NetAudit

Log Files Copied

If you are encountering any issues with NetAudit, please view system logs in /var/log/opsview/opsview.log.

Error: Corrupt XML Copied

Opsview will attempt to filter out unwanted characters in data retrieved from hosts. However, if Opsview is still unable to process the data, the entire block of data will be saved to a file on the Orchestrator and a warning will be written to the opsview.log:

Oct  6 11:30:22 servername opsview.netaudit.netauditdata : [WARNING] Corrupt XML detected; written to '/opt/opsview/netaudit/var/error_logs/netaudit.1665055822560851432.xml': not well-formed (invalid token): line 57, column 5

By default the file is stored within /opt/opsview/netaudit/var/error_logs - this can be overridden using the error_directory field in /opt/opsview/netaudit/etc/netaudit.yaml, see NetAudit configuration.

Added a new host, but there was no SVN entry created Copied

When an Apply Changes occurs, Opsview Monitor will generate a list of all the hosts that have RANCID enabled. However, if the websvn repository doesn’t show the host, check whether ‘opsview-netaudit’ service is running or not with opsview-monit:

# /opt/opsview/watchdog/bin/opsview-monit -B summary | grep netaudit
 opsview-netaudit                 Running                     Process

Host appears in WebSVN, but it is empty Copied

The flow of data for NetAudit is:

If your host file is listed in WebSVN (NetAudit page) under ‘rancid’ repository but it is empty, it might be because the NetAudit Collector hasn’t run yet since it runs every 4 hours. You can run NetAudit Collector manually by connecting NetAudit Collector and run the following command as ‘opsview’ user:

[opsview]% /opt/opsview/netauditcollector/bin/run_rancid_collect
Starting at Thu Nov  8 12:07:14 UTC 2018
Created lockfile /opt/opsview/netauditcollector/var/collect/lock/run_rancid_collect.lock
NetAudit Collection Done. Number of collections: 1 Number of publishes: 1
Finished at Thu Nov  8 12:07:31 UTC 2018

NetAudit Hosts missing from WebSVN Copied

Ensure that you have the necessary permissions to view the host in NetAudit. For more information about access control, see Users and Roles.

To view a host in NetAudit, you must configure the setting in either of the following tabs in the Users and Roles section of the Configuration menu.

Where are the rancid configuration files? Copied

Has the router configuration reached SVN? Copied

Check /opt/opsview/netaudit/var/svn/ on NetAudit master. The information in the file should be in Subversion. You can run an svn status to compare with the Subversion repository.

SVN shows the file, but WebSVN shows a blank file Copied

This could be due to enscript. In /opt/opsview/repository/include/config.php, make sure the following line is uncommented (e.g. doesn’t have # at the beginning):

$config->useEnscript() If websvn now shows the router configuration, then there is probably an issue with enscript software.

Where are the latest files? Copied

On the NetAudit master, in /opt/opsview/netaudit/var/svn/ will be all the latest versions of the RANCID router output files.

NetAudit tab test connection Copied

This simulates running the code to test the NetAudit connection with credentials:

su - opsview
cd /opt/opsview/netauditcollector/bin
./run_check_rancid_connection -t cisco -H <host_ip> -u <username> -p "<password>" -c telnet

Change ‘cisco’ with your vendor type, and ’telnet’ with your connection method. You can add “-A” option at the end if you are using RANCID “autoenable” feature.

NetAudit is installed but NetAudit page and menus are not visible in Opsview Web UI Copied

NetAudit postinstall script might not have been run properly. You can run it manually as below as root user:

[root]% /opt/opsview/netaudit/installer/postinstall_root

No matching cypher type found Copied

When testing a connection you may see this error:

spawn ssh -c 3des -x -L <username> <ipaddress> Unable to negotiate with <ip> port 22: no matching cypher found.

This means that the SSH protocol is unable to agree on a common cypher between the Collector and the network device, and in the preceding error, the 3des is not available on the device. To amend the cypher used, you can edit /opt/opsview/netaudit/var/cloginrc_local on the Orchestrator with the following line:

add cyphertype <hostname_in_opsview> <cypher>

where <hostname_in_opsview> is the configured hostname (as seen in the error) and <cypher> is an available option on the network device. You can list available cypher on the Collector by running ssh -Q cipher to pick one that both sides can use.

This change is distributed to all Collectors when an Apply Changes is performed in the UI.

["Opsview On-Premises"] ["Troubleshooting", "User Guide"]

Was this topic helpful?