follows:

network,network name,description,location(ID),group(ID),monitoring(0 or 1),lightweight mode(0 or 1),scan interval(days),recon server(ID)

The operation and management of subnet addresses are separated into two types of views: editing view and icon view.

With this view you get information about the subnet, including statistics on the percentage and number of addresses used (marked as managed). You can also export the list to a comma-separated (CSV) format that you can open with any spreadsheet program for editing. The IP addresses will be displayed in the form of an icon, and you can choose between two sizes: small (by default) and large.

Managed
Settings	Host alive	Host not responding
No agent assigned Events disabled
With agent assigned Events disabled
No agent assigned Events triggered
With agent assigned Events activated
Unmanaged
Settings	Host alive	Host not responding
Regardless of the configuration, if the host is unmanaged it will only differentiate between if it is alive and not responding

Each IP address has a link at the bottom right to edit it, if you have sufficient privileges. If you click on the main icon, a modal window will open with all the information of the IP address, including Agent and associated operating system, configuration, etc. and you can also ping that address.

If you have sufficient permissions you will be able to access the edit view, where the IP addresses will appear as a list. You can filter to show the desired addresses, make changes to them and update all at once.

Some fields are automatically populated by the recognition script, such as the hostname, the associated Pandora FMS Agent, and the operating system. You can define these fields as manual and edit them.

Switching between manual and automatic
Manual	With this symbol the field will not be updated from the recognition script and we can edit it by hand. By clicking we will change to automatic mode.
Auto-matic	With this symbol the field will be updated from the recognition script. By clicking we will change to manual mode.

Other fields that you can modify are:

• Activate events for an address: When the availability of these addresses changes (stops responding or responds again) or their name changes, an event will be generated. When an address is created the first time, it will always raise an event.
• Mark an address as managed: These addresses will be the ones that we recognize as assigned on our network. You can filter the IP addresses to only show those marked as managed.
• Disable: Disabled IP addresses will not be checked by the handshake script.

Management → IPAM → Operation view menu, click on Addresses view of each item, click on Massive operations tab.

Once you have created a Network(internal link), and performed your first scan (internal link), you will have a list of IP addresses that were collected. You will be able to select several of them in this list.

On the right side of the selected IP addresses you can check whether:

• They will generate events.
• They are administered.
• They are reserved.
• They are enabled.

A commentary may also be included if necessary.

Finally, click Update and in one step all selected IP addresses will be modified.

In the Manage addresses and Addresses view views, Filter options option, you may sort by IP addresses, Hostname and by the last time they were checked.

It is also possible to filter by a free string which will search for substrings in the IP address, Hostname or Comments. Activating the checkbox next to the search box will perform an exact search by IP address.

Management → IPAM → Subnetworks calculator menu.

IPAM includes a tool to calculate IPv4 and IPv6 subnets.

In this tool you may, from an IP address and the mask of the network to which it belongs, obtain information about said subnet:

• Network (Address/Bitmask).
• Netmask.
• The Wildcard mask.
• The network address.
• The Broadcast address.
• First valid IP address.
• Last valid IP address.
• Number of IP addresses on the network.

The IPAM module uses the Net Scan system of Discovery server. The IPAM type tasks that you see in the Discovery Task Lists are created by the IPAM handshake task and you should not manually create or delete IPAM handshake tasks.

For more information on how to run a reconnaissance, see the Discovery section.

Management → IPAM → Vlan config menu, New Vlan button.

To create a new VLAN, a unique name must be entered as a requirement and a description as an option.

From version NG 761 onwards you can import such information from CSV files in this order:

VLAN network, VLAN description, VLAN custom ID

Once created, it can be consulted from the list of created VLANs, where the following information is shown:

• Name: VLAN name.
• Description: VLAN description.
• Networks: Networks assigned to VLAN: If no network is assigned, displays the message “Not assigned networks”.

Operations:

Update VLAN data.

Delete VLAN: If a VLAN is deleted, a confirmation message will be displayed.

Statistics: Link to the VLAN statistics view.

Addnetworks to VLAN.

• If there are available networks: A selector like the one shown below will appear, where you can select one or more networks.
• If there are no available networks: An informational message will appear.

To obtain information about a VLAN, there is a view that shows its statistics.

These statistics can be exported in CSV and XLS format.

Management → IPAM → Vlan wizard menu.

This view allows you to create a VLAN over SNMP. In order to execute the SNMP query, it is mandatory to enter address, community and version. Once entered, a list will be displayed with all the VLANs available for that address. If the VLAN has not been created, a check box will appear to select it for subsequent creation, adding data such as description, address and its interfaces.

Management → IPAM → Supernet config menu, New supernet button.

• Supernet: This name field is required and must be unique.
• Address: Initial IP address. Obligatory field.
• Mask: Network mask. Obligatory field.

name, description, address, mask, subnetting mask

Once created, it can be consulted from the list of created supernets, operations:

• Update supernet data.
• Remove supernet.
• Link to the statistics view.
• Add networks to Superred.
• If there are available networks: A selector like the one shown below will appear, where you can select one or more networks.
  • A new network can be created from the selector using the Next network option. If a subnet mask has been added, the next available network will be selected by default.
• If there are no available networks: An informational message will appear.

Management → IPAM → Supernet map mnu.

Networks and supernets will be represented as nodes. The difference between the two is that supernets have a thicker edge.

Interior of each node:

• Network or supernet name.
• Percentage of occupation.
• Number of available IP addresses.

Management → IPAM → Supernet Treeview menu.

The Supernet tree view shows all the supernets created in a simplified graphical way, clicking on the respective icon will show a pop-up window with additional information and the possibility of modifying said element in another tab of the web browser.

The new IPAM system allows the creation of reports, graphs, generation of alerts, etc. To do this, it will be necessary for the network you want to monitor to have the Monitoring option activated, as well as the group assignment option.

This will create an agent in Pandora FMS whose name will be IPAM_<network name>, whose Modules will have the following information:

• Total number of available IP addresses.
• Total number of free IP addresses (unassigned).
• Total number of occupied IP addresses (assigned, reserved).
• Total number of reserved IP addresses.
• Percentage of free IP addresses (free/available).

The tool Pandora FMS IPAM DHCP provides DHCP Monitoring Modules for an MS Windows® DHCP server and complements the information displayed in the IPAM extension.

• A collection must be created in the Pandora FMS Console.
• The IPAM Agent tool is added to the collection and the collection is rebuilt.
• The collection is assigned to the Pandora FMS Agent of the Windows® DHCP server.
• The execution is recorded in the Add-ons tab in the Pandora FMS Agent administration:

%ProgramFiles%\pandora_agent\collections\ipam\ipam_agent_tool.exe

After a while, the file will be transferred to the Agent and run, providing the following modules:

• [network] DHCP usage.
• [network] DHCP IP addresses available.
• [network] DHCP free IP addresses.
• [network] DHCP assigned IP addresses.
• [network] DHCP reserved IP addresses.

Return to Pandora FMS Documentation Index