IPAM: IP Address Management

Management → IPAM menu.

By means of the IPAM extension you may manage the IP addresses of the networks in charge, discover the hosts within a subnet and detect their availability changes (whether they respond to ping command or not) or host name (retrieved through DNS). Additionally, it can detect your operating system.

IP address management is independent of whether or not you have EndPoints installed on those machines or an Agent with remote monitors on that IP address. You may optionally “associate” an Agent to the IP address and manage that IP address, but it does not affect the monitoring you are performing on it.

You may configure a network (using a network and a netmask) to perform address recognition from time to time or only do it manually. This mechanism uses the Recon Server (NetScan), but manages it automatically.

After being created in the IPAM control panel, the first time the network is detected Pandora FMS will search for the IP addresses of that network. If it detects that the IP address is operational, it will manage it. If it does not respond to the ping command, it will leave it as unmanaged. Any managed IP address that changes state (stops responding to ping) will generate an event in the system. You may manually manage those IP addresses you want, editing them to give them an alias or hostname, a description or even force your operating system.

It is worth highlighting that when IPAM detects an IP address that has an EndPoint installed and has that IP address assigned, it allows it to be explicitly identified.

Management → IPAM → Sites menu.

It allows you to edit network sites (by clicking on name, Name column), delete with the corresponding trash icon and create new network sites through the Create button.

To create a new network location, type in the name, by default the Parent field will be unselected, indicating that it is a root site. If it is a node, select either a root site or another node. Click Create again to save the new network site. The editing process is similar but uses the Update button.

Management → IPAM → Network locations menu.

It allows you to edit network locations (click on name, Name column), delete with the corresponding trash icon (or bulk deletion by selecting each line and then clicking Delete) and create new network locations by clicking Create.

To create a new network location, type in the name and click Create. The editing process is similar but it uses the Update button.

Management → IPAM → Operation view menu.

It allows you to see the networks created, view their IP addresses, modify or delete them.

Clicking on each of the items on the first column Network or on its corresponding icon in the Action column will take you to the Addresses view option; to delete, click on the trash can icon on the same column.

You may search by text in the Search field (by name, CIDR network address or description) and/or by network location (Location) and/or by network site (Site) and/or by virtual network (Vlan) and then click Search to refine the results.

• It is accessed through menu Management → IPAM → Operation view. To create a new network, click Create and fill in the following fields:
  • Network: Network in IP address/mask (CIDR) format.
  • Discovery server: Server in charge of this task.

• Lightweight mode: Much faster network exploration without performing hostname or operating system detection of the detected hosts.
• Group: Target group for monitoring agent.
• Scan interval: Time period (in days) for automatic checking. Set zero if you wish to do it manually.
• Operator users: Network operator users. Only superadmin users or with Pandora Administrator rights (PM) may create or modify networks.
• Click Create again to save the network.

Starting with version NG 758, this information may be imported from value files separated by commas ( .csv format). The order is as follows:

network,network name,description,location(ID),group(ID),monitoring(0 or 1),lightweight mode(0 or 1),scan interval(days),recon server(ID)

Subnet address operation and management are separated into two types of views: editing view and icon view.

Through this view you get information about the subnet, including statistics on the percentage and number of addresses used (marked as managed). You may also export the list to a comma-separated (CSV) format that you may open with any spreadsheet program for editing. IP addresses will be displayed in the form of an icon, and you may choose between two sizes: small (by default) and large.

Managed
Settings	Host alive	Non-responding host
No EndPoint assigned Events disabled
With EndPoint assigned Events disabled
No EndPoint assigned Events triggered
With EndPoint assigned Events activated
Unmanaged
Settings	Host alive	Non-responding host
Regardless of the configuration, if the host is unmanaged it will only differentiate between if it is alive and not responding

Each IP address has a link at the bottom right to edit it, if you have the appropiate privileges. If you click on the main icon, a modal window will open with all the information of the IP address, including EndPoint and associated operating system, configuration, etc. and you may also ping that address.

If you have the appropriate permissions, you will be able to access the edit view, where the IP addresses will appear as a list. You may filter to show the desired addresses, make changes and update all at once.

Some fields are automatically filled in by the recognition script, such as the hostname, the associated Pandora FMS EndPoint, and the operating system. You may define these fields manually and edit them.

Switching between manual and automatic
Manual	This icon means the field will not be updated from the recognition script and you may edit it manually. By clicking you will change to automatic mode.
Auto-matic	This icon means the field will be updated from the recognition script. By clicking you will change it to manual mode.

Other fields that you may modify are:

• Activate events for an address: When address availability changes (it stops responding or responds again) or their name changes, an event will be generated. When an address is created the first time, it will always raise an event.
• Mark an address as managed: These addresses will be the ones you recognize as assigned on your network. You may filter the IP addresses to only show those marked as managed.
• Disable: Disabled IP addresses will not be checked by the handshake script.

Management → IPAM → Operation view menu, click on the Addresses view of each item, click on Massive operations tab.

Once you create a Network (internal link), and perform your first scan (internal link), you will have a list of IP addresses that were collected. You will be able to select several of them in this list.

On the right side of the selected IP addresses, you may check whether:

• They will generate events.
• They are managed.
• They are reserved.
• They are enabled.

A commentary may also be included if necessary.

Finally, click Update and in one step all selected IP addresses will be modified.

In the Manage addresses and Addresses view views, Filter options option, you may sort by IP addresses, Hostname and by the last time they were checked.

It is also possible to filter by a free string which will search for substrings in the IP address, Hostname or Comments. Enabling the checkbox next to the search box will perform an exact search by IP address.

Management → IPAM → Subnetworks calculator menu.

IPAM includes a tool to calculate IPv4 and IPv6 subnets.

With this tool, you may retrieve information about said subnet, from an IP address and the mask of the network it belongs to:

• Network (Address/Bitmask).
• Netmask.
• The Wildcard mask.
• The network address.
• The Broadcast address.
• First valid IP address.
• Last valid IP address.
• Number of IP addresses on the network.

The IPAM module uses the Net Scan system of Discovery server. The IPAM tasks that you see in Discovery Task Lists are created by the IPAM handshake task and you should not manually create or delete IPAM handshake tasks.

For more information on how to run a scan, see the Discovery section.

Management → IPAM → Vlan config menu, New Vlan button.

To create a new VLAN, a unique name must be entered as a requirement and a description as an option.

From version NG 761 onwards, you may import such information from CSV files in this order:

VLAN network, VLAN description, VLAN custom ID

Once created, it may be checked from the list of created VLAN, where the following information is shown:

• Name: VLAN name.
• Description: VLAN description.
• Networks: Networks assigned to VLAN: If no network is assigned, it displays the message “Not assigned networks”.

Operations:

Update VLAN data.

Delete VLAN: If a VLAN is deleted, a confirmation message will be displayed.

Statistics: Link to the VLAN statistics view.

Add networks to VLAN.

• If there are available networks: A selector like the one shown below will appear, where you may select one or more networks.
• If there are no available networks: An informational message will appear.

To retrieve information about a VLAN, there is a view that shows its statistics.

These statistics may be exported in CSV and XLS format.

Management → IPAM → Vlan wizard menu.

This view allows you to create a VLAN over SNMP. In order to execute the SNMP query, it is required to enter address, community and version. Once entered, a list will be displayed with all the VLAN available for that address. If the VLAN has not been created, a check box will appear to select it for subsequent creation, adding data such as description, address and its interfaces.

Management → IPAM → Supernet config menu, New supernet button.

• Supernet: This name field is required and must be unique.
• Address: Initial IP address. Mandatory field.
• Mask: Network mask. Mandatory field.

name, description, address, mask, subnetting mask

Once created, it may be checked from the list of created supernets, operations:

• Update supernet data.
• Remove supernet.
• Link to the statistics view.
• Add networks to Supernet.
• If there are available networks: A selector like the one shown below will appear, where you may select one or more networks.
  • A new network may be created from the selector using the Next network option. If a subnet mask was added, the next available network will be selected by default.
• If there are no available networks: An informational message will appear.

Management → IPAM → Supernet map menu.

Networks and supernets will be represented as nodes. The difference between the two is that supernets have a thicker edge.

Interior of each node:

• Network or supernet name.
• Percentage of occupation.
• Number of available IP addresses.

Management → IPAM → Supernet Treeview menu.

The Supernet tree view shows all the supernets created in a simplified graphical way. Clicking on the corresponding icon will show a pop-up window with additional information and the possibility of modifying said element in another web browser tab.

The new IPAM system allows creating reports, graphs, alert generation, etc. To do this, it will be necessary for the network you wish to monitor to have the Monitoring option activated, as well as the group assignment option.

This will create an agent in Pandora FMS whose name will be IPAM_<network name>, whose Modules will have the following information:

• Total number of available IP addresses.
• Total number of free IP addresses (unassigned).
• Total number of occupied IP addresses (assigned, reserved).
• Total number of reserved IP addresses.
• Percentage of free IP addresses (free/available).

The tool Pandora FMS IPAM DHCP provides DHCP Monitoring Modules for an MS Windows® DHCP server and complements the information displayed in the IPAM extension.

• A collection must be created in Pandora FMS Console.
• The IPAM EndPoint tool is added to the collection and the collection is rebuilt.
• The collection is assigned to Pandora FMS EndPoint of the Windows® DHCP server.
• The execution is recorded in the Add-ons tab in Pandora FMS EndPoint management:

%ProgramFiles%\pandora_agent\collections\ipam\ipam_agent_tool.exe

After a while, the file will be transferred to the Agent and run, providing the following modules:

• [network] DHCP usage.
• [network] DHCP IP addresses available.
• [network] DHCP free IP addresses.
• [network] DHCP assigned IP addresses.
• [network] DHCP reserved IP addresses.

Return to Pandora FMS Documentation Index